- Security patch for CVE-2015-5203

PR: 202697 Submitted by: wxl@bikefriday.com Reviewed y: Security: CVE-2015-5203
svn path=/head/; revision=395527
2025-06-04 20:36:30 -04:00 · 2015-08-29 06:19:53 +00:00 · 2015-08-29 06:19:53 +00:00 · 597f75856a · 2021-03-31 03:12:20 +00:00
commit 597f75856a
parent d7e9c62192
6 changed files with 178 additions and 7 deletions
--- a/graphics/jasper/Makefile
+++ b/graphics/jasper/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	jasper
 PORTVERSION=	1.900.1
-PORTREVISION=	14
+PORTREVISION=	15
 CATEGORIES=	graphics
 MASTER_SITES=	http://www.ece.uvic.ca/~mdadams/jasper/software/ \
 		ftp://ftp.imagemagick.org/pub/ImageMagick/delegates/
@ -13,7 +13,7 @@ COMMENT=	Implementation of the codec specified in the JPEG-2000 standard

 LICENSE=	MIT

-USES=		jpeg libtool:keepla zip
+USES=		zip libtool:keepla jpeg
 GNU_CONFIGURE=	yes
 CPPFLAGS+=	-I${LOCALBASE}/include
 LDFLAGS+=	-L${LOCALBASE}/lib
--- a/graphics/jasper/files/patch-jas_stream.c
+++ b/graphics/jasper/files/patch-jas_stream.c
@ -1,5 +1,23 @@
 --- src/libjasper/base/jas_stream.c.orig	2007-01-19 22:43:05.000000000 +0100
-+++ src/libjasper/base/jas_stream.c	2013-04-17 21:57:41.000000000 +0200
+++ src/libjasper/base/jas_stream.c	2015-08-29 08:07:01.000000000 +0200
+@@ -99,7 +99,7 @@
+ static void jas_stream_destroy(jas_stream_t *stream);
+ static jas_stream_t *jas_stream_create(void);
+ static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf,
+-  int bufsize);
+  size_t bufsize);
+ 
+ static int mem_read(jas_stream_obj_t *obj, char *buf, int cnt);
+ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt);
+@@ -168,7 +168,7 @@
+ 	return stream;
+ }
+ 
+-jas_stream_t *jas_stream_memopen(char *buf, int bufsize)
+jas_stream_t *jas_stream_memopen(char *buf, size_t bufsize)
+ {
+ 	jas_stream_t *stream;
+ 	jas_stream_memobj_t *obj;
@@ -361,15 +361,14 @@
 	}
 	obj->fd = -1;
@ -28,3 +46,30 @@
 	jas_stream_puts(stream, buf);
 	va_end(ap);
 	return ret;
+@@ -570,7 +569,7 @@
+ 	return 0;
+ }
+ 
+-char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
+char *jas_stream_gets(jas_stream_t *stream, char *buf, size_t bufsize)
+ {
+ 	int c;
+ 	char *bufptr;
+@@ -694,7 +693,7 @@
+ \******************************************************************************/
+ 
+ static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf,
+-  int bufsize)
+  size_t bufsize)
+ {
+ 	/* If this function is being called, the buffer should not have been
+ 	  initialized yet. */
+@@ -987,7 +986,7 @@
+ 	return cnt;
+ }
+ 
+-static int mem_resize(jas_stream_memobj_t *m, int bufsize)
+static int mem_resize(jas_stream_memobj_t *m, size_t bufsize)
+ {
+ 	unsigned char *buf;
+ 
--- a/graphics/jasper/files/patch-jas_stream.h
+++ b/graphics/jasper/files/patch-jas_stream.h
@ -0,0 +1,38 @@
+--- src/libjasper/include/jasper/jas_stream.h.orig	2007-01-19 22:43:04.000000000 +0100
+++ src/libjasper/include/jasper/jas_stream.h	2015-08-29 07:54:41.000000000 +0200
+@@ -215,7 +215,7 @@
+ 	uchar *bufstart_;
+ 
+ 	/* The buffer size. */
+-	int bufsize_;
+	size_t bufsize_;
+ 
+ 	/* The current position in the buffer. */
+ 	uchar *ptr_;
+@@ -267,7 +267,7 @@
+ 	uchar *buf_;
+ 
+ 	/* The allocated size of the buffer for holding file data. */
+-	int bufsize_;
+	size_t bufsize_;
+ 
+ 	/* The length of the file. */
+ 	int_fast32_t len_;
+@@ -291,7 +291,7 @@
+ jas_stream_t *jas_stream_fopen(const char *filename, const char *mode);
+ 
+ /* Open a memory buffer as a stream. */
+-jas_stream_t *jas_stream_memopen(char *buf, int bufsize);
+jas_stream_t *jas_stream_memopen(char *buf, size_t bufsize);
+ 
+ /* Open a file descriptor as a stream. */
+ jas_stream_t *jas_stream_fdopen(int fd, const char *mode);
+@@ -366,7 +366,7 @@
+ int jas_stream_puts(jas_stream_t *stream, const char *s);
+ 
+ /* Read a line of input from a stream. */
+-char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize);
+char *jas_stream_gets(jas_stream_t *stream, char *buf, size_t bufsize);
+ 
+ /* Look at the next character to be read from a stream without actually
+   removing it from the stream. */
--- a/graphics/jasper/files/patch-jas_types.h
+++ b/graphics/jasper/files/patch-jas_types.h
@ -1,5 +1,3 @@
-$FreeBSD: /tmp/pcvs/ports/graphics/jasper/files/patch-jas_types.h,v 1.1 2009-07-05 09:50:02 dinoex Exp $
-
 --- src/libjasper/include/jasper/jas_types.h	Sat Oct  4 12:57:58 2003
 +++ src/libjasper/include/jasper/jas_types.h	Wed Dec 17 10:29:46 2003
@@ -223,13 +223,13 @@
--- a/graphics/jasper/files/patch-jpc_qmfb.c
+++ b/graphics/jasper/files/patch-jpc_qmfb.c
@ -1,5 +1,14 @@
 --- src/libjasper/jpc/jpc_qmfb.c.orig	2007-01-19 22:43:07.000000000 +0100
-+++ src/libjasper/jpc/jpc_qmfb.c	2013-04-17 22:32:23.000000000 +0200
+++ src/libjasper/jpc/jpc_qmfb.c	2015-08-29 08:07:01.000000000 +0200
+@@ -305,7 +305,7 @@
+ void jpc_qmfb_split_row(jpc_fix_t *a, int numcols, int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numcols, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numcols, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
+ #else
@@ -321,7 +321,7 @@
 #if !defined(HAVE_VLA)
 	/* Get a buffer. */
@ -9,6 +18,15 @@
 			/* We have no choice but to commit suicide in this case. */
 			abort();
 		}
+@@ -373,7 +373,7 @@
+   int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numrows, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numrows, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
+ #else
@@ -389,7 +389,7 @@
 #if !defined(HAVE_VLA)
 	/* Get a buffer. */
@ -18,6 +36,15 @@
 			/* We have no choice but to commit suicide in this case. */
 			abort();
 		}
+@@ -441,7 +441,7 @@
+   int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numrows, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numrows, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE];
+ #else
@@ -460,7 +460,7 @@
 #if !defined(HAVE_VLA)
 	/* Get a buffer. */
@ -27,6 +54,15 @@
 			/* We have no choice but to commit suicide in this case. */
 			abort();
 		}
+@@ -530,7 +530,7 @@
+   int stride, int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numrows, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numrows, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE];
+ #else
@@ -549,7 +549,7 @@
 #if !defined(HAVE_VLA)
 	/* Get a buffer. */
@ -36,6 +72,15 @@
 			/* We have no choice but to commit suicide in this case. */
 			abort();
 		}
+@@ -618,7 +618,7 @@
+ void jpc_qmfb_join_row(jpc_fix_t *a, int numcols, int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numcols, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numcols, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
+ #else
@@ -633,7 +633,7 @@
 #if !defined(HAVE_VLA)
 	/* Allocate memory for the join buffer from the heap. */
@ -45,6 +90,15 @@
 			/* We have no choice but to commit suicide. */
 			abort();
 		}
+@@ -683,7 +683,7 @@
+   int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numrows, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numrows, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
+ #else
@@ -698,7 +698,7 @@
 #if !defined(HAVE_VLA)
 	/* Allocate memory for the join buffer from the heap. */
@ -54,6 +108,15 @@
 			/* We have no choice but to commit suicide. */
 			abort();
 		}
+@@ -748,7 +748,7 @@
+   int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numrows, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numrows, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE];
+ #else
@@ -766,7 +766,7 @@
 #if !defined(HAVE_VLA)
 	/* Allocate memory for the join buffer from the heap. */
@ -63,6 +126,15 @@
 			/* We have no choice but to commit suicide. */
 			abort();
 		}
+@@ -834,7 +834,7 @@
+   int stride, int parity)
+ {
+ 
+-	int bufsize = JPC_CEILDIVPOW2(numrows, 1);
+	size_t bufsize = JPC_CEILDIVPOW2(numrows, 1);
+ #if !defined(HAVE_VLA)
+ 	jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE];
+ #else
@@ -852,7 +852,7 @@
 #if !defined(HAVE_VLA)
 	/* Allocate memory for the join buffer from the heap. */
--- a/graphics/jasper/files/patch-mif_cod.c
+++ b/graphics/jasper/files/patch-mif_cod.c
@ -1,5 +1,14 @@
 --- src/libjasper/mif/mif_cod.c.orig	2007-01-19 22:43:05.000000000 +0100
-+++ src/libjasper/mif/mif_cod.c	2013-04-17 22:32:23.000000000 +0200
+++ src/libjasper/mif/mif_cod.c	2015-08-29 08:07:01.000000000 +0200
+@@ -107,7 +107,7 @@
+ static int mif_hdr_addcmpt(mif_hdr_t *hdr, int cmptno, mif_cmpt_t *cmpt);
+ static mif_cmpt_t *mif_cmpt_create(void);
+ static void mif_cmpt_destroy(mif_cmpt_t *cmpt);
+-static char *mif_getline(jas_stream_t *jas_stream, char *buf, int bufsize);
+static char *mif_getline(jas_stream_t *jas_stream, char *buf, size_t bufsize);
+ static int mif_getc(jas_stream_t *in);
+ static mif_hdr_t *mif_makehdrfromimage(jas_image_t *image);
+ 
@@ -438,8 +438,7 @@
 	int cmptno;
 	mif_cmpt_t **newcmpts;
@ -10,3 +19,12 @@
 	if (!newcmpts) {
 		return -1;
 	}
+@@ -658,7 +657,7 @@
+ * MIF parsing code.
+ \******************************************************************************/
+ 
+-static char *mif_getline(jas_stream_t *stream, char *buf, int bufsize)
+static char *mif_getline(jas_stream_t *stream, char *buf, size_t bufsize)
+ {
+ 	int c;
+ 	char *bufptr;