gentoo resync : 31.12.2018

author: V3n3RiX <venerix@redcorelinux.org> 2018-12-31 13:43:35 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2018-12-31 13:43:35 +0000
commit: 2891d29af8907ce881662f4a02844926d7a293c7 (patch)
tree: 56979d96839d0827aa52008b81b746b4934d88df /media-libs/libextractor/files
parent: de49812990871e1705b64051c35161d5e6400269 (diff)
3 files changed, 215 insertions, 0 deletions
diff --git a/media-libs/libextractor/files/libextractor-1.8-CVE-2018-20430.patch b/media-libs/libextractor/files/libextractor-1.8-CVE-2018-20430.patch
new file mode 100644
index 000000000000..d0b5968606ba
--- /dev/null
+++ b/media-libs/libextractor/files/libextractor-1.8-CVE-2018-20430.patch
@@ -0,0 +1,49 @@
+From b405d707b36e0654900cba78e89f49779efea110 Mon Sep 17 00:00:00 2001
+From: Christian Grothoff <christian@grothoff.org>
+Date: Thu, 20 Dec 2018 22:47:53 +0100
+Subject: fix #5493 (out of bounds read)
+
+---
+ src/common/convert.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/common/convert.c b/src/common/convert.c
+index c0edf21..2be2108 100644
+--- a/src/common/convert.c
++++ b/src/common/convert.c
+@@ -36,8 +36,8 @@
+  *  string is returned.
+  */
+ char *
+-EXTRACTOR_common_convert_to_utf8 (const char *input, 
+-				  size_t len, 
++EXTRACTOR_common_convert_to_utf8 (const char *input,
++				  size_t len,
+ 				  const char *charset)
+ {
+ #if HAVE_ICONV
+@@ -52,7 +52,7 @@ EXTRACTOR_common_convert_to_utf8 (const char *input,
+   i = input;
+   cd = iconv_open ("UTF-8", charset);
+   if (cd == (iconv_t) - 1)
+-    return strdup (i);
++    return strndup (i, len);
+   if (len > 1024 * 1024)
+     {
+       iconv_close (cd);
+@@ -67,11 +67,11 @@ EXTRACTOR_common_convert_to_utf8 (const char *input,
+     }
+   itmp = tmp;
+   finSize = tmpSize;
+-  if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == SIZE_MAX)
++  if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == ((size_t) -1))
+     {
+       iconv_close (cd);
+       free (tmp);
+-      return strdup (i);
++      return strndup (i, len);
+     }
+   ret = malloc (tmpSize - finSize + 1);
+   if (ret == NULL)
+-- 
+cgit v1.1
diff --git a/media-libs/libextractor/files/libextractor-1.8-CVE-2018-20431.patch b/media-libs/libextractor/files/libextractor-1.8-CVE-2018-20431.patch
new file mode 100644
index 000000000000..2cd0448ba894
--- /dev/null
+++ b/media-libs/libextractor/files/libextractor-1.8-CVE-2018-20431.patch
@@ -0,0 +1,39 @@
+From 489c4a540bb2c4744471441425b8932b97a153e7 Mon Sep 17 00:00:00 2001
+From: Christian Grothoff <christian@grothoff.org>
+Date: Thu, 20 Dec 2018 23:02:28 +0100
+Subject: fix #5494
+
+---
+ ChangeLog                    | 3 ++-
+ src/plugins/ole2_extractor.c | 9 +++++++--
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/src/plugins/ole2_extractor.c b/src/plugins/ole2_extractor.c
+index 53fa1b9..a48b726 100644
+--- a/src/plugins/ole2_extractor.c
++++ b/src/plugins/ole2_extractor.c
+@@ -173,7 +173,7 @@ struct ProcContext
+   EXTRACTOR_MetaDataProcessor proc;
+ 
+   /**
+-   * Closure for 'proc'.
++   * Closure for @e proc.
+    */
+   void *proc_cls;
+ 
+@@ -213,7 +213,12 @@ process_metadata (gpointer key,
+ 
+   if (G_VALUE_TYPE(gval) == G_TYPE_STRING)
+     {
+-      contents = strdup (g_value_get_string (gval));
++      const char *gvals;
++
++      gvals = g_value_get_string (gval);
++      if (NULL == gvals)
++        return;
++      contents = strdup (gvals);
+     }
+   else
+     {
+-- 
+cgit v1.1
diff --git a/media-libs/libextractor/files/libextractor-1.8-exiv2-0.27.patch b/media-libs/libextractor/files/libextractor-1.8-exiv2-0.27.patch
new file mode 100644
index 000000000000..cfdb6426408d
--- /dev/null
+++ b/media-libs/libextractor/files/libextractor-1.8-exiv2-0.27.patch
@@ -0,0 +1,127 @@
+From bbe21db4bf8face03adf0efd2eb18540582cb5ba Mon Sep 17 00:00:00 2001
+From: Andreas Sturmlechner <andreas.sturmlechner@gmail.com>
+Date: Sun, 30 Dec 2018 00:46:57 +0100
+Subject: [PATCH] Fix build with exiv2-0.27
+
+---
+ src/plugins/exiv2_extractor.cc | 35 +++++++++++++++++++++++++++-------
+ 1 file changed, 28 insertions(+), 7 deletions(-)
+
+diff --git a/src/plugins/exiv2_extractor.cc b/src/plugins/exiv2_extractor.cc
+index 8741d40..ef402a8 100644
+--- a/src/plugins/exiv2_extractor.cc
++++ b/src/plugins/exiv2_extractor.cc
+@@ -27,10 +27,7 @@
+ #include <cassert>
+ #include <cstring>
+ #include <math.h>
+-#include <exiv2/exif.hpp>
+-#include <exiv2/error.hpp>
+-#include <exiv2/image.hpp>
+-#include <exiv2/futils.hpp>
++#include <exiv2/exiv2.hpp>
+ 
+ /**
+  * Enable debugging to get error messages.
+@@ -180,7 +177,7 @@ public:
+    *
+    * @return -1 on error
+    */
+-#if EXIV2_VERSION >= EXIV2_MAKE_VERSION(0,26,0)
++#if EXIV2_TEST_VERSION(0,26,0)
+   virtual size_t size (void) const;
+ #else
+   virtual long int size (void) const;
+@@ -316,7 +313,11 @@ ExtractorIO::getb ()
+   const unsigned char *r;
+ 
+   if (1 != ec->read (ec->cls, &data, 1))
++#if EXIV2_TEST_VERSION(0,27,0)
++    throw Exiv2::BasicError<char> (Exiv2::kerDecodeLangAltQualifierFailed);
++#else
+     throw Exiv2::BasicError<char> (42 /* error code */);
++#endif
+   r = (const unsigned char *) data;
+   return *r;
+ }
+@@ -371,7 +372,11 @@ ExtractorIO::putb (Exiv2::byte data)
+ void
+ ExtractorIO::transfer (Exiv2::BasicIo& src)
+ {
++#if EXIV2_TEST_VERSION(0,27,0)
++    throw Exiv2::BasicError<char> (Exiv2::kerDecodeLangAltQualifierFailed);
++#else
+   throw Exiv2::BasicError<char> (42 /* error code */);
++#endif
+ }
+ 
+ 
+@@ -416,7 +421,11 @@ ExtractorIO::seek (long offset,
+ Exiv2::byte *
+ ExtractorIO::mmap (bool isWritable)
+ {
++#if EXIV2_TEST_VERSION(0,27,0)
++    throw Exiv2::BasicError<char> (Exiv2::kerDecodeLangAltQualifierFailed);
++#else
+   throw Exiv2::BasicError<char> (42 /* error code */);
++#endif
+ }
+ 
+ 
+@@ -449,7 +458,7 @@ ExtractorIO::tell (void) const
+  *
+  * @return -1 on error
+  */
+-#if EXIV2_VERSION >= EXIV2_MAKE_VERSION(0,26,0)
++#if EXIV2_TEST_VERSION(0,26,0)
+ size_t
+ #else
+ long int
+@@ -504,7 +513,11 @@ ExtractorIO::eof () const
+ std::string
+ ExtractorIO::path () const
+ {
++#if EXIV2_TEST_VERSION(0,27,0)
++    throw Exiv2::BasicError<char> (Exiv2::kerDecodeLangAltQualifierFailed);
++#else
+   throw Exiv2::BasicError<char> (42 /* error code */);
++#endif
+ }
+ 
+ 
+@@ -517,7 +530,11 @@ ExtractorIO::path () const
+ std::wstring
+ ExtractorIO::wpath () const
+ {
++#if EXIV2_TEST_VERSION(0,27,0)
++    throw Exiv2::BasicError<char> (Exiv2::kerDecodeLangAltQualifierFailed);
++#else
+   throw Exiv2::BasicError<char> (42 /* error code */);
++#endif
+ }
+ #endif
+ 
+@@ -531,7 +548,11 @@ Exiv2::BasicIo::AutoPtr
+ ExtractorIO::temporary () const
+ {
+   fprintf (stderr, "throwing temporary error\n");
++#if EXIV2_TEST_VERSION(0,27,0)
++    throw Exiv2::BasicError<char> (Exiv2::kerDecodeLangAltQualifierFailed);
++#else
+   throw Exiv2::BasicError<char> (42 /* error code */);
++#endif
+ }
+ 
+ 
+@@ -697,7 +718,7 @@ EXTRACTOR_exiv2_extract_method (struct EXTRACTOR_ExtractContext *ec)
+ {
+   try
+     {
+-#if EXIV2_MAKE_VERSION(0,23,0) <= EXIV2_VERSION
++#if !EXIV2_TEST_VERSION(0,24,0)
+       Exiv2::LogMsg::setLevel (Exiv2::LogMsg::mute);
+ #endif
+       std::auto_ptr<Exiv2::BasicIo> eio(new ExtractorIO (ec));
+-- 
+2.20.1
+
author	V3n3RiX <venerix@redcorelinux.org>	2018-12-31 13:43:35 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2018-12-31 13:43:35 +0000
commit	2891d29af8907ce881662f4a02844926d7a293c7 (patch)
tree	56979d96839d0827aa52008b81b746b4934d88df /media-libs/libextractor/files
parent	de49812990871e1705b64051c35161d5e6400269 (diff)