diff options
Diffstat (limited to 'external/poky/meta/recipes-graphics/jpeg')
| -rw-r--r-- | external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch | 28 | ||||
| -rw-r--r-- | external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-wrongly-defined-define-HAVE_STDLIB.patch | 119 | ||||
| -rw-r--r-- | external/poky/meta/recipes-graphics/jpeg/files/CVE-2020-13790.patch | 76 | ||||
| -rw-r--r-- | external/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb (renamed from external/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.0.bb) | 12 |
4 files changed, 98 insertions, 137 deletions
diff --git a/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch b/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch index 44c2c768..82fffe1e 100644 --- a/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch +++ b/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-package_qa-error.patch @@ -1,4 +1,4 @@ -From 0a24f03a67425a7b58b3fd40d965c0c9801ae7a1 Mon Sep 17 00:00:00 2001 +From 5cf847b5bef8dc3f9f89bd09dd5af4e6603f393c Mon Sep 17 00:00:00 2001 From: Changqing Li <changqing.li@windriver.com> Date: Mon, 27 Aug 2018 16:10:55 +0800 Subject: [PATCH] libjpeg-turbo: fix package_qa error @@ -10,23 +10,23 @@ usr/bin/cjpeg contains probably-redundant RPATH /usr/lib Upstream-Status: Inappropriate[oe-specific] Signed-off-by: Changqing Li <changqing.li@windriver.com> +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> --- - CMakeLists.txt | 2 -- - 1 file changed, 2 deletions(-) + CMakeLists.txt | 4 ---- + 1 file changed, 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt -index 1719522..682cef1 100644 +index 2bc3458..ea3041e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -109,8 +109,6 @@ endif() +@@ -189,10 +189,6 @@ endif() + report_option(ENABLE_SHARED "Shared libraries") + report_option(ENABLE_STATIC "Static libraries") - include(cmakescripts/GNUInstallDirs.cmake) - --set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR}) +-if(ENABLE_SHARED) +- set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR}) +-endif() - - macro(report_directory var) - if(CMAKE_INSTALL_${var} STREQUAL CMAKE_INSTALL_FULL_${var}) - message(STATUS "CMAKE_INSTALL_${var} = ${CMAKE_INSTALL_${var}}") --- -2.7.4 - + if(WITH_12BIT) + set(WITH_ARITH_DEC 0) + set(WITH_ARITH_ENC 0) diff --git a/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-wrongly-defined-define-HAVE_STDLIB.patch b/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-wrongly-defined-define-HAVE_STDLIB.patch deleted file mode 100644 index 16767ebb..00000000 --- a/external/poky/meta/recipes-graphics/jpeg/files/0001-libjpeg-turbo-fix-wrongly-defined-define-HAVE_STDLIB.patch +++ /dev/null @@ -1,119 +0,0 @@ -From d301019d0f23d12b9666d3d88b0859067a4ade77 Mon Sep 17 00:00:00 2001 -From: Changqing Li <changqing.li@windriver.com> -Date: Thu, 30 Aug 2018 15:08:23 +0800 -Subject: [PATCH] libjpeg-turbo: fix wrongly defined define HAVE_STDLIB_H - -when change build system from autotools to cmake, below -part is replace wrongly: - -"#undef HAVE_STDLIB_H" -should be change to "#cmakedefine HAVE_STDLIB_H 1" -not "#cmakedefine HAVE_STDLIB_H" - -otherwise, even if stdlib.h is found, output file -of configure_file() will define like: #define HAVE_STDLIB_H -but we need it as #define HAVE_STDLIB_H 1, since for -different defination of HAVE_STDLIB_H will cause below error: -error: "HAVE_STDLIB_H" redefined [-Werror] - -Upstream-Status: Submitted[https://github.com/libjpeg-turbo/libjpeg-turbo/pull/275] - -Signed-off-by: Changqing Li <changqing.li@windriver.com> ---- - jconfig.h.in | 28 ++++++++++++++-------------- - jconfigint.h.in | 4 ++-- - 2 files changed, 16 insertions(+), 16 deletions(-) - -diff --git a/jconfig.h.in b/jconfig.h.in -index 2842754..18a69a4 100644 ---- a/jconfig.h.in -+++ b/jconfig.h.in -@@ -10,16 +10,16 @@ - #define LIBJPEG_TURBO_VERSION_NUMBER @LIBJPEG_TURBO_VERSION_NUMBER@ - - /* Support arithmetic encoding */ --#cmakedefine C_ARITH_CODING_SUPPORTED -+#cmakedefine C_ARITH_CODING_SUPPORTED 1 - - /* Support arithmetic decoding */ --#cmakedefine D_ARITH_CODING_SUPPORTED -+#cmakedefine D_ARITH_CODING_SUPPORTED 1 - - /* Support in-memory source/destination managers */ --#cmakedefine MEM_SRCDST_SUPPORTED -+#cmakedefine MEM_SRCDST_SUPPORTED 1 - - /* Use accelerated SIMD routines. */ --#cmakedefine WITH_SIMD -+#cmakedefine WITH_SIMD 1 - - /* - * Define BITS_IN_JSAMPLE as either -@@ -33,37 +33,37 @@ - #define BITS_IN_JSAMPLE @BITS_IN_JSAMPLE@ /* use 8 or 12 */ - - /* Define to 1 if you have the <locale.h> header file. */ --#cmakedefine HAVE_LOCALE_H -+#cmakedefine HAVE_LOCALE_H 1 - - /* Define to 1 if you have the <stddef.h> header file. */ --#cmakedefine HAVE_STDDEF_H -+#cmakedefine HAVE_STDDEF_H 1 - - /* Define to 1 if you have the <stdlib.h> header file. */ --#cmakedefine HAVE_STDLIB_H -+#cmakedefine HAVE_STDLIB_H 1 - - /* Define if you need to include <sys/types.h> to get size_t. */ --#cmakedefine NEED_SYS_TYPES_H -+#cmakedefine NEED_SYS_TYPES_H 1 - - /* Define if you have BSD-like bzero and bcopy in <strings.h> rather than - memset/memcpy in <string.h>. */ --#cmakedefine NEED_BSD_STRINGS -+#cmakedefine NEED_BSD_STRINGS 1 - - /* Define to 1 if the system has the type `unsigned char'. */ --#cmakedefine HAVE_UNSIGNED_CHAR -+#cmakedefine HAVE_UNSIGNED_CHAR 1 - - /* Define to 1 if the system has the type `unsigned short'. */ --#cmakedefine HAVE_UNSIGNED_SHORT -+#cmakedefine HAVE_UNSIGNED_SHORT 1 - - /* Compiler does not support pointers to undefined structures. */ --#cmakedefine INCOMPLETE_TYPES_BROKEN -+#cmakedefine INCOMPLETE_TYPES_BROKEN 1 - - /* Define if your (broken) compiler shifts signed values as if they were - unsigned. */ --#cmakedefine RIGHT_SHIFT_IS_UNSIGNED -+#cmakedefine RIGHT_SHIFT_IS_UNSIGNED 1 - - /* Define to 1 if type `char' is unsigned and you are not using gcc. */ - #ifndef __CHAR_UNSIGNED__ -- #cmakedefine __CHAR_UNSIGNED__ -+ #cmakedefine __CHAR_UNSIGNED__ 1 - #endif - - /* Define to empty if `const' does not conform to ANSI C. */ -diff --git a/jconfigint.h.in b/jconfigint.h.in -index 55df053..6c898ac 100644 ---- a/jconfigint.h.in -+++ b/jconfigint.h.in -@@ -17,10 +17,10 @@ - #define SIZEOF_SIZE_T @SIZE_T@ - - /* Define if your compiler has __builtin_ctzl() and sizeof(unsigned long) == sizeof(size_t). */ --#cmakedefine HAVE_BUILTIN_CTZL -+#cmakedefine HAVE_BUILTIN_CTZL 1 - - /* Define to 1 if you have the <intrin.h> header file. */ --#cmakedefine HAVE_INTRIN_H -+#cmakedefine HAVE_INTRIN_H 1 - - #if defined(_MSC_VER) && defined(HAVE_INTRIN_H) - #if (SIZEOF_SIZE_T == 8) --- -2.7.4 - diff --git a/external/poky/meta/recipes-graphics/jpeg/files/CVE-2020-13790.patch b/external/poky/meta/recipes-graphics/jpeg/files/CVE-2020-13790.patch new file mode 100644 index 00000000..4617978b --- /dev/null +++ b/external/poky/meta/recipes-graphics/jpeg/files/CVE-2020-13790.patch @@ -0,0 +1,76 @@ +From 07caad7e0a9afb372e0608299fb3e832cc78495f Mon Sep 17 00:00:00 2001 +From: DRC <information@libjpeg-turbo.org> +Date: Tue, 2 Jun 2020 14:15:37 -0500 +Subject: [PATCH] rdppm.c: Fix buf overrun caused by bad binary PPM + +This extends the fix in 1e81b0c3ea26f4ea8f56de05367469333de64a9f to +include binary PPM files with maximum values < 255, thus preventing a +malformed binary PPM input file with those specifications from +triggering an overrun of the rescale array and potentially crashing +cjpeg, TJBench, or any program that uses the tjLoadImage() function. + +Fixes #433 + +Upstream-Status: Backport [https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a] +CVE: CVE-2020-13790 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> + +--- + ChangeLog.md | 14 ++++++++++---- + rdppm.c | 4 ++-- + 2 files changed, 12 insertions(+), 6 deletions(-) + +diff --git a/ChangeLog.md b/ChangeLog.md +index 4d1219e..af660ab 100644 +--- a/ChangeLog.md ++++ b/ChangeLog.md +@@ -38,6 +38,12 @@ this issue did not likely pose a security risk. + separate read-only data section rather than in the text section, to support + execute-only memory layouts. + ++3. Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg, ++TJBench, or the `tjLoadImage()` function if one of the values in a binary ++PPM/PGM input file exceeded the maximum value defined in the file's header and ++that maximum value was less than 255. libjpeg-turbo 1.5.0 already included a ++similar fix for binary PPM/PGM files with maximum values greater than 255. ++ + + 2.0.3 + ===== +@@ -562,10 +568,10 @@ application was linked against. + + 3. Fixed a couple of issues in the PPM reader that would cause buffer overruns + in cjpeg if one of the values in a binary PPM/PGM input file exceeded the +-maximum value defined in the file's header. libjpeg-turbo 1.4.2 already +-included a similar fix for ASCII PPM/PGM files. Note that these issues were +-not security bugs, since they were confined to the cjpeg program and did not +-affect any of the libjpeg-turbo libraries. ++maximum value defined in the file's header and that maximum value was greater ++than 255. libjpeg-turbo 1.4.2 already included a similar fix for ASCII PPM/PGM ++files. Note that these issues were not security bugs, since they were confined ++to the cjpeg program and did not affect any of the libjpeg-turbo libraries. + + 4. Fixed an issue whereby attempting to decompress a JPEG file with a corrupt + header using the `tjDecompressToYUV2()` function would cause the function to +diff --git a/rdppm.c b/rdppm.c +index 87bc330..a8507b9 100644 +--- a/rdppm.c ++++ b/rdppm.c +@@ -5,7 +5,7 @@ + * Copyright (C) 1991-1997, Thomas G. Lane. + * Modified 2009 by Bill Allombert, Guido Vollbeding. + * libjpeg-turbo Modifications: +- * Copyright (C) 2015-2017, D. R. Commander. ++ * Copyright (C) 2015-2017, 2020, D. R. Commander. + * For conditions of distribution and use, see the accompanying README.ijg + * file. + * +@@ -720,7 +720,7 @@ start_input_ppm(j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + /* On 16-bit-int machines we have to be careful of maxval = 65535 */ + source->rescale = (JSAMPLE *) + (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE, +- (size_t)(((long)maxval + 1L) * ++ (size_t)(((long)MAX(maxval, 255) + 1L) * + sizeof(JSAMPLE))); + half_maxval = maxval / 2; + for (val = 0; val <= (long)maxval; val++) { diff --git a/external/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.0.bb b/external/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb index 282bf95e..3005a8a7 100644 --- a/external/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.0.bb +++ b/external/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.0.4.bb @@ -12,10 +12,11 @@ DEPENDS_append_x86_class-target = " nasm-native" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \ file://0001-libjpeg-turbo-fix-package_qa-error.patch \ - file://0001-libjpeg-turbo-fix-wrongly-defined-define-HAVE_STDLIB.patch" + file://CVE-2020-13790.patch \ + " -SRC_URI[md5sum] = "b12a3fcf1d078db38410f27718a91b83" -SRC_URI[sha256sum] = "778876105d0d316203c928fd2a0374c8c01f755d0a00b12a1c8934aeccff8868" +SRC_URI[md5sum] = "d01d9e0c28c27bc0de9f4e2e8ff49855" +SRC_URI[sha256sum] = "33dd8547efd5543639e890efbf2ef52d5a21df81faf41bb940657af916a23406" UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/libjpeg-turbo/files/" UPSTREAM_CHECK_REGEX = "/libjpeg-turbo/files/(?P<pver>(\d+[\.\-_]*)+)/" @@ -29,8 +30,11 @@ RCONFLICTS_${PN} += "jpeg" inherit cmake pkgconfig +export NASMENV = "--debug-prefix-map=${WORKDIR}=/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR}" + # Add nasm-native dependency consistently for all build arches is hard EXTRA_OECMAKE_append_class-native = " -DWITH_SIMD=False" +EXTRA_OECMAKE_append_class-nativesdk = " -DWITH_SIMD=False" # Work around missing x32 ABI support EXTRA_OECMAKE_append_class-target = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", "-DWITH_SIMD=False", "", d)}" @@ -53,4 +57,4 @@ FILES_jpeg-tools = "${bindir}/*" DESCRIPTION_libturbojpeg = "A SIMD-accelerated JPEG codec which provides only TurboJPEG APIs" FILES_libturbojpeg = "${libdir}/libturbojpeg.so.*" -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" |