diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
commit | 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch) | |
tree | cd70a267a5ef105ba32f200aa088e281fbd85747 /external/meta-openembedded/meta-oe/recipes-support/gd | |
parent | 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff) |
basesystem-jjsandbox/ToshikazuOhiwa/master-jj
recipes
Diffstat (limited to 'external/meta-openembedded/meta-oe/recipes-support/gd')
-rw-r--r-- | external/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-annotate.c-gdft.c-Replace-strncpy-with-memccpy-to-fi.patch | 46 | ||||
-rw-r--r-- | external/meta-openembedded/meta-oe/recipes-support/gd/gd/CVE-2018-1000222.patch | 82 | ||||
-rw-r--r-- | external/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb (renamed from external/meta-openembedded/meta-oe/recipes-support/gd/gd_2.2.5.bb) | 14 |
3 files changed, 8 insertions, 134 deletions
diff --git a/external/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-annotate.c-gdft.c-Replace-strncpy-with-memccpy-to-fi.patch b/external/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-annotate.c-gdft.c-Replace-strncpy-with-memccpy-to-fi.patch deleted file mode 100644 index c377b370..00000000 --- a/external/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-annotate.c-gdft.c-Replace-strncpy-with-memccpy-to-fi.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 85c7694a5cf34597909bdd1ca6931b0f99904c2e Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Tue, 19 Jun 2018 00:40:49 -0700 -Subject: [PATCH] annotate.c/gdft.c: Replace strncpy with memccpy to fix - -Wstringop-truncation. - -Fixed for gcc8: -git/src/gdft.c:1699:2: error: 'strncpy' output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation] - -Upstream-Status: Submitted [https://github.com/libgd/libgd/pull/442] - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - src/annotate.c | 2 +- - src/gdft.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/annotate.c b/src/annotate.c -index 00aaf49..17df813 100644 ---- a/src/annotate.c -+++ b/src/annotate.c -@@ -104,7 +104,7 @@ int main(int argc, char *argv[]) - fprintf(stderr, "Font maximum length is 1024, %d given\n", font_len); - goto badLine; - } -- strncpy(font, st, font_len); -+ memcpy(font, st, font_len); - } - } else if(!strcmp(st, "align")) { - char *st = strtok(0, " \t\r\n"); -diff --git a/src/gdft.c b/src/gdft.c -index 9fa8295..81dbe41 100644 ---- a/src/gdft.c -+++ b/src/gdft.c -@@ -1696,7 +1696,7 @@ static char * font_path(char **fontpath, char *name_list) - gdFree(path); - return "could not alloc full list of fonts"; - } -- strncpy(fontlist, name_list, name_list_len); -+ memcpy(fontlist, name_list, name_list_len); - fontlist[name_list_len] = 0; - - /* --- -2.10.2 - diff --git a/external/meta-openembedded/meta-oe/recipes-support/gd/gd/CVE-2018-1000222.patch b/external/meta-openembedded/meta-oe/recipes-support/gd/gd/CVE-2018-1000222.patch deleted file mode 100644 index 25924d1a..00000000 --- a/external/meta-openembedded/meta-oe/recipes-support/gd/gd/CVE-2018-1000222.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 4b1e18a00ce7c4b7e6919c3b3109a034393b805a Mon Sep 17 00:00:00 2001 -From: Mike Frysinger <vapier@gentoo.org> -Date: Sat, 14 Jul 2018 13:54:08 -0400 -Subject: [PATCH] bmp: check return value in gdImageBmpPtr - -Closes #447. - -(cherry picked from commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5) - -Upstream-Status: Backport [https://github.com/libgd/libgd/commit/4b1e18a00ce7c4b7e6919c3b3109a034393b805a] -CVE: CVE-2018-1000222 -Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> ---- - src/gd_bmp.c | 17 ++++++++++++++--- - 1 file changed, 14 insertions(+), 3 deletions(-) - -diff --git a/src/gd_bmp.c b/src/gd_bmp.c -index ccafdcd..d625da1 100644 ---- a/src/gd_bmp.c -+++ b/src/gd_bmp.c -@@ -48,6 +48,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp - static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header); - static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info); - -+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression); -+ - #define BMP_DEBUG(s) - - static int gdBMPPutWord(gdIOCtx *out, int w) -@@ -88,8 +90,10 @@ BGD_DECLARE(void *) gdImageBmpPtr(gdImagePtr im, int *size, int compression) - void *rv; - gdIOCtx *out = gdNewDynamicCtx(2048, NULL); - if (out == NULL) return NULL; -- gdImageBmpCtx(im, out, compression); -- rv = gdDPExtractData(out, size); -+ if (!_gdImageBmpCtx(im, out, compression)) -+ rv = gdDPExtractData(out, size); -+ else -+ rv = NULL; - out->gd_free(out); - return rv; - } -@@ -142,6 +146,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression) - compression - whether to apply RLE or not. - */ - BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) -+{ -+ _gdImageBmpCtx(im, out, compression); -+} -+ -+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) - { - int bitmap_size = 0, info_size, total_size, padding; - int i, row, xpos, pixel; -@@ -149,6 +158,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) - unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL; - FILE *tmpfile_for_compression = NULL; - gdIOCtxPtr out_original = NULL; -+ int ret = 1; - - /* No compression if its true colour or we don't support seek */ - if (im->trueColor) { -@@ -326,6 +336,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) - out_original = NULL; - } - -+ ret = 0; - cleanup: - if (tmpfile_for_compression) { - #ifdef _WIN32 -@@ -339,7 +350,7 @@ cleanup: - if (out_original) { - out_original->gd_free(out_original); - } -- return; -+ return ret; - } - - static int compress_row(unsigned char *row, int length) --- -2.17.1 - diff --git a/external/meta-openembedded/meta-oe/recipes-support/gd/gd_2.2.5.bb b/external/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb index 548d2c57..eec8a05a 100644 --- a/external/meta-openembedded/meta-oe/recipes-support/gd/gd_2.2.5.bb +++ b/external/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb @@ -5,20 +5,18 @@ images, and flood fills, and to write out the result as a PNG or JPEG file. \ This is particularly useful in Web applications, where PNG and JPEG are two \ of the formats accepted for inline images by most browsers. Note that gd is not \ a paint program." -HOMEPAGE = "http://libgd.bitbucket.org/" +HOMEPAGE = "http://libgd.github.io/" SECTION = "libs" LICENSE = "GD" -LIC_FILES_CHKSUM = "file://COPYING;md5=07384b3aa2e0d39afca0d6c40286f545" +LIC_FILES_CHKSUM = "file://COPYING;md5=8e5bc8627b9494741c905d65238c66b7" DEPENDS = "freetype libpng jpeg zlib tiff" -SRC_URI = "git://github.com/libgd/libgd.git;branch=GD-2.2 \ - file://0001-annotate.c-gdft.c-Replace-strncpy-with-memccpy-to-fi.patch \ - file://CVE-2018-1000222.patch \ +SRC_URI = "git://github.com/libgd/libgd.git;branch=master \ " -SRCREV = "8255231b68889597d04d451a72438ab92a405aba" +SRCREV = "b079fa06223c3ab862c8f0eea58a968727971988" S = "${WORKDIR}/git" @@ -35,6 +33,8 @@ EXTRA_OECONF += " --disable-rpath \ EXTRA_OEMAKE = 'LDFLAGS="${LDFLAGS}"' +DEBUG_OPTIMIZATION_append = " -Wno-error=maybe-uninitialized" + do_install_append() { # cleanup buildpaths from gdlib.pc sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/gdlib.pc @@ -48,3 +48,5 @@ FILES_${PN}-tools = "${bindir}/*" PROVIDES += "${PN}-tools" RPROVIDES_${PN}-tools = "${PN}-tools" RDEPENDS_${PN}-tools = "perl perl-module-strict" + +CVE_PRODUCT = "libgd" |