diff options
author | James Cook <falsifian@google.com> | 2014-12-21 14:36:29 -0800 |
---|---|---|
committer | James Cook <james.cook@utoronto.ca> | 2014-12-21 14:36:29 -0800 |
commit | 951ac10ae15bf53ea919802a8c3570518f34d86b (patch) | |
tree | 6406e4fea8fdc9d9a603821a254dba8bb4755480 /pkgs/development | |
parent | 90162e7dbd5b96f04e277e6d208c9a9940d818a9 (diff) | |
download | nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.tar nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.tar.gz nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.tar.bz2 nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.tar.lz nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.tar.xz nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.tar.zst nixlib-951ac10ae15bf53ea919802a8c3570518f34d86b.zip |
jasper: Patch for CVE-2014-8137 via RedHat.
Diffstat (limited to 'pkgs/development')
4 files changed, 66 insertions, 2 deletions
diff --git a/pkgs/development/libraries/jasper/default.nix b/pkgs/development/libraries/jasper/default.nix index fa332cc66d3c..38c53edb439b 100644 --- a/pkgs/development/libraries/jasper/default.nix +++ b/pkgs/development/libraries/jasper/default.nix @@ -8,7 +8,10 @@ stdenv.mkDerivation rec { sha256 = "154l7zk7yh3v8l2l6zm5s2alvd2fzkp6c9i18iajfbna5af5m43b"; }; - patches = [ ./jasper-CVE-2014-9029.diff ]; + patches = [ + ./jasper-CVE-2014-8137-variant2.diff ./jasper-CVE-2014-8137-noabort.diff + ./jasper-CVE-2014-9029.diff + ]; nativeBuildInputs = [unzip]; propagatedBuildInputs = [ libjpeg ]; diff --git a/pkgs/development/libraries/jasper/jasper-CVE-2014-8137-noabort.diff b/pkgs/development/libraries/jasper/jasper-CVE-2014-8137-noabort.diff new file mode 100644 index 000000000000..47b57d5c8098 --- /dev/null +++ b/pkgs/development/libraries/jasper/jasper-CVE-2014-8137-noabort.diff @@ -0,0 +1,16 @@ +From RedHat: https://bugzilla.redhat.com/attachment.cgi?id=967284&action=diff + +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:30:54.193209780 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:36:46.313217814 +0100 +@@ -291,7 +291,10 @@ jas_image_t *jp2_decode(jas_stream_t *in + case JP2_COLR_ICC: + iccprof = jas_iccprof_createfrombuf(dec->colr->data.colr.iccp, + dec->colr->data.colr.iccplen); +- assert(iccprof); ++ if (!iccprof) { ++ jas_eprintf("error: failed to parse ICC profile\n"); ++ goto error; ++ } + jas_iccprof_gethdr(iccprof, &icchdr); + jas_eprintf("ICC Profile CS %08x\n", icchdr.colorspc); + jas_image_setclrspc(dec->image, fromiccpcs(icchdr.colorspc)); diff --git a/pkgs/development/libraries/jasper/jasper-CVE-2014-8137-variant2.diff b/pkgs/development/libraries/jasper/jasper-CVE-2014-8137-variant2.diff new file mode 100644 index 000000000000..243300dd70ee --- /dev/null +++ b/pkgs/development/libraries/jasper/jasper-CVE-2014-8137-variant2.diff @@ -0,0 +1,45 @@ +From RedHat: https://bugzilla.redhat.com/attachment.cgi?id=967283&action=diff + +--- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c 2014-12-11 14:06:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2014-12-11 15:16:37.971272386 +0100 +@@ -1009,7 +1009,6 @@ static int jas_icccurv_input(jas_iccattr + return 0; + + error: +- jas_icccurv_destroy(attrval); + return -1; + } + +@@ -1127,7 +1126,6 @@ static int jas_icctxtdesc_input(jas_icca + #endif + return 0; + error: +- jas_icctxtdesc_destroy(attrval); + return -1; + } + +@@ -1206,8 +1204,6 @@ static int jas_icctxt_input(jas_iccattrv + goto error; + return 0; + error: +- if (txt->string) +- jas_free(txt->string); + return -1; + } + +@@ -1328,7 +1324,6 @@ static int jas_icclut8_input(jas_iccattr + goto error; + return 0; + error: +- jas_icclut8_destroy(attrval); + return -1; + } + +@@ -1497,7 +1492,6 @@ static int jas_icclut16_input(jas_iccatt + goto error; + return 0; + error: +- jas_icclut16_destroy(attrval); + return -1; + } + diff --git a/pkgs/development/libraries/jasper/jasper-CVE-2014-9029.diff b/pkgs/development/libraries/jasper/jasper-CVE-2014-9029.diff index aa01324dba72..01db7f03cdf8 100644 --- a/pkgs/development/libraries/jasper/jasper-CVE-2014-9029.diff +++ b/pkgs/development/libraries/jasper/jasper-CVE-2014-9029.diff @@ -1,4 +1,4 @@ -(From RedHat: https://bugzilla.redhat.com/attachment.cgi?id=961994&action=diff) +From RedHat: https://bugzilla.redhat.com/attachment.cgi?id=961994&action=diff --- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:45:44.000000000 +0100 +++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:44:58.000000000 +0100 |