From 752d6256e5204b958b0ef7905675a940b5e9172f Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Thu, 12 May 2022 16:42:50 +0300
Subject: gentoo resync : 12.05.2022

---
 media-libs/openjpeg/Manifest                       |   5 +-
 .../openjpeg-2.4.0-r3-avoid-mult-overflow.patch    |  52 ++++++++
 .../openjpeg-2.4.0-r3-fix-integer-overflow.patch   |  57 +++++++++
 media-libs/openjpeg/metadata.xml                   |   9 +-
 media-libs/openjpeg/openjpeg-2.4.0-r3.ebuild       | 142 +++++++++++++++++++++
 5 files changed, 263 insertions(+), 2 deletions(-)
 create mode 100644 media-libs/openjpeg/files/openjpeg-2.4.0-r3-avoid-mult-overflow.patch
 create mode 100644 media-libs/openjpeg/files/openjpeg-2.4.0-r3-fix-integer-overflow.patch
 create mode 100644 media-libs/openjpeg/openjpeg-2.4.0-r3.ebuild

(limited to 'media-libs/openjpeg')

diff --git a/media-libs/openjpeg/Manifest b/media-libs/openjpeg/Manifest
index 55a846866a83..4914ac27872f 100644
--- a/media-libs/openjpeg/Manifest
+++ b/media-libs/openjpeg/Manifest
@@ -1,9 +1,12 @@
 AUX openjpeg-2.4.0-gnuinstalldirs.patch 15977 BLAKE2B d1036c329d2f1b829e0bc019d2c761acf2f09a061ccf60421797f89005d194279eb880096d151a379fe3ee7edc36a0d3bceeabae0e8c7d9546baed4b7218d800 SHA512 8563a50c86c10b4306e4fb4a2077094268a58e0e2a468702fdbbccbd5f6db59d2f5a67f772dae17066611c09da0c4baeb6980d3aeddfd0690108336d70f39670
 AUX openjpeg-2.4.0-r1-gnuinstalldirs.patch 15897 BLAKE2B ee5b28985348d9da58d930782420aa43d284efd64574d8f8b250e6d115d6bbb6f4756de2ce6e17251f03c1b6b3dbde2c0fa71b2308724eb84354b15fad650ea2 SHA512 899a112fc8dc65d1c17ec68bf80dc0e892e619bfc67b97784e72c0878ed1a0dc44345b9f5b86e4453df27124b20444ab81511fc66f3e871475a93d8f1f7700bc
 AUX openjpeg-2.4.0-r2-fix-segfault.patch 721 BLAKE2B b26eaa1de6fc64e21477dbf1baeffae5a7df5f78228be117ff48d1d330e58702b516bcb345eddff03e344338c46b0ce66b6ac64198a9bf8a065e036be1e6c19a SHA512 adda72abdf46b9bd2aa0ddf8a653726181271bf1e680cd8caaa28150ee4ef83437246b563f26607b64305a50d68e7f24da81ccba306ad7451375d71fb896c702
+AUX openjpeg-2.4.0-r3-avoid-mult-overflow.patch 2081 BLAKE2B a83ee2926242667dfc0d4dba87a225bf44a5432be9165083d5b371dbbae1b28d171a5ea5b4013f7e05399a2c6910adb76e77dcf3dc88d8e4c0a3dc820012d41e SHA512 7134a62e81d8e7cca3fb714911642e5d5d37db319116104f41d93a2f7d8f1a98ba52bc5edbe89a215ce563e027a012739f1480696ddefff67a3f5735fad88cfb
+AUX openjpeg-2.4.0-r3-fix-integer-overflow.patch 2566 BLAKE2B 01823fb90e763b56eac390b4fb75b57f75e8508baf59ec5e078ce6d36bcf86d58fa9b5ee7327e54526f87a1ae9738fa166adca3af8e1e02e727a543b74caacb8 SHA512 196fa9edfb39e381d17bac0d4aaf2ab026a16bb8a8d3b780118af4395e4f40f8889049cd8ed59db278254adf0b5424bf0c346ae7f271576119aac59b74169451
 DIST openjpeg-2.4.0.tar.gz 2233229 BLAKE2B ab8907638ac041ce7dcbcbcd9624ea5e4b7542c9ec38a850e363c071c27c4bc8b16e207700b12e67d8d32bdd9b0838735bede27084090ce95105d32c539b09cf SHA512 55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8
 DIST openjpeg-data_20201130.tar.gz 497969983 BLAKE2B 35ff1ee234e3bbf47a822151c97cdf2764f864094973fa60adc7962f8065b38318b0cc41338b5ba3fffd9bb00eac3eaf4153ecc398abd49a8047168414c1c85b SHA512 4c367c8262fe894f90a1e63fb59d87e974ae0d750d3cee89adfe4d765040f0a2049b491a17a34a5b3ba79e183a508c9d592376fe3c112df56c311bf3212f0c31
 EBUILD openjpeg-2.4.0-r1.ebuild 4478 BLAKE2B 46a5f1d2ea203610cb86b081c34477f1e8ff10d3467cbdecb5c218870d0e74aeffafd0925c90de5650a775f1b6f417df6ec2afbda3591ad6e9d2b044a11fc315 SHA512 686fdd68d37aa2b40a712b1f51711f509653f553e0dc0d3ad232c721e58146150c23f4eb5ec8c61d4fd147b7a32210664c0990035b2027001cd84c2bfe81db12
 EBUILD openjpeg-2.4.0-r2.ebuild 4540 BLAKE2B 4687d9a0481facc18df6ca69fd4f6065186cae265b0dfd187faf312a4a6258dc5ba18c2cebd9bbf16c99b3942476983fa5a47ae3ed5a4242854b75e6fd178a31 SHA512 92c25bce2326243646e2c9d7cf95053dd64f4ca2727e4a4c38fe03c58b08840ce95e0ea52d21d850528e4b8732f63cf07c4003b46a4b93cd2f6eae5aebe98779
+EBUILD openjpeg-2.4.0-r3.ebuild 4679 BLAKE2B d8d7ca67a4d429980e3a65e2d7a9c365c8fafa4b021837c052fff542008008b183ba08f54488dfa6ff4893104a2ddb680394610574829c01406729037f3218b8 SHA512 0884421d7728d35218c98a232df1d64c2bfc7996a938e146e8722ff3817438de0c4af42a3cc5673566deed39058cb4f3f4df6991007d395d5c248ad94b1184fd
 EBUILD openjpeg-2.4.0.ebuild 4467 BLAKE2B c1940c9c26d9e010fee76fe1c5c894a0fbffa5be2bc8eba8bb6d1d74b28e37f3a1e1eaad6a9bab60e58ce82942019a7fe796b2672c518c7c519b5cd05d2778fb SHA512 40d63968fb5f16b086ed154ef407a02f1cac452e82ce4fbd853f05ec76ef336db75be867dd1767c2845019eab72e3a6142d0de526b870b1b9f6d8b847441def2
-MISC metadata.xml 311 BLAKE2B f7da3c88ae13437c6dbd48c7468f091d1b87bea39a53a85b4abc97d6beb3869c5bb9bd0aeafb065961611be1098a25fdafd8f9b0eb6e395a0de734fc2df53dd5 SHA512 a5a60bfea83513d0eba56f9873bc2d38ca89bc2fade19744d32b767120b5c9e29f56ebddb903648643517f6e2488525e538a1810d91cc864640312c05b7031b2
+MISC metadata.xml 551 BLAKE2B 39647e4fca09d2f613785e350aed813dedb0fb109d718a2ab9b08f7d30d55eaeab4abcf3c58b1434ad239548c966aefac7ebcc3a13d50220ad4a2e59054a75d6 SHA512 a2d0283f5b3d97b6d942d865fa3433f007127dbc63e9479bdf06b8e33c8885dfe6c642cb1b1a8595164fa7fe9961ed44a8c8e70086d7b4dea2f75c1816bbf793
diff --git a/media-libs/openjpeg/files/openjpeg-2.4.0-r3-avoid-mult-overflow.patch b/media-libs/openjpeg/files/openjpeg-2.4.0-r3-avoid-mult-overflow.patch
new file mode 100644
index 000000000000..3733a1b94545
--- /dev/null
+++ b/media-libs/openjpeg/files/openjpeg-2.4.0-r3-avoid-mult-overflow.patch
@@ -0,0 +1,52 @@
+Upstream: https://github.com/uclouvain/openjpeg/commit/1daaa0b909aebdf71be36238d16dfbec83c494ed
+Bug: https://bugs.gentoo.org/783513
+CVE-2021-29338
+--- a/src/bin/jp2/opj_compress.c
++++ b/src/bin/jp2/opj_compress.c
+@@ -1967,7 +1967,7 @@ int main(int argc, char **argv)
+                 goto fin;
+             }
+             for (i = 0; i < num_images; i++) {
+-                dirptr->filename[i] = dirptr->filename_buf + i * OPJ_PATH_LEN;
++                dirptr->filename[i] = dirptr->filename_buf + (size_t)i * OPJ_PATH_LEN;
+             }
+         }
+         if (load_images(dirptr, img_fol.imgdirpath) == 1) {
+--- a/src/bin/jp2/opj_decompress.c
++++ b/src/bin/jp2/opj_decompress.c
+@@ -1367,7 +1367,6 @@ int main(int argc, char **argv)
+     if (img_fol.set_imgdir == 1) {
+         int it_image;
+         num_images = get_num_images(img_fol.imgdirpath);
+-
+         dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
+         if (!dirptr) {
+             destroy_parameters(&parameters);
+@@ -1387,7 +1386,8 @@ int main(int argc, char **argv)
+             goto fin;
+         }
+         for (it_image = 0; it_image < num_images; it_image++) {
+-            dirptr->filename[it_image] = dirptr->filename_buf + it_image * OPJ_PATH_LEN;
++            dirptr->filename[it_image] = dirptr->filename_buf + (size_t)it_image *
++                                         OPJ_PATH_LEN;
+         }
+ 
+         if (load_images(dirptr, img_fol.imgdirpath) == 1) {
+--- a/src/bin/jp2/opj_dump.c
++++ b/src/bin/jp2/opj_dump.c
+@@ -529,13 +529,13 @@ int main(int argc, char *argv[])
+         }
+ 
+         for (it_image = 0; it_image < num_images; it_image++) {
+-            dirptr->filename[it_image] = dirptr->filename_buf + it_image * OPJ_PATH_LEN;
++            dirptr->filename[it_image] = dirptr->filename_buf + (size_t)it_image *
++                                         OPJ_PATH_LEN;
+         }
+ 
+         if (load_images(dirptr, img_fol.imgdirpath) == 1) {
+             goto fails;
+         }
+-
+         if (num_images == 0) {
+             fprintf(stdout, "Folder is empty\n");
+             goto fails;
diff --git a/media-libs/openjpeg/files/openjpeg-2.4.0-r3-fix-integer-overflow.patch b/media-libs/openjpeg/files/openjpeg-2.4.0-r3-fix-integer-overflow.patch
new file mode 100644
index 000000000000..6ceb5be8f6d1
--- /dev/null
+++ b/media-libs/openjpeg/files/openjpeg-2.4.0-r3-fix-integer-overflow.patch
@@ -0,0 +1,57 @@
+opj_compress/opj_uncompress: fix integer overflow in num_images
+CVE-2021-29338
+Bug 783513
+Upstream: https://github.com/uclouvain/openjpeg/commit/79c7d7af598b778c3cdcb455df23d50efc95eb3c
+--- a/src/bin/jp2/opj_compress.c
++++ b/src/bin/jp2/opj_compress.c
+@@ -1959,9 +1959,9 @@ int main(int argc, char **argv)
+         num_images = get_num_images(img_fol.imgdirpath);
+         dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
+         if (dirptr) {
+-            dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
++            dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
+                     char)); /* Stores at max 10 image file names*/
+-            dirptr->filename = (char**) malloc(num_images * sizeof(char*));
++            dirptr->filename = (char**) calloc(num_images, sizeof(char*));
+             if (!dirptr->filename_buf) {
+                 ret = 0;
+                 goto fin;
+--- a/src/bin/jp2/opj_decompress.c
++++ b/src/bin/jp2/opj_decompress.c
+@@ -1374,14 +1374,13 @@ int main(int argc, char **argv)
+             return EXIT_FAILURE;
+         }
+         /* Stores at max 10 image file names */
+-        dirptr->filename_buf = (char*)malloc(sizeof(char) *
+-                                             (size_t)num_images * OPJ_PATH_LEN);
++        dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
+         if (!dirptr->filename_buf) {
+             failed = 1;
+             goto fin;
+         }
+ 
+-        dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
++        dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
+ 
+         if (!dirptr->filename) {
+             failed = 1;
+--- a/src/bin/jp2/opj_dump.c
++++ b/src/bin/jp2/opj_dump.c
+@@ -515,13 +515,14 @@ int main(int argc, char *argv[])
+         if (!dirptr) {
+             return EXIT_FAILURE;
+         }
+-        dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
+-                char)); /* Stores at max 10 image file names*/
++        /* Stores at max 10 image file names*/
++        dirptr->filename_buf = (char*) calloc((size_t) num_images,
++                                              OPJ_PATH_LEN * sizeof(char));
+         if (!dirptr->filename_buf) {
+             free(dirptr);
+             return EXIT_FAILURE;
+         }
+-        dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
++        dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
+ 
+         if (!dirptr->filename) {
+             goto fails;
diff --git a/media-libs/openjpeg/metadata.xml b/media-libs/openjpeg/metadata.xml
index 7fa8ba2aacfa..de80c41403bb 100644
--- a/media-libs/openjpeg/metadata.xml
+++ b/media-libs/openjpeg/metadata.xml
@@ -1,7 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-	<!-- maintainer-needed -->
+	<maintainer type="person" proxied="yes">
+		<email>t@laumann.xyz</email>
+		<name>Thomas Bracht Laumann Jespersen</name>
+	</maintainer>
+	<maintainer type="project" proxied="proxy">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
 	<upstream>
 		<remote-id type="sourceforge">openjpeg.mirror</remote-id>
 		<remote-id type="github">uclouvain/openjpeg</remote-id>
diff --git a/media-libs/openjpeg/openjpeg-2.4.0-r3.ebuild b/media-libs/openjpeg/openjpeg-2.4.0-r3.ebuild
new file mode 100644
index 000000000000..7405a4c46f4e
--- /dev/null
+++ b/media-libs/openjpeg/openjpeg-2.4.0-r3.ebuild
@@ -0,0 +1,142 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_ECLASS=cmake
+inherit cmake-multilib flag-o-matic
+
+# Make sure that test data are not newer than release;
+# otherwise we will see "Found-But-No-Test" test failures!
+MY_TESTDATA_COMMIT="cd724fb1f93e6af41ebc68c4904f4bf2a4cd1e60"
+
+DESCRIPTION="Open-source JPEG 2000 library"
+HOMEPAGE="https://www.openjpeg.org"
+SRC_URI="https://github.com/uclouvain/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz
+	test? ( https://github.com/uclouvain/openjpeg-data/archive/${MY_TESTDATA_COMMIT}.tar.gz -> ${PN}-data_20201130.tar.gz )"
+
+LICENSE="BSD-2"
+SLOT="2/7" # based on SONAME
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="doc static-libs test"
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+	media-libs/lcms:2
+	media-libs/libpng:0=
+	media-libs/tiff:0
+	sys-libs/zlib:="
+DEPEND="${RDEPEND}"
+BDEPEND="
+	doc? ( app-doc/doxygen )"
+
+DOCS=( AUTHORS.md CHANGELOG.md NEWS.md README.md THANKS.md )
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.4.0-r1-gnuinstalldirs.patch" # bug 667150
+	"${FILESDIR}/${PN}-2.4.0-r2-fix-segfault.patch" # bug 832007
+	"${FILESDIR}/${PN}-2.4.0-r3-fix-integer-overflow.patch" # bug 783513
+	"${FILESDIR}/${PN}-2.4.0-r3-avoid-mult-overflow.patch" # bug 783513
+)
+
+src_prepare() {
+	if use test; then
+		mv "${WORKDIR}"/openjpeg-data-${MY_TESTDATA_COMMIT} "${WORKDIR}"/data ||
+			die "Failed to rename test data"
+	fi
+
+	cmake_src_prepare
+}
+
+multilib_src_configure() {
+	local mycmakeargs=(
+		-DBUILD_PKGCONFIG_FILES=ON # always build pkgconfig files, bug #539834
+		-DBUILD_TESTING="$(multilib_native_usex test)"
+		-DBUILD_DOC=$(multilib_native_usex doc ON OFF)
+		-DBUILD_CODEC=$(multilib_is_native_abi && echo ON || echo OFF)
+		-DBUILD_STATIC_LIBS=$(usex static-libs)
+	)
+
+	# Cheat a little bit and force disabling fixed point magic
+	# The test suite is extremely fragile to small changes
+	# bug 715130, bug 715422
+	# https://github.com/uclouvain/openjpeg/issues/1017
+	multilib_is_native_abi && use test && append-cflags "-ffp-contract=off"
+
+	cmake_src_configure
+}
+
+multilib_src_test() {
+	if ! multilib_is_native_abi ; then
+		elog "Cannot run tests for non-multilib abi."
+		return 0
+	fi
+
+	local myctestargs=
+
+	pushd "${BUILD_DIR}" > /dev/null || die
+	[[ -e CTestTestfile.cmake ]] || die "Test suite not available! Check source!"
+
+	[[ -n ${TEST_VERBOSE} ]] && myctestargs+=( --extra-verbose --output-on-failure )
+
+	echo ctest "${myctestargs[@]}" "$@"
+	if ctest "${myctestargs[@]}" "$@" ; then
+		einfo "Tests succeeded."
+		popd > /dev/null || die
+		return 0
+	else
+		local FAILEDTEST_LOG="${BUILD_DIR}/Testing/Temporary/LastTestsFailed.log"
+
+		if [[ ! -f "${FAILEDTEST_LOG}" ]] ; then
+			# Should never happen
+			die "Cannot analyze test failures: LastTestsFailed.log is missing!"
+		fi
+
+		echo ""
+		einfo "Note: Upstream is maintaining a list of known test failures."
+		einfo "We will now compare our test results against this list and sort out any known failure."
+
+		local KNOWN_FAILURES_LIST="${T}/known_failures_compiled.txt"
+		cat "${S}/tools/travis-ci/knownfailures-all.txt" > "${KNOWN_FAILURES_LIST}" || die
+
+		local ARCH_SPECIFIC_FAILURES=
+		if use amd64 ; then
+			ARCH_SPECIFIC_FAILURES="$(find "${S}/tools/travis-ci/" -name 'knownfailures-*x86_64*.txt' -print0 | sort -z | tail -z -n 1 | tr -d '\0')"
+		elif use x86 || use arm || use arm64; then
+			ARCH_SPECIFIC_FAILURES="$(find "${S}/tools/travis-ci/" -name 'knownfailures-*i386*.txt' -print0 | sort -z | tail -z -n 1 | tr -d '\0')"
+		fi
+
+		if [[ -f "${ARCH_SPECIFIC_FAILURES}" ]] ; then
+			einfo "Adding architecture specific failures (${ARCH_SPECIFIC_FAILURES}) to known failures list ..."
+			cat "${ARCH_SPECIFIC_FAILURES}" >> "${KNOWN_FAILURES_LIST}" || die
+		fi
+
+		# Logic copied from $S/tools/travis-ci/run.sh
+		local FAILEDTEST=
+		local FAILURES_LOG="${BUILD_DIR}/Testing/Temporary/failures.txt"
+		local HAS_UNKNOWN_TEST_FAILURES=0
+
+		echo ""
+
+		awk -F: '{ print $2 }' "${FAILEDTEST_LOG}" > "${FAILURES_LOG}"
+		while read FAILEDTEST; do
+			# is this failure known?
+			if grep -x "${FAILEDTEST}" "${KNOWN_FAILURES_LIST}" > /dev/null; then
+				ewarn "Test '${FAILEDTEST}' is known to fail, ignoring ..."
+				continue
+			fi
+
+			eerror "New/unknown test failure found: '${FAILEDTEST}'"
+			HAS_UNKNOWN_TEST_FAILURES=1
+		done < "${FAILURES_LOG}"
+
+		if [[ ${HAS_UNKNOWN_TEST_FAILURES} -ne 0 ]]; then
+			die "Test suite failed. New/unknown test failure(s) found!"
+		else
+			echo ""
+			einfo "Test suite passed. No new/unknown test failure(s) found!"
+		fi
+
+		return 0
+	fi
+}
-- 
cgit v1.2.3