diff options
author | Matthias Andree <mandree@FreeBSD.org> | 2019-12-29 12:20:56 +0000 |
---|---|---|
committer | Matthias Andree <mandree@FreeBSD.org> | 2019-12-29 12:20:56 +0000 |
commit | 5e7891fb4b96a569e0b29a3cbf2fb582a2382963 (patch) | |
tree | 709507895aecfdb633dec621fbb04eefa0f0493e /graphics/openexr/files/patch-IlmImf_ImfScanLineInputFile.cpp | |
parent | 86ea81d303c1e57ca1ce9978029f0e23a0aafafd (diff) | |
download | ports-5e7891fb4b96a569e0b29a3cbf2fb582a2382963.tar.gz ports-5e7891fb4b96a569e0b29a3cbf2fb582a2382963.zip |
MFH: r521275
graphics/ilmbase,openexr: fix vulnerabilities
Uses backported patches from upstream Git repository, without the
exr2aces parts, and regenerates all openexr patches from scratch.
The openexr part looks heaviweight because it regenerates all patches.
Security: e4d9dffb-2a32-11ea-9693-e1b3f6feec79
Security: CVE-2018-18443
Security: CVE-2018-18444
Approved by: ports-secteam@ (blanket, adding security patches)
Notes
Notes:
svn path=/branches/2019Q4/; revision=521276
Diffstat (limited to 'graphics/openexr/files/patch-IlmImf_ImfScanLineInputFile.cpp')
-rw-r--r-- | graphics/openexr/files/patch-IlmImf_ImfScanLineInputFile.cpp | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/graphics/openexr/files/patch-IlmImf_ImfScanLineInputFile.cpp b/graphics/openexr/files/patch-IlmImf_ImfScanLineInputFile.cpp new file mode 100644 index 000000000000..20f30dcd6966 --- /dev/null +++ b/graphics/openexr/files/patch-IlmImf_ImfScanLineInputFile.cpp @@ -0,0 +1,52 @@ +--- IlmImf/ImfScanLineInputFile.cpp.orig 2018-08-10 01:34:58 UTC ++++ IlmImf/ImfScanLineInputFile.cpp +@@ -524,14 +524,14 @@ LineBufferTask::execute () + + if (_lineBuffer->uncompressedData == 0) + { +- int uncompressedSize = 0; ++ size_t uncompressedSize = 0; + int maxY = min (_lineBuffer->maxY, _ifd->maxY); + + for (int i = _lineBuffer->minY - _ifd->minY; + i <= maxY - _ifd->minY; + ++i) + { +- uncompressedSize += (int) _ifd->bytesPerLine[i]; ++ uncompressedSize += _ifd->bytesPerLine[i]; + } + + if (_lineBuffer->compressor && +@@ -628,11 +628,11 @@ LineBufferTask::execute () + // + + char *linePtr = slice.base + +- divp (y, slice.ySampling) * +- slice.yStride; ++ intptr_t( divp (y, slice.ySampling) ) * ++ intptr_t( slice.yStride ); + +- char *writePtr = linePtr + dMinX * slice.xStride; +- char *endPtr = linePtr + dMaxX * slice.xStride; ++ char *writePtr = linePtr + intptr_t( dMinX ) * intptr_t( slice.xStride ); ++ char *endPtr = linePtr + intptr_t( dMaxX ) * intptr_t( slice.xStride ); + + copyIntoFrameBuffer (readPtr, writePtr, endPtr, + slice.xStride, slice.fill, +@@ -838,14 +838,14 @@ LineBufferTaskIIF::execute() + + if (_lineBuffer->uncompressedData == 0) + { +- int uncompressedSize = 0; ++ size_t uncompressedSize = 0; + int maxY = min (_lineBuffer->maxY, _ifd->maxY); + + for (int i = _lineBuffer->minY - _ifd->minY; + i <= maxY - _ifd->minY; + ++i) + { +- uncompressedSize += (int) _ifd->bytesPerLine[i]; ++ uncompressedSize += _ifd->bytesPerLine[i]; + } + + if (_lineBuffer->compressor && |