From 73a84757832eef175ea2b082378277d546c8accc Mon Sep 17 00:00:00 2001 From: Andreas Sturmlechner Date: Sun, 30 Sep 2018 18:46:58 +0200 Subject: media-libs/exempi: Fix CVE-2018-12648 Bug: https://bugs.gentoo.org/659038 Signed-off-by: Andreas Sturmlechner Package-Manager: Portage-2.3.50, Repoman-2.3.11 --- media-libs/exempi/exempi-2.4.5-r1.ebuild | 58 ++++++++++++++++++++++ .../exempi/files/exempi-2.4.5-CVE-2018-12648.patch | 42 ++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 media-libs/exempi/exempi-2.4.5-r1.ebuild create mode 100644 media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch (limited to 'media-libs/exempi') diff --git a/media-libs/exempi/exempi-2.4.5-r1.ebuild b/media-libs/exempi/exempi-2.4.5-r1.ebuild new file mode 100644 index 000000000000..234df5a17a57 --- /dev/null +++ b/media-libs/exempi/exempi-2.4.5-r1.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools + +DESCRIPTION="Port of the Adobe XMP SDK to work on UNIX" +HOMEPAGE="https://libopenraw.freedesktop.org/wiki/Exempi" +SRC_URI="https://libopenraw.freedesktop.org/download/${P}.tar.gz" + +LICENSE="BSD" +SLOT="2/3" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="examples static-libs test" + +RDEPEND=" + >=dev-libs/expat-2:= + sys-libs/zlib + virtual/libiconv +" +DEPEND="${RDEPEND}" +BDEPEND=" + sys-devel/autoconf-archive + sys-devel/gettext + test? ( >=dev-libs/boost-1.48 ) +" + +PATCHES=( + "${FILESDIR}"/${PN}-2.4.2-iconv.patch + "${FILESDIR}"/${P}-CVE-2018-12648.patch +) + +src_prepare() { + default + cp /usr/share/gettext/config.rpath . || die + eautoreconf +} + +src_configure() { + # Valgrind detection is "disabled" due to bug #295875 + econf \ + $(use_enable static-libs static) \ + $(use_enable test unittest) \ + VALGRIND="" +} + +src_install() { + default + find "${D}" -name '*.la' -delete || die + + if use examples; then + emake -C samples/source distclean + rm samples/{,source,testfiles}/Makefile* || die + insinto /usr/share/doc/${PF}/examples + doins -r samples/* + fi +} diff --git a/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch b/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch new file mode 100644 index 000000000000..36f0d0734350 --- /dev/null +++ b/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch @@ -0,0 +1,42 @@ +From 8ed2f034705fd2d032c81383eee8208fd4eee0ac Mon Sep 17 00:00:00 2001 +From: Victor Rodriguez +Date: Sat, 18 Aug 2018 13:54:55 +0000 +Subject: [PATCH] Issue #9 - Fix null-pointer-dereference (CVE-2018-12648) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The WEBP::GetLE32 function in +XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a +NULL pointer dereference. + +https://bugs.freedesktop.org/show_bug.cgi?id=106981 +https://gitlab.freedesktop.org/libopenraw/exempi/issues/9 + +Signed-off-by: Victor Rodriguez +Signed-off-by: Hubert Figuière +--- + XMPFiles/source/FormatSupport/WEBP_Support.cpp | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +index ffaf220..4fe705b 100644 +--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp ++++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +@@ -160,9 +160,11 @@ bool VP8XChunk::xmp() + } + void VP8XChunk::xmp(bool hasXMP) + { +- XMP_Uns32 flags = GetLE32(&this->data[0]); +- flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT); +- PutLE32(&this->data[0], flags); ++ if (&this->data[0] != NULL) { ++ XMP_Uns32 flags = GetLE32(&this->data[0]); ++ flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT); ++ PutLE32(&this->data[0], flags); ++ } + } + + Container::Container(WEBP_MetaHandler* handler) : Chunk(NULL, handler) +-- +2.18.0 -- cgit v1.2.3-65-gdbad