diff options
Diffstat (limited to 'media-libs/tiff')
| -rw-r--r-- | media-libs/tiff/Manifest | 2 | ||||
| -rw-r--r-- | media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch | 395 | ||||
| -rw-r--r-- | media-libs/tiff/tiff-4.0.10-r2.ebuild | 85 |
3 files changed, 482 insertions, 0 deletions
diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index a3cc5dc282db..0cbacf20a82b 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -1,9 +1,11 @@ AUX tiff-4.0.10-CVE-2018-17000-tif_dirwrite-null-dereference.patch 1301 BLAKE2B 0f4875ff1f4ae06c56018f6ecfe4ce7dc015f9cf77475f61e4b9c898afdfebbeda53ea1cef1d5a7a6237af77dcf8eaa4884ecf8fa9593f2513e84021b47efd02 SHA512 902a01411b8b45bb16757aa34b27cbac9f1f01981a169538b97f3a4cb47fb6597c753c0660182cf4f2cb8a7156049cdf93c5fa8b9c202e89d6cdb44204d94df1 +AUX tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch 12754 BLAKE2B c2f6c8964b493e1d9965a95dea7463b1052809ec9fa529502f976ebe396195010b5cc132318c68b1e8f34695831006f5764ef7f40f42ead031b9263c83e7d395 SHA512 803dc0dfc139dac9e25163dc4b592a6158dfa076788840cbfd1abba85af6571e15cb7f6444d23abb70c738db835fb7412a9b200b2b3cea9ef5a86f4e2b97f9d0 AUX tiff-4.0.10-CVE-2019-6128-pal2rgb-leak.patch 1427 BLAKE2B e2c392cd2bfe6f90dc510403d5cc1c383a8ee77e5ce2c1435acdbb9f9bb4c9010e85f19b9f2329f14fb82d0dab4cacdc2e6a5367ff95f940b5535eefd1b24903 SHA512 0a3103dae94b3362da1c5ebf087926ec82bf4e16ba7b5bc13e998fad1e9a970604dd80554f5b0a45d2d4f55a4b6e68dfb180b032f83b4b1335d011e25eb754b5 AUX tiff-4.0.10-CVE-2019-7663-tiffcpIntegerOverflow.patch 1996 BLAKE2B 1e654cc81d66b050e17a1234016b103332dcfcf03f3d7670d35942efc56fbeff0d66d9b6cc71a059ff6602a7c7cef1a3644ae7ea4ca59e88e9004914bea1be32 SHA512 93d386c62d29715b7e84177c7caaba0a9e284f8b9c730db93cf8fbc76faab2e798c81aab20b1210f0342fa6651e56fcbd07655205957b06bf9236ed0903f00a4 AUX tiff-4.0.7-pdfium-0006-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch 930 BLAKE2B 52d77fcdd773ce52232257da2c60f8b90417f102238df2039262e3afa7275908c74817ddd6958e430d7cfcff58d2d04ebd6ddd49f553f0f261883b67f557c599 SHA512 822ccc22304d23b4f50efe1f0fb7890fda8b9edf2075b8add814c0bac0a153fa0ed5d7ee5f47e23799b24f11678c8e0bf9c90ad59c5cc61fd9546b2dca4714a9 AUX tiff-4.0.7-pdfium-0008-HeapBufferOverflow-ChopUpSingleUncompressedStrip.patch 924 BLAKE2B 03160ce33639620b1deb918d358f559b8bc6296d28530b440d0d770438453c25aecc393b8cfcc582ed2d0ec1decd557a212c91f43f7923c9e94387e235680021 SHA512 43973cc5512eb8fe2e0beab1a98ff0d3bd999ed1adbf7c08c344b3442559cc2cdc99a9f2e9c1bb2bffa4be027945b12b120fa27ec6c8006367932039b8d8dd37 DIST tiff-4.0.10.tar.gz 2402867 BLAKE2B 0305453f22150c31d00d2de756736f58c49a288e19b2a66bdd01319ce4688742f6eab4009eaf1817125d41f53a23de17eb6265a3ebae458ec24f5dbb3d49764e SHA512 d213e5db09fd56b8977b187c5a756f60d6e3e998be172550c2892dbdb4b2a8e8c750202bc863fe27d0d1c577ab9de1710d15e9f6ed665aadbfd857525a81eea8 EBUILD tiff-4.0.10-r1.ebuild 2491 BLAKE2B f6be096bf9b99b9dd9626043df11d965e5282b87c6ae48098efa30a565604e16c21fa81a5723925ec8061b332b68fd0da43fb3782b59b446b739234ccfb929f1 SHA512 da78f5770d10676770ab31d8c5fe490a5ba41a49f9ba7db5da6f26f52be988125425168e8ff163692373d35df17f29ba7f1a1c16a12c0b4a750ead111eef840a +EBUILD tiff-4.0.10-r2.ebuild 2368 BLAKE2B 0aa9495f391255146ea6834142f4030906dd33af9a5540e9eb7365f51c9207bae817cf481a009b83ca3a445d626bca1086f1f6d59e14061e3695b5b030ac0cbe SHA512 bb2735a0051540c8d69a0a0fa6ff98562732b76e8a068f4f4d7e623b5f2c939ec028b01463557b98a9db680a16d27fa6f011795f33ed3d6037d2ae7c06e5d43f EBUILD tiff-4.0.10.ebuild 2278 BLAKE2B 590019a51d49fe8486427702957bbf51680a69fc4e4158f74fdfde44bc85d7243ff1fbc08cec658287a742f14069a3c231df5d5388b7ad1db7940c3cc3d2cf3f SHA512 3d6285a44f2744091f2e321c96934986fbdfeb81eee94f340fa969a81f462c7c4a2658821827d317f2313319de079dc08217c2f3849701fba391845b1e09b2b1 MISC metadata.xml 565 BLAKE2B 3d487835599974795ba6007439bf1d08756ab1c5dbe191509832b302f3199e4ffc05be64df3e26b4d4a1c11d1292c48cbb59ffa6e412831d16d7415e076f1062 SHA512 289043206dbb512c97e4bb703b32549ac4a77f40e212548b80ea865052b80fed9d4562f9fc94638fda54da9bc3e0c19ba303c027e66e7b75c772aeec91aebe6f diff --git a/media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch b/media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch new file mode 100644 index 000000000000..cbcbfd9d7f02 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch @@ -0,0 +1,395 @@ +From 6ebfcac47224d3b8661c501967d495135449883e Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Sat, 10 Aug 2019 18:25:03 +0200 +Subject: [PATCH] Fix integer overflow in _TIFFCheckMalloc() and other + implementation-defined behaviour (CVE-2019-14973) + +_TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow +in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus +signed), which was especially easily triggered on 32-bit builds (with recent +enough compilers that assume that signed multiplication cannot overflow, since +this is undefined behaviour by the C standard). The original issue which lead to +this fix was trigged from tif_fax3.c + +There were also unsafe (implementation defied), and broken in practice on 64bit +builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing +(uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known +at that time exploits, but are better to fix in a more bullet-proof way. +Or similarly use of (int64)uint64_var <= 0. + +--- a/libtiff/tif_aux.c ++++ b/libtiff/tif_aux.c +@@ -57,18 +57,57 @@ _TIFFMultiply64(TIFF* tif, uint64 first, uint64 second, const char* where) + return bytes; + } + ++tmsize_t ++_TIFFMultiplySSize(TIFF* tif, tmsize_t first, tmsize_t second, const char* where) ++{ ++ if( first <= 0 || second <= 0 ) ++ { ++ if( tif != NULL && where != NULL ) ++ { ++ TIFFErrorExt(tif->tif_clientdata, where, ++ "Invalid argument to _TIFFMultiplySSize() in %s", where); ++ } ++ return 0; ++ } ++ ++ if( first > TIFF_TMSIZE_T_MAX / second ) ++ { ++ if( tif != NULL && where != NULL ) ++ { ++ TIFFErrorExt(tif->tif_clientdata, where, ++ "Integer overflow in %s", where); ++ } ++ return 0; ++ } ++ return first * second; ++} ++ ++tmsize_t _TIFFCastUInt64ToSSize(TIFF* tif, uint64 val, const char* module) ++{ ++ if( val > (uint64)TIFF_TMSIZE_T_MAX ) ++ { ++ if( tif != NULL && module != NULL ) ++ { ++ TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); ++ } ++ return 0; ++ } ++ return (tmsize_t)val; ++} ++ + void* + _TIFFCheckRealloc(TIFF* tif, void* buffer, + tmsize_t nmemb, tmsize_t elem_size, const char* what) + { + void* cp = NULL; +- tmsize_t bytes = nmemb * elem_size; +- ++ tmsize_t count = _TIFFMultiplySSize(tif, nmemb, elem_size, NULL); + /* +- * XXX: Check for integer overflow. ++ * Check for integer overflow. + */ +- if (nmemb && elem_size && bytes / elem_size == nmemb) +- cp = _TIFFrealloc(buffer, bytes); ++ if (count != 0) ++ { ++ cp = _TIFFrealloc(buffer, count); ++ } + + if (cp == NULL) { + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, +--- a/libtiff/tif_getimage.c ++++ b/libtiff/tif_getimage.c +@@ -755,9 +755,8 @@ gtTileSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) + uint32 leftmost_tw; + + tilesize = TIFFTileSize(tif); +- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,tilesize); ++ bufsize = _TIFFMultiplySSize(tif, alpha?4:3,tilesize, "gtTileSeparate"); + if (bufsize == 0) { +- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate"); + return (0); + } + +@@ -1019,9 +1018,8 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) + uint16 colorchannels; + + stripsize = TIFFStripSize(tif); +- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,stripsize); ++ bufsize = _TIFFMultiplySSize(tif,alpha?4:3,stripsize, "gtStripSeparate"); + if (bufsize == 0) { +- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate"); + return (0); + } + +--- a/libtiff/tif_luv.c ++++ b/libtiff/tif_luv.c +@@ -1264,16 +1264,10 @@ LogL16GuessDataFmt(TIFFDirectory *td) + return (SGILOGDATAFMT_UNKNOWN); + } + +- +-#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) +-#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) +- + static tmsize_t + multiply_ms(tmsize_t m1, tmsize_t m2) + { +- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 ) +- return 0; +- return m1 * m2; ++ return _TIFFMultiplySSize(NULL, m1, m2, NULL); + } + + static int +--- a/libtiff/tif_pixarlog.c ++++ b/libtiff/tif_pixarlog.c +@@ -634,15 +634,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td) + return guess; + } + +-#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) +-#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) +- + static tmsize_t + multiply_ms(tmsize_t m1, tmsize_t m2) + { +- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 ) +- return 0; +- return m1 * m2; ++ return _TIFFMultiplySSize(NULL, m1, m2, NULL); + } + + static tmsize_t +--- a/libtiff/tif_read.c ++++ b/libtiff/tif_read.c +@@ -29,9 +29,6 @@ + #include "tiffiop.h" + #include <stdio.h> + +-#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) +-#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) +- + int TIFFFillStrip(TIFF* tif, uint32 strip); + int TIFFFillTile(TIFF* tif, uint32 tile); + static int TIFFStartStrip(TIFF* tif, uint32 strip); +@@ -49,6 +46,8 @@ TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* m + #define THRESHOLD_MULTIPLIER 10 + #define MAX_THRESHOLD (THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * INITIAL_THRESHOLD) + ++#define TIFF_INT64_MAX ((((int64)0x7FFFFFFF) << 32) | 0xFFFFFFFF) ++ + /* Read 'size' bytes in tif_rawdata buffer starting at offset 'rawdata_offset' + * Returns 1 in case of success, 0 otherwise. */ + static int TIFFReadAndRealloc( TIFF* tif, tmsize_t size, +@@ -734,23 +733,8 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size) + return ((tmsize_t)(-1)); + } + bytecount = td->td_stripbytecount[strip]; +- if ((int64)bytecount <= 0) { +-#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) +- TIFFErrorExt(tif->tif_clientdata, module, +- "%I64u: Invalid strip byte count, strip %lu", +- (unsigned __int64) bytecount, +- (unsigned long) strip); +-#else +- TIFFErrorExt(tif->tif_clientdata, module, +- "%llu: Invalid strip byte count, strip %lu", +- (unsigned long long) bytecount, +- (unsigned long) strip); +-#endif +- return ((tmsize_t)(-1)); +- } +- bytecountm = (tmsize_t)bytecount; +- if ((uint64)bytecountm!=bytecount) { +- TIFFErrorExt(tif->tif_clientdata, module, "Integer overflow"); ++ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount, module); ++ if (bytecountm == 0) { + return ((tmsize_t)(-1)); + } + if (size != (tmsize_t)(-1) && size < bytecountm) +@@ -774,7 +758,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) + if ((tif->tif_flags&TIFF_NOREADRAW)==0) + { + uint64 bytecount = td->td_stripbytecount[strip]; +- if ((int64)bytecount <= 0) { ++ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) { + #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFErrorExt(tif->tif_clientdata, module, + "Invalid strip byte count %I64u, strip %lu", +@@ -801,7 +785,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) + (bytecount - 4096) / 10 > (uint64)stripsize ) + { + uint64 newbytecount = (uint64)stripsize * 10 + 4096; +- if( (int64)newbytecount >= 0 ) ++ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX ) + { + #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFWarningExt(tif->tif_clientdata, module, +@@ -1196,10 +1180,8 @@ TIFFReadRawTile(TIFF* tif, uint32 tile, void* buf, tmsize_t size) + bytecount64 = td->td_stripbytecount[tile]; + if (size != (tmsize_t)(-1) && (uint64)size < bytecount64) + bytecount64 = (uint64)size; +- bytecountm = (tmsize_t)bytecount64; +- if ((uint64)bytecountm!=bytecount64) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); ++ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount64, module); ++ if( bytecountm == 0 ) { + return ((tmsize_t)(-1)); + } + return (TIFFReadRawTile1(tif, tile, buf, bytecountm, module)); +@@ -1221,7 +1203,7 @@ TIFFFillTile(TIFF* tif, uint32 tile) + if ((tif->tif_flags&TIFF_NOREADRAW)==0) + { + uint64 bytecount = td->td_stripbytecount[tile]; +- if ((int64)bytecount <= 0) { ++ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) { + #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFErrorExt(tif->tif_clientdata, module, + "%I64u: Invalid tile byte count, tile %lu", +@@ -1248,7 +1230,7 @@ TIFFFillTile(TIFF* tif, uint32 tile) + (bytecount - 4096) / 10 > (uint64)stripsize ) + { + uint64 newbytecount = (uint64)stripsize * 10 + 4096; +- if( (int64)newbytecount >= 0 ) ++ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX ) + { + #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) + TIFFWarningExt(tif->tif_clientdata, module, +--- a/libtiff/tif_strip.c ++++ b/libtiff/tif_strip.c +@@ -129,15 +129,8 @@ TIFFVStripSize(TIFF* tif, uint32 nrows) + { + static const char module[] = "TIFFVStripSize"; + uint64 m; +- tmsize_t n; + m=TIFFVStripSize64(tif,nrows); +- n=(tmsize_t)m; +- if ((uint64)n!=m) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* +@@ -211,15 +204,8 @@ TIFFStripSize(TIFF* tif) + { + static const char module[] = "TIFFStripSize"; + uint64 m; +- tmsize_t n; + m=TIFFStripSize64(tif); +- n=(tmsize_t)m; +- if ((uint64)n!=m) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* +@@ -330,14 +316,8 @@ TIFFScanlineSize(TIFF* tif) + { + static const char module[] = "TIFFScanlineSize"; + uint64 m; +- tmsize_t n; + m=TIFFScanlineSize64(tif); +- n=(tmsize_t)m; +- if ((uint64)n!=m) { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* +@@ -366,15 +346,8 @@ TIFFRasterScanlineSize(TIFF* tif) + { + static const char module[] = "TIFFRasterScanlineSize"; + uint64 m; +- tmsize_t n; + m=TIFFRasterScanlineSize64(tif); +- n=(tmsize_t)m; +- if ((uint64)n!=m) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* vim: set ts=8 sts=8 sw=8 noet: */ +--- a/libtiff/tif_tile.c ++++ b/libtiff/tif_tile.c +@@ -181,15 +181,8 @@ TIFFTileRowSize(TIFF* tif) + { + static const char module[] = "TIFFTileRowSize"; + uint64 m; +- tmsize_t n; + m=TIFFTileRowSize64(tif); +- n=(tmsize_t)m; +- if ((uint64)n!=m) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* +@@ -248,15 +241,8 @@ TIFFVTileSize(TIFF* tif, uint32 nrows) + { + static const char module[] = "TIFFVTileSize"; + uint64 m; +- tmsize_t n; + m=TIFFVTileSize64(tif,nrows); +- n=(tmsize_t)m; +- if ((uint64)n!=m) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* +@@ -272,15 +258,8 @@ TIFFTileSize(TIFF* tif) + { + static const char module[] = "TIFFTileSize"; + uint64 m; +- tmsize_t n; + m=TIFFTileSize64(tif); +- n=(tmsize_t)m; +- if ((uint64)n!=m) +- { +- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); +- n=0; +- } +- return(n); ++ return _TIFFCastUInt64ToSSize(tif, m, module); + } + + /* +--- a/libtiff/tiffiop.h ++++ b/libtiff/tiffiop.h +@@ -77,6 +77,9 @@ extern int snprintf(char* str, size_t size, const char* format, ...); + #define FALSE 0 + #endif + ++#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) ++#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) ++ + typedef struct client_info { + struct client_info *next; + void *data; +@@ -258,7 +261,7 @@ struct tiff { + #define TIFFhowmany8_64(x) (((x)&0x07)?((uint64)(x)>>3)+1:(uint64)(x)>>3) + #define TIFFroundup_64(x, y) (TIFFhowmany_64(x,y)*(y)) + +-/* Safe multiply which returns zero if there is an integer overflow */ ++/* Safe multiply which returns zero if there is an *unsigned* integer overflow. This macro is not safe for *signed* integer types */ + #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0) + + #define TIFFmax(A,B) ((A)>(B)?(A):(B)) +@@ -368,6 +371,8 @@ extern TIFFErrorHandlerExt _TIFFerrorHandlerExt; + + extern uint32 _TIFFMultiply32(TIFF*, uint32, uint32, const char*); + extern uint64 _TIFFMultiply64(TIFF*, uint64, uint64, const char*); ++extern tmsize_t _TIFFMultiplySSize(TIFF*, tmsize_t, tmsize_t, const char*); ++extern tmsize_t _TIFFCastUInt64ToSSize(TIFF*, uint64, const char*); + extern void* _TIFFCheckMalloc(TIFF*, tmsize_t, tmsize_t, const char*); + extern void* _TIFFCheckRealloc(TIFF*, void*, tmsize_t, tmsize_t, const char*); + diff --git a/media-libs/tiff/tiff-4.0.10-r2.ebuild b/media-libs/tiff/tiff-4.0.10-r2.ebuild new file mode 100644 index 000000000000..9f1174ee30f8 --- /dev/null +++ b/media-libs/tiff/tiff-4.0.10-r2.ebuild @@ -0,0 +1,85 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools libtool multilib-minimal + +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://libtiff.maptools.org" +SRC_URI="https://download.osgeo.org/libtiff/${P}.tar.gz" + +LICENSE="libtiff" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="+cxx jbig jpeg lzma static-libs test webp zlib zstd" + +RDEPEND=" + jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1[${MULTILIB_USEDEP}] ) + webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) + zstd? ( >=app-arch/zstd-1.3.7-r1:=[${MULTILIB_USEDEP}] ) +" +DEPEND="${RDEPEND}" + +REQUIRED_USE="test? ( jpeg )" #483132 + +PATCHES=( + "${FILESDIR}"/${PN}-4.0.10-CVE-2018-17000-tif_dirwrite-null-dereference.patch + "${FILESDIR}"/${PN}-4.0.10-CVE-2019-6128-pal2rgb-leak.patch + "${FILESDIR}"/${PN}-4.0.10-CVE-2019-7663-tiffcpIntegerOverflow.patch + "${FILESDIR}"/${P}-CVE-2019-14973-fix-integer-overflow.patch +) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/tiffconf.h +) + +src_prepare() { + default + + # tiffcp-thumbnail.sh fails as thumbnail binary doesn't get built anymore since tiff-4.0.7 + sed '/tiffcp-thumbnail\.sh/d' -i test/Makefile.am || die + + eautoreconf +} + +multilib_src_configure() { + local myeconfargs=( + --without-x + --with-docdir="${EPREFIX}"/usr/share/doc/${PF} + $(use_enable cxx) + $(use_enable jbig) + $(use_enable jpeg) + $(use_enable lzma) + $(use_enable static-libs static) + $(use_enable webp) + $(use_enable zlib) + $(use_enable zstd) + ) + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" + + # remove useless subdirs + if ! multilib_is_native_abi ; then + sed -i \ + -e 's/ tools//' \ + -e 's/ contrib//' \ + -e 's/ man//' \ + -e 's/ html//' \ + Makefile || die + fi +} + +multilib_src_test() { + if ! multilib_is_native_abi ; then + emake -C tools + fi + emake check +} + +multilib_src_install_all() { + find "${ED}" -name '*.la' -delete || die + rm "${ED}"/usr/share/doc/${PF}/{COPYRIGHT,README*,RELEASE-DATE,TODO,VERSION} || die +} |