Hello community, here is the log from the commit of package jpegoptim for openSUSE:Factory checked in at 2018-04-02 22:49:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/jpegoptim (Old) and /work/SRC/openSUSE:Factory/.jpegoptim.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "jpegoptim" Mon Apr 2 22:49:11 2018 rev:2 rq:592905 version:1.4.5 Changes: -------- --- /work/SRC/openSUSE:Factory/jpegoptim/jpegoptim.changes 2018-01-23 13:53:06.501280758 +0100 +++ /work/SRC/openSUSE:Factory/.jpegoptim.new/jpegoptim.changes 2018-04-02 22:49:15.341782796 +0200 @@ -1,0 +2,9 @@ +Sun Apr 1 18:12:28 UTC 2018 - [email protected] + +- Update to 1.4.5 : + * Fix --overwrite option + * Better error reporting for -d option + * Fix memcmp() potentially reading past end of buffer + * Some minor fixes + +------------------------------------------------------------------- Old: ---- jpegoptim-1.4.4.tar.gz jpegoptim-1.4.4.tar.gz.sig New: ---- jpegoptim-1.4.5.tar.gz jpegoptim-1.4.5.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jpegoptim.spec ++++++ --- /var/tmp/diff_new_pack.OeHsMq/_old 2018-04-02 22:49:16.829728697 +0200 +++ /var/tmp/diff_new_pack.OeHsMq/_new 2018-04-02 22:49:16.833728551 +0200 @@ -17,7 +17,7 @@ Name: jpegoptim -Version: 1.4.4 +Version: 1.4.5 Release: 0 Summary: Utility for Optimizing JPEG Files License: GPL-2.0+ ++++++ jpegoptim-1.4.4.tar.gz -> jpegoptim-1.4.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/COPYRIGHT new/jpegoptim-1.4.5/COPYRIGHT --- old/jpegoptim-1.4.4/COPYRIGHT 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/COPYRIGHT 2018-03-31 08:59:50.000000000 +0200 @@ -1,7 +1,7 @@ jpegoptim ========= - Copyright (C) 1996-2016 Timo Kokkonen <[email protected]> + Copyright (C) 1996-2018 Timo Kokkonen <[email protected]> This program is free software; you can redistribute it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/Makefile.in new/jpegoptim-1.4.5/Makefile.in --- old/jpegoptim-1.4.4/Makefile.in 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/Makefile.in 2018-03-31 08:59:50.000000000 +0200 @@ -1,9 +1,9 @@ ######################################################################### -# $Id: 975c0d83dba889377f97958639ed20dcc7cf18b6 $ +# $Id: 981905b4e4f1a1143bce3b31176397a62d55067d $ # # Makefile for jpegoptim # -Version = 1.4.4 +Version = 1.4.5 PKGNAME = jpegoptim SHELL = /bin/sh @@ -35,7 +35,8 @@ CC = @CC@ XCPPFLAGS = @CPPFLAGS@ CFLAGS = @CFLAGS@ $(XCPPFLAGS) $(DEFS) -#CFLAGS += -Wall -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 +#CFLAGS += -Wall -Wformat -Werror=format-security +#CFLAGS += -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -fsanitize=address LDFLAGS = @LDFLAGS@ LIBS = @LIBS@ STRIP = strip diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/README new/jpegoptim-1.4.5/README --- old/jpegoptim-1.4.4/README 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/README 2018-03-31 08:59:50.000000000 +0200 @@ -1,5 +1,5 @@ -Jpegoptim v1.4.4 - Copyright (c) Timo Kokkonen, 1996-2016. All Rights Reserved. +Jpegoptim v1.4.5 - Copyright (C) Timo Kokkonen, 1996-2018. All Rights Reserved. REQUIREMENTS @@ -19,8 +19,8 @@ tar file, make necessary changes to the Makefile, and then compile the program. You may wanna do something like this: - zcat jpegoptim-1.4.4.tar.gz | tar xf - - cd jpegoptim-1.4.4 + zcat jpegoptim-1.4.5.tar.gz | tar xf - + cd jpegoptim-1.4.5 ./configure make make strip @@ -28,6 +28,10 @@ HISTORY + v1.4.5 - fix --overwrite option, + better error reporting for -d option, + fix memcmp() potentially reading past end of buffer, + some minor fixes v1.4.4 - more detailed error messages (thanks to Denis Fateyev), CMake support (thanks to Ghostkeeper), other minor fixes @@ -92,5 +96,5 @@ Timo <[email protected]> -15-Aug-2016 $Id: 210adea95505d893083a1a99178a5c9677bc8281 $ +30-Mar-2018 $Id: 0047596655aed6d4e6cb2095d5ce9d888430ce88 $ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/jpegoptim.c new/jpegoptim-1.4.5/jpegoptim.c --- old/jpegoptim-1.4.4/jpegoptim.c 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/jpegoptim.c 2018-03-31 08:59:50.000000000 +0200 @@ -6,7 +6,7 @@ * requires libjpeg (Independent JPEG Group's JPEG software * release 6a or later...) * - * $Id: 478198edd3c2a9f96326151c4648dd44118ae09c $ + * $Id: 4a81f768fff5ea2c15fe80a211b72abaeaeb3b0a $ */ #ifdef HAVE_CONFIG_H @@ -34,8 +34,8 @@ #include "jpegoptim.h" -#define VERSIO "1.4.4" -#define COPYRIGHT "Copyright (c) 1996-2016, Timo Kokkonen" +#define VERSIO "1.4.5" +#define COPYRIGHT "Copyright (C) 1996-2018, Timo Kokkonen" #define LOG_FH (logs_to_stdout ? stdout : stderr) @@ -56,7 +56,7 @@ }; typedef struct my_error_mgr * my_error_ptr; -const char *rcsid = "$Id: 478198edd3c2a9f96326151c4648dd44118ae09c $"; +const char *rcsid = "$Id: 4a81f768fff5ea2c15fe80a211b72abaeaeb3b0a $"; int verbose_mode = 0; @@ -97,6 +97,7 @@ {"dest",1,0,'d'}, {"force",0,0,'f'}, {"version",0,0,'V'}, + {"overwrite",0,0,'o'}, {"preserve",0,0,'p'}, {"preserve-perms",0,0,'P'}, {"strip-all",0,0,'s'}, @@ -242,15 +243,18 @@ write_marker++; if (save_exif && mrk->marker == EXIF_JPEG_MARKER && + mrk->data_length >= EXIF_IDENT_STRING_SIZE && !memcmp(mrk->data,EXIF_IDENT_STRING,EXIF_IDENT_STRING_SIZE)) write_marker++; if (save_icc && mrk->marker == ICC_JPEG_MARKER && - !memcmp(mrk->data,ICC_IDENT_STRING,ICC_IDENT_STRING_SIZE)) + mrk->data_length >= ICC_IDENT_STRING_SIZE && + !memcmp(mrk->data,ICC_IDENT_STRING,ICC_IDENT_STRING_SIZE)) write_marker++; if (save_xmp && mrk->marker == XMP_JPEG_MARKER && - !memcmp(mrk->data,XMP_IDENT_STRING,XMP_IDENT_STRING_SIZE)) + mrk->data_length >= XMP_IDENT_STRING_SIZE && + !memcmp(mrk->data,XMP_IDENT_STRING,XMP_IDENT_STRING_SIZE)) write_marker++; if (strip_none) write_marker++; @@ -301,7 +305,7 @@ char tmpfilename[MAXPATHLEN],tmpdir[MAXPATHLEN]; char newname[MAXPATHLEN], dest_path[MAXPATHLEN]; volatile int i; - int c,j, tmpfd, searchcount, searchdone; + int c,j, searchcount, searchdone; int opt_index = 0; long insize = 0, outsize = 0, lastsize = 0; int oldquality; @@ -369,9 +373,10 @@ } break; case 'd': - if (realpath(optarg,dest_path)==NULL || !is_directory(dest_path)) { - fatal("invalid argument for option -d, --dest"); - } + if (realpath(optarg,dest_path)==NULL) + fatal("invalid destination directory: %s", optarg); + if (!is_directory(dest_path)) + fatal("destination not a directory: %s", dest_path); strncat(dest_path,DIR_SEPARATOR_S,sizeof(dest_path)-strlen(dest_path)-1); if (verbose_mode) @@ -485,13 +490,13 @@ /* loop to process the input files */ - i=1; + i=(optind > 0 ? optind : 1); do { if (stdin_mode) { infile=stdin; set_filemode_binary(infile); } else { - if (!argv[i][0]) continue; + if (i >= argc || !argv[i][0]) continue; if (argv[i][0]=='-') continue; if (strlen(argv[i]) >= MAXPATHLEN) { warn("skipping too long filename: %s",argv[i]); @@ -565,6 +570,7 @@ marker_in_size+=cmarker->data_length; if (cmarker->marker == EXIF_JPEG_MARKER && + cmarker->data_length >= EXIF_IDENT_STRING_SIZE && !memcmp(cmarker->data,EXIF_IDENT_STRING,EXIF_IDENT_STRING_SIZE)) strncat(marker_str,"Exif ",sizeof(marker_str)-strlen(marker_str)-1); @@ -572,10 +578,12 @@ strncat(marker_str,"IPTC ",sizeof(marker_str)-strlen(marker_str)-1); if (cmarker->marker == ICC_JPEG_MARKER && + cmarker->data_length >= ICC_IDENT_STRING_SIZE && !memcmp(cmarker->data,ICC_IDENT_STRING,ICC_IDENT_STRING_SIZE)) strncat(marker_str,"ICC ",sizeof(marker_str)-strlen(marker_str)-1); if (cmarker->marker == XMP_JPEG_MARKER && + cmarker->data_length >= XMP_IDENT_STRING_SIZE && !memcmp(cmarker->data,XMP_IDENT_STRING,XMP_IDENT_STRING_SIZE)) strncat(marker_str,"XMP ",sizeof(marker_str)-strlen(marker_str)-1); @@ -820,14 +828,14 @@ /* rely on mkstemps() to create us temporary file safely... */ snprintf(tmpfilename,sizeof(tmpfilename), "%sjpegoptim-%d-%d.XXXXXX.tmp", tmpdir, (int)getuid(), (int)getpid()); - if ((tmpfd = mkstemps(tmpfilename,4)) < 0) + int tmpfd = mkstemps(tmpfilename,4); + if (tmpfd < 0) fatal("%s, error creating temp file %s: mkstemps() failed",(stdin_mode?"stdin":argv[i]),tmpfilename); if ((outfile=fdopen(tmpfd,"wb"))==NULL) #else /* if platform is missing mkstemps(), try to create at least somewhat "safe" temp file... */ snprintf(tmpfilename,sizeof(tmpfilename), "%sjpegoptim-%d-%d.%ld.tmp", tmpdir, (int)getuid(), (int)getpid(),(long)time(NULL)); - tmpfd=0; if ((outfile=fopen(tmpfilename,"wb"))==NULL) #endif fatal("error opening temporary file: %s",tmpfilename); @@ -888,6 +896,7 @@ average_count, average_rate/average_count, total_save); jpeg_destroy_decompress(&dinfo); jpeg_destroy_compress(&cinfo); + free (outbuffer); return (decompress_err_count > 0 || compress_err_count > 0 ? 1 : 0);; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/jpegoptim.h new/jpegoptim-1.4.5/jpegoptim.h --- old/jpegoptim-1.4.4/jpegoptim.h 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/jpegoptim.h 2018-03-31 08:59:50.000000000 +0200 @@ -61,7 +61,7 @@ /* misc.c */ -int delete_file(char *name); +int delete_file(const char *name); long file_size(FILE *fp); int is_directory(const char *path); int is_file(const char *filename, struct stat *st); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/misc.c new/jpegoptim-1.4.5/misc.c --- old/jpegoptim-1.4.4/misc.c 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/misc.c 2018-03-31 08:59:50.000000000 +0200 @@ -22,7 +22,7 @@ #include "jpegoptim.h" -int delete_file(char *name) +int delete_file(const char *name) { int retval; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/redhat/jpegoptim.spec new/jpegoptim-1.4.5/redhat/jpegoptim.spec --- old/jpegoptim-1.4.4/redhat/jpegoptim.spec 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/redhat/jpegoptim.spec 2018-03-31 08:59:50.000000000 +0200 @@ -1,6 +1,6 @@ Summary: Utility for optimizing/compressing JPEG files. Name: jpegoptim -Version: 1.4.4 +Version: 1.4.5 Release: 1 License: GPL Group: Applications/Multimedia diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jpegoptim-1.4.4/win32_compat.h new/jpegoptim-1.4.5/win32_compat.h --- old/jpegoptim-1.4.4/win32_compat.h 2016-08-16 06:18:46.000000000 +0200 +++ new/jpegoptim-1.4.5/win32_compat.h 2018-03-31 08:59:50.000000000 +0200 @@ -20,7 +20,7 @@ #include <sys/utime.h> #define snprintf _snprintf -#define lstat _stat +#define lstat stat #define realpath(N,R) _fullpath((R),(N),MAXPATHLEN) #define ftruncate(fildes,length) open(fildes, O_TRUNC|O_WRONLY) @@ -31,13 +31,19 @@ #define getuid(x) 0 #define geteuid() 0 #define chown(outfname,st_uid,st_gid) 0 + +#ifndef S_ISREG #define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG) +#endif + +#ifndef S_ISDIR #define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR) +#endif #ifndef HOST_TYPE #if _WIN64 #define HOST_TYPE "Win64" -#else if WIN32 +#elif WIN32 #define HOST_TYPE "Win32" #endif #endif
