Hello community,
here is the log from the commit of package openexr.13330 for
openSUSE:Leap:15.1:Update checked in at 2020-07-16 12:49:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.1:Update/openexr.13330 (Old)
and /work/SRC/openSUSE:Leap:15.1:Update/.openexr.13330.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openexr.13330"
Thu Jul 16 12:49:49 2020 rev:1 rq:821127 version:2.2.1
Changes:
--------
New Changes file:
--- /dev/null 2020-07-16 02:54:20.700682797 +0200
+++ /work/SRC/openSUSE:Leap:15.1:Update/.openexr.13330.new.3592/openexr.changes
2020-07-16 12:49:56.748952902 +0200
@@ -0,0 +1,330 @@
+-------------------------------------------------------------------
+Wed Jul 1 12:13:59 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ fix CVE-2020-15304 [bsc#1173466], NULL pointer dereference in
TiledInputFile:TiledInputFile()
+ + openexr-CVE-2020-15304.patch
+ fix CVE-2020-15305 [bsc#1173467], use-after-free in
DeepScanLineInputFile:DeepScanLineInputFile()
+ + openexr-CVE-2020-15305.patch
+ fix CVE-2020-15306 [bsc#1173469], invalid chunkCount attributes could cause
a heap buffer overflow in getChunkOffsetTableSize()
+ + openexr-CVE-2020-15306.patch
+
+-------------------------------------------------------------------
+Wed Apr 22 09:47:26 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ fix CVE-2020-11762 [bsc#1169549], out-of-bounds read and write in
DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN
compression case
+ fix CVE-2020-11758 [bsc#1169573], out-of-bounds read in
ImfOptimizedPixelReading.h.
+ fix CVE-2020-11764 [bsc#1169574], out-of-bounds write in copyIntoFrameBuffer
in ImfMisc.cpp
+ fix CVE-2020-11765 [bsc#1169575], off-by-one error in use of the ImfXdr.h
read function by DwaCompressor:Classifier:Classifier
+ fix CVE-2020-11763 [bsc#1169576], out-of-bounds read and write, as
demonstrated by ImfTileOffsets.cpp
+ fix CVE-2020-11761 [bsc#1169578], out-of-bounds read during Huffman
uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp
+ fix CVE-2020-11760 [bsc#1169580], out-of-bounds read during RLE
uncompression in rleUncompress in ImfRle.cpp
+ + openexr-CVE-2020-11762,11758,11764,11765,11763,11761,11760.patch
+
+-------------------------------------------------------------------
+Fri Sep 20 12:38:43 UTC 2019 - pgaj...@suse.com
+
+- testsuite only for x86_64 [bsc#1146648]
+
+-------------------------------------------------------------------
+Fri Sep 20 11:49:43 UTC 2019 - pgaj...@suse.com
+
+- on behalf of Martin Pluskal:
+- Enable tests on architectures with enough memory - boo#1146648
+ * disable imffuzztest as it takes to much resources
+
+-------------------------------------------------------------------
+Mon Jul 15 14:06:53 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2017-14988 [bsc#1061305]
+ + openexr-CVE-2017-14988.patch
+
+-------------------------------------------------------------------
+Fri Jun 14 19:50:35 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115
[bsc#1040115]
+ + openexr-CVE-2017-9111,9113,9115.patch
+
+-------------------------------------------------------------------
+Wed Nov 7 10:54:22 UTC 2018 - Petr Gajdos <pgaj...@suse.com>
+
+- security update
+ * CVE-2018-18444 [bsc#1113455]
+ + openexr-CVE-2018-18444.patch
+
+-------------------------------------------------------------------
+Tue Nov 6 13:35:33 UTC 2018 - Petr Gajdos <pgaj...@suse.com>
+
+- asan_build: build ASAN included
+- debug_build: build more suitable for debugging
+
+-------------------------------------------------------------------
+Mon Jan 15 05:19:19 UTC 2018 - avin...@opensuse.org
+
+- Update to 2.2.1
+ * Fix reported OpenEXR security vulnerabilities: CVE-2017-9110,
+ CVE-2017-9111, CVE-2017-9112, CVE-2017-9113, CVE-2017-9114,
+ CVE-2017-9115 and CVE-2017-9116
+- pgaj...@suse.com: but really seem to fix only:
+ CVE-2017-9110 [bsc#1040107], CVE-2017-9114 [bsc#1040114],
+ CVE-2017-9116 [bsc#1040116], CVE-2017-12596 [bsc#1052522]; for
+ the rest of issues see [bsc#1040109], [bsc#1040112],
+ [bsc#1040113], [bsc#1040114], [bsc#1040115], and [bsc#1061305]
+
+-------------------------------------------------------------------
+Wed Jul 12 09:22:22 UTC 2017 - tchva...@suse.com
+
+- Cleanup a bit with spec-cleaner
+
+-------------------------------------------------------------------
+Thu Jan 29 09:50:21 UTC 2015 - m...@suse.com
+
+- Update to 2.2.0
+ * DreamWorks Lossy Compression A new high quality, high performance lossy
+ compression codec contributed by DreamWorks Animation. This codec allows
+ control over variable lossiness to balance visual quality and file size.
+ This contribution also includes performance improvements that speed up
+ the PIZ codec.
+ * IlmImfUtil A new library intended to aid in development of image file
+ manipulation utilities that support the many types of OpenEXR images.
+ * This release also includes improvements to cross-platform build support
+ using CMake.
+- Bumped the soname, and now we have libIlmImf and libIlmImfUtil
+- Removed openexr-2.1.0-headers.patch
+- Updated openexr.keyring from the savannah project page.
+
+-------------------------------------------------------------------
+Tue Aug 26 11:21:47 UTC 2014 - fcro...@suse.com
+
+- Add obsoletes to baselibs.conf.
+
+-------------------------------------------------------------------
+Thu Apr 24 09:54:12 UTC 2014 - dmuel...@suse.com
+
+- remove dependency on gpg-offline (blocks rebuilds and
+ tarball integrity is checked by source-validator anyway)
+
+-------------------------------------------------------------------
+Thu Nov 28 10:22:05 UTC 2013 - tog...@opensuse.org
+
+- add openexr-2.1.0-headers.patch to install
+ ImfDeepImageStateAttribute.h header too
+
+-------------------------------------------------------------------
+Wed Nov 27 09:17:45 UTC 2013 - mvysko...@suse.com
+
+- update to 2.1.0
+ This release includes a refactoring of the optimised read paths for RGBA
+ data, optimisations for some of the python bindings to Imath, improvements to
+ the cmake build environment as well as additional documentation describing
+ deep data in more detail.
+- make tests conditional, enable fuzz test and huge test
+
+-------------------------------------------------------------------
+Mon Jul 15 11:00:04 UTC 2013 - mvysko...@suse.com
+
+- update to 2.0.1
+ This is a maintenance push that predominantly addresses edge case
+ failures in the optimisation code paths by temporarily disabling the
+ feature. For more details, please refer to the
+ /usr/share/doc/packages/openexr/ChangeLog
+- add gpg-offline based verification
+
+-------------------------------------------------------------------
+Sat Apr 20 20:29:35 UTC 2013 - co...@suse.com
+
+- fix library deps
+
+-------------------------------------------------------------------
+Fri Apr 12 13:43:33 UTC 2013 - mvysko...@suse.com
+
+- update to 2.0.0
+ * Deep Data support - Pixels can now store a variable-length list of samples.
+ The main rationale behind deep images is to enable the storage of multiple
+ values at different depths for each pixel. OpenEXR 2.0 supports both
+ hard-surface and volumetric representations for Deep Compositing workflows.
+ * Multi-part Image Files - With OpenEXR 2.0, files can now contain a number
+ of separate, but related, data parts in one file. Access to any part is
+ independent of the others, pixels from parts that are not required in the
+ current operation don't need to be accessed, resulting in quicker read
+ times when accessing only a subset of channels. The multipart interface
+ also incorporates support for Stereo images where views are stored in
+ separate parts. This makes stereo OpenEXR 2.0 files significantly faster to
+ work with than the previous multiview support in OpenEXR.
+ * Optimized pixel reading - decoding RGB(A) scanline images has been
+ accelerated on SSE processors providing a significant speedup when reading
+ both old and new format images, including multipart and multiview files.
+ * Namespacing - The library introduces versioned namespaces to avoid
+ conflicts between packages compiled with different versions of the library.
+- obsoleted
+ openexr-suse-docdir.patch (moved in install phase)
+ openexr-disable-tests.patch
+
+-------------------------------------------------------------------
+Thu Sep 27 14:51:27 UTC 2012 - cfarr...@suse.com
+
+- license update: BSD-3-Clause
+ No GPL licensed files found in the package
+
+-------------------------------------------------------------------
+Thu Sep 27 09:20:21 UTC 2012 - idon...@suse.com
+
+- Update baselibs.conf
+
+-------------------------------------------------------------------
+Thu Aug 2 12:46:25 UTC 2012 - mvysko...@suse.cz
+
+- Update to 1.7.1
+ * Updated the .so verison to 7.
+ * obsoletes openexr-includes.patch
+- require new ilmbase-devel for build
+- rename libopenexr-devel to openexr devel to be compatible
+ with renamed ilmbase package
+
+-------------------------------------------------------------------
+Tue Apr 24 13:26:54 UTC 2012 - mvysko...@suse.cz
+
+- disable the test at all, as running them in OBS seems not to be
+ reliable
+
+-------------------------------------------------------------------
++++ 133 more lines (skipped)
++++ between /dev/null
++++ and
/work/SRC/openSUSE:Leap:15.1:Update/.openexr.13330.new.3592/openexr.changes
New:
----
baselibs.conf
openexr-2.2.1.tar.gz
openexr-2.2.1.tar.gz.sig
openexr-CVE-2017-14988.patch
openexr-CVE-2017-9111,9113,9115.patch
openexr-CVE-2018-18444.patch
openexr-CVE-2020-11762,11758,11764,11765,11763,11761,11760.patch
openexr-CVE-2020-15304.patch
openexr-CVE-2020-15305.patch
openexr-CVE-2020-15306.patch
openexr.changes
openexr.keyring
openexr.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openexr.spec ++++++
#
# spec file for package openexr
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# perhaps you want to build against corresponding ilmbase build
%define asan_build 0
%define debug_build 0
%define sonum 23
%global so_suffix -2_2-23
Name: openexr
Version: 2.2.1
Release: 0
Summary: Utilities for work with HDR images in OpenEXR format
License: BSD-3-Clause
Group: Productivity/Graphics/Other
Url: http://www.openexr.com/
Source0:
http://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz
Source1:
http://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz.sig
Source2: baselibs.conf
Source3: openexr.keyring
Patch0: openexr-CVE-2018-18444.patch
# CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115
[bsc#1040115]
Patch1: openexr-CVE-2017-9111,9113,9115.patch
# CVE-2017-14988 [bsc#1061305]
Patch2: openexr-CVE-2017-14988.patch
# CVE-2020-11762 [bsc#1169549], out-of-bounds read and write in
DwaCompressor:uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN
compression case|CVE-2020-11758 [bsc#1169573], out-of-bounds read in
ImfOptimizedPixelReading.h.|CVE-2020-11764 [bsc#1169574], out-of-bounds write
in copyIntoFrameBuffer in ImfMisc.cpp|CVE-2020-11765 [bsc#1169575], off-by-one
error in use of the ImfXdr.h read function by
DwaCompressor:Classifier:Classifier|CVE-2020-11763 [bsc#1169576], out-of-bounds
read and write, as demonstrated by ImfTileOffsets.cpp|CVE-2020-11761
[bsc#1169578], out-of-bounds read during Huffman uncompression, as demonstrated
by FastHufDecoder:refill in ImfFastHuf.cpp|CVE-2020-11760 [bsc#1169580],
out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp
Patch3: openexr-CVE-2020-11762,11758,11764,11765,11763,11761,11760.patch
# CVE-2020-15305 [bsc#1173467], use-after-free in
DeepScanLineInputFile:DeepScanLineInputFile()
Patch4: openexr-CVE-2020-15305.patch
# CVE-2020-15306 [bsc#1173469], invalid chunkCount attributes could cause a
heap buffer overflow in getChunkOffsetTableSize()
Patch5: openexr-CVE-2020-15306.patch
# CVE-2020-15304 [bsc#1173466], NULL pointer dereference in
TiledInputFile:TiledInputFile()
Patch6: openexr-CVE-2020-15304.patch
BuildRequires: automake
BuildRequires: fltk-devel
BuildRequires: freeglut-devel
BuildRequires: gcc-c++
BuildRequires: pkgconfig
BuildRequires: pkgconfig(IlmBase) >= 2.2.0
BuildRequires: pkgconfig(zlib)
%if %{asan_build} || %{debug_build}
BuildRequires: ilmbase-debugsource
BuildRequires: libHalf%{sonum}-debuginfo
BuildRequires: libIex%{so_suffix}-debuginfo
BuildRequires: libIexMath%{so_suffix}-debuginfo
BuildRequires: libIlmThread%{so_suffix}-debuginfo
BuildRequires: libImath%{so_suffix}-debuginfo
%endif
Obsoletes: OpenEXR <= 1.6.1
Provides: OpenEXR = %{version}
%description
OpenEXR is a high dynamic-range (HDR) image file format developed by
Industrial Light & Magic for use in computer imaging applications. This package
contains a set of utilities to work with this format.
* exrheader, a utility for dumping header information
* exrstdattr, a utility for modifying OpenEXR standard attributes
* exrmaketiled, for generating tiled and rip/mipmapped images
* exrenvmap, for creating OpenEXR environment maps
* exrmakepreview, for creating preview images for OpenEXR files
* exr2aces, converter to ACES format
* exrmultiview, combine two or more images into one multi-view
%package -n libIlmImf%{so_suffix}
Summary: Library to Handle EXR Pictures in 16-Bit Floating-Point Format
Group: Development/Libraries/C and C++
%description -n libIlmImf%{so_suffix}
OpenEXR is a high dynamic-range (HDR) image file format developed by
Industrial Light & Magic for use in computer imaging applications.
This package contains shared library libIlmImf
%post -n libIlmImf%{so_suffix} -p /sbin/ldconfig
%postun -n libIlmImf%{so_suffix} -p /sbin/ldconfig
%files -n libIlmImf%{so_suffix}
%doc COPYING
%{_libdir}/libIlmImf-*.so.*
%package -n libIlmImfUtil%{so_suffix}
Summary: Library to simplify development of OpenEXR utilities
Group: Development/Libraries/C and C++
%description -n libIlmImfUtil%{so_suffix}
OpenEXR is a high dynamic-range (HDR) image file format developed by
Industrial Light & Magic for use in computer imaging applications.
This package contains shared library libIlmImfUtil
%post -n libIlmImfUtil%{so_suffix} -p /sbin/ldconfig
%postun -n libIlmImfUtil%{so_suffix} -p /sbin/ldconfig
%files -n libIlmImfUtil%{so_suffix}
%doc COPYING
%{_libdir}/libIlmImfUtil-*.so.*
%package devel
Summary: Library to Handle EXR Pictures (16-bit floating-point format)
Group: Development/Libraries/C and C++
Requires: libIlmImf%{so_suffix} = %{version}
Requires: libIlmImfUtil%{so_suffix} = %{version}
Requires: libilmbase-devel
Requires: pkgconfig
Requires: pkgconfig(zlib)
Obsoletes: OpenEXR-devel <= 1.6.1
Provides: OpenEXR-devel = %{version}
Obsoletes: libopenexr-devel <= 1.7.0
Provides: libopenexr-devel = %{version}
%description devel
OpenEXR is a high dynamic-range (HDR) image file format developed by
Industrial Light & Magic for use in computer imaging applications.
This package contains header files.
%package doc
Summary: Library to Handle EXR Pictures in 16-Bit Floating-Point Format
Group: Development/Libraries/C and C++
Obsoletes: OpenEXR-doc <= 1.6.1
Provides: OpenEXR-doc = %{version}
%description doc
OpenEXR is a high dynamic-range (HDR) image file format developed by
Industrial Light & Magic for use in computer imaging applications.
This package contains a documentation
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
# poor man's fdupes
if cmp COPYING LICENSE; then
rm -rf LICENSE
ln -sf COPYING LICENSE
fi
# remove non-linux file
rm README.OSX
%build
export PTHREAD_LIBS="-lpthread"
%if %{debug_build}
export CXXFLAGS="%{optflags} -O0"
%endif
%configure \
--disable-static \
--with-pic \
%if %{asan_build}
--disable-ilmbasetest \
%endif
--enable-large-stack \
--enable-imfexamples \
--enable-imfhugetest
%if %{asan_build}
vmemlimit=$(ulimit -v)
if [ $vmemlimit != unlimited ]; then
echo "ulimit -v has to be unlimited (currently $vmemlimit) to run ASAN build"
exit 1
fi
for i in $(find -name Makefile); do
sed -i -e 's/\(^CXXFLAGS.*\)/\1 -fsanitize=address/' \
-e 's/\(^LIBS =.*\)/\1 -lasan/' \
$i
done
%endif
make %{?_smp_mflags}
%install
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
install -d -m 0755 %{buildroot}%{_defaultdocdir}/
mv %{buildroot}%{_datadir}/doc/OpenEXR-2*
%{buildroot}%{_defaultdocdir}/%{name}-%{version}
%check
%ifarch x86_64
make %{?_smp_mflags} check
%endif
%files
%doc AUTHORS ChangeLog COPYING LICENSE NEWS README*
%{_bindir}/exrenvmap
%{_bindir}/exrheader
%{_bindir}/exrmakepreview
%{_bindir}/exrmaketiled
%{_bindir}/exrstdattr
%{_bindir}/exrmultiview
%{_bindir}/exrmultipart
%files devel
%{_includedir}/OpenEXR
%{_libdir}/libIlmImf.so
%{_libdir}/libIlmImfUtil.so
%{_libdir}/pkgconfig/OpenEXR.pc
%{_datadir}/aclocal/openexr.m4
%files doc
%{_docdir}/%{name}-%{version}
%changelog
++++++ baselibs.conf ++++++
libIlmImf-2_2-23
libIlmImfUtil-2_2-23
obsoletes "OpenEXR-<targettype> < <version>"
++++++ openexr-CVE-2017-14988.patch ++++++
--- a/IlmImf/ImfHeader.cpp
+++ b/IlmImf/ImfHeader.cpp
@@ -1185,6 +1185,11 @@ Header::readFrom
(OPENEXR_IMF_INTERNAL_NAMESPACE::IStream &is, int &version)
checkIsNullTerminated (typeName, "attribute type name");
OPENEXR_IMF_INTERNAL_NAMESPACE::Xdr::read
<OPENEXR_IMF_INTERNAL_NAMESPACE::StreamIO> (is, size);
+ if( size < 0 )
+ {
+ throw IEX_NAMESPACE::InputExc("Invalid size field in header
attribute");
+ }
+
AttributeMap::iterator i = _map.find (name);
if (i != _map.end())
++++++ openexr-CVE-2017-9111,9113,9115.patch ++++++
Index: openexr-2.3.0/exrmakepreview/makePreview.cpp
===================================================================
--- openexr-2.3.0.orig/exrmakepreview/makePreview.cpp 2018-08-10
03:35:00.000000000 +0200
+++ openexr-2.3.0/exrmakepreview/makePreview.cpp 2019-06-14
19:18:36.159142127 +0200
@@ -110,6 +110,9 @@ generatePreview (const char inFileName[]
int h = dw.max.y - dw.min.y + 1;
Array2D <Rgba> pixels (h, w);
+ if (INT_MAX / abs(w) < abs(dw.min.y) ||
+ INT_MAX - abs(dw.min.x) < abs(dw.min.y * w))
+ throw IEX_NAMESPACE::ArgExc ("Invalid data window in image header.");
in.setFrameBuffer (&pixels[0][0] - dw.min.y * w - dw.min.x, 1, w);
in.readPixels (dw.min.y, dw.max.y);
Index: openexr-2.3.0/exrmaketiled/Image.h
===================================================================
--- openexr-2.3.0.orig/exrmaketiled/Image.h 2018-08-10 03:35:00.000000000
+0200
+++ openexr-2.3.0/exrmaketiled/Image.h 2019-06-14 19:19:02.451287048 +0200
@@ -192,6 +192,9 @@ TypedImageChannel<T>::slice () const
const IMATH_NAMESPACE::Box2i &dw = image().dataWindow();
int w = dw.max.x - dw.min.x + 1;
+ if (INT_MAX / abs(w) < abs(dw.min.y) ||
+ INT_MAX - abs(dw.min.x) < abs(dw.min.y * w))
+ throw IEX_NAMESPACE::ArgExc ("Invalid data window in image header.");
return OPENEXR_IMF_INTERNAL_NAMESPACE::Slice (pixelType(),
(char *) (&_pixels[0][0] - dw.min.y * w - dw.min.x),
sizeof (T),
++++++ openexr-CVE-2018-18444.patch ++++++
Index: openexr-2.3.0/exrmultiview/Image.h
===================================================================
--- openexr-2.3.0.orig/exrmultiview/Image.h 2018-08-10 03:35:00.000000000
+0200
+++ openexr-2.3.0/exrmultiview/Image.h 2018-11-07 09:07:48.072431858 +0100
@@ -227,7 +227,7 @@ template <class T>
void
TypedImageChannel<T>::black ()
{
-
memset(&_pixels[0][0],0,image().width()/_xSampling*image().height()/_ySampling*sizeof(T));
+
memset(&_pixels[0][0],0,image().width()/_xSampling*(image().height()/_ySampling)*sizeof(T));
}
++++++ openexr-CVE-2020-11762,11758,11764,11765,11763,11761,11760.patch ++++++
++++ 1039 lines (skipped)
++++++ openexr-CVE-2020-15304.patch ++++++
Index: openexr-2.2.1/IlmImf/ImfTiledInputFile.cpp
===================================================================
--- openexr-2.2.1.orig/IlmImf/ImfTiledInputFile.cpp 2020-07-01
13:38:45.427112748 +0200
+++ openexr-2.2.1/IlmImf/ImfTiledInputFile.cpp 2020-07-01 13:41:05.028032935
+0200
@@ -807,7 +807,10 @@ TiledInputFile::TiledInputFile (OPENEXR_
{
for (size_t i = 0; i < _data->tileBuffers.size(); i++)
{
- delete [] _data->tileBuffers[i]->buffer;
+ if( _data->tileBuffers[i])
+ {
+ delete [] _data->tileBuffers[i]->buffer;
+ }
}
}
if (streamDataCreated) delete _data->_streamData;
@@ -849,11 +852,14 @@ TiledInputFile::TiledInputFile (const He
{
for (size_t i = 0; i < _data->tileBuffers.size(); i++)
{
- delete [] _data->tileBuffers[i]->buffer;
+ if( _data->tileBuffers[i])
+ {
+ delete [] _data->tileBuffers[i]->buffer;
+ }
}
}
delete _data->_streamData;
- delete _data;
+ delete _data;
throw;
}
}
++++++ openexr-CVE-2020-15305.patch ++++++
diff --git a/OpenEXR/IlmImf/ImfDeepScanLineInputFile.cpp
b/OpenEXR/IlmImf/ImfDeepScanLineInputFile.cpp
index 339d2f89..0844d234 100644
--- a/IlmImf/ImfDeepScanLineInputFile.cpp
+++ b/IlmImf/ImfDeepScanLineInputFile.cpp
@@ -1053,6 +1053,8 @@ DeepScanLineInputFile::DeepScanLineInputFile
delete _data->_streamData;
}
if (_data) delete _data;
+
+ throw;
}
readLineOffsets (*_data->_streamData->is,
++++++ openexr-CVE-2020-15306.patch ++++++
diff --git a/IlmImf/ImfDeepTiledOutputFile.cpp
b/IlmImf/ImfDeepTiledOutputFile.cpp
index 9654e311..887c0329 100644
--- a/IlmImf/ImfDeepTiledOutputFile.cpp
+++ b/IlmImf/ImfDeepTiledOutputFile.cpp
@@ -1237,7 +1237,7 @@ DeepTiledOutputFile::initialize (const Header &header)
_data->numYTiles);
//ignore the existing value of chunkCount - correct it if it's wrong
- _data->header.setChunkCount(getChunkOffsetTableSize(_data->header,true));
+ _data->header.setChunkCount(getChunkOffsetTableSize(_data->header));
_data->maxSampleCountTableSize = _data->tileDesc.ySize *
_data->tileDesc.xSize *
diff --git a/IlmImf/ImfMisc.cpp b/IlmImf/ImfMisc.cpp
index d0b6fb26..7d69798e 100644
--- a/IlmImf/ImfMisc.cpp
+++ b/IlmImf/ImfMisc.cpp
@@ -1900,18 +1900,30 @@ int
getTiledChunkOffsetTableSize(const Header& header);
int
-getChunkOffsetTableSize(const Header& header,bool ignore_attribute)
+getChunkOffsetTableSize(const Header& header,bool)
{
- if(!ignore_attribute && header.hasChunkCount())
- {
- return header.chunkCount();
- }
-
+ //
+ // if there is a type in the header which indicates the part is not a
currently supported type,
+ // use the chunkCount attribute
+ //
+
+
if(header.hasType() && !isSupportedType(header.type()))
{
- throw IEX_NAMESPACE::ArgExc ("unsupported header type to "
- "get chunk offset table size");
+ if(header.hasChunkCount())
+ {
+ return header.chunkCount();
+ }
+ else
+ {
+ throw IEX_NAMESPACE::ArgExc ("unsupported header type to "
+ "get chunk offset table size");
+ }
}
+
+ //
+ // part is a known type - ignore the header attribute and compute the
chunk size from the header
+ //
if (isTiled(header.type()) == false)
return getScanlineChunkOffsetTableSize(header);
else
diff --git a/IlmImf/ImfMisc.h b/IlmImf/ImfMisc.h
index 4cb7607e..f1cf648a 100644
--- a/IlmImf/ImfMisc.h
+++ b/IlmImf/ImfMisc.h
@@ -464,13 +464,16 @@ bool usesLongNames (const Header &header);
//
-// compute size of chunk offset table - if ignore_attribute set to true
-// will compute from the image size and layout, rather than the attribute
-// The default behaviour is to read the attribute
+// compute size of chunk offset table - for existing types, computes
+// the chunk size from the image size, compression type, and tile description
+// (for tiled types). If the type is not supported, uses the chunkCount
attribute
+// if present, or throws an exception otherwise
+// deprecated_attribute is no longer used by this function
+//
//
IMF_EXPORT
-int getChunkOffsetTableSize(const Header& header,bool ignore_attribute=false);
+int getChunkOffsetTableSize(const Header& header,bool
deprecated_attribute=false);
OPENEXR_IMF_INTERNAL_NAMESPACE_HEADER_EXIT
diff --git a/IlmImf/ImfMultiPartInputFile.cpp b/IlmImf/ImfMultiPartInputFile.cpp
index 0c574fa8..42488c9d 100644
--- a/IlmImf/ImfMultiPartInputFile.cpp
+++ b/IlmImf/ImfMultiPartInputFile.cpp
@@ -738,7 +738,7 @@ MultiPartInputFile::Data::readChunkOffsetTables(bool
reconstructChunkOffsetTable
for (size_t i = 0; i < parts.size(); i++)
{
- int chunkOffsetTableSize =
getChunkOffsetTableSize(parts[i]->header,false);
+ int chunkOffsetTableSize = getChunkOffsetTableSize(parts[i]->header);
parts[i]->chunkOffsets.resize(chunkOffsetTableSize);
for (int j = 0; j < chunkOffsetTableSize; j++)
diff --git a/IlmImf/ImfMultiPartOutputFile.cpp
b/IlmImf/ImfMultiPartOutputFile.cpp
index 89501c40..082efc27 100644
--- a/IlmImf/ImfMultiPartOutputFile.cpp
+++ b/IlmImf/ImfMultiPartOutputFile.cpp
@@ -151,7 +151,7 @@ MultiPartOutputFile::Data::do_header_sanity_checks(bool
overrideSharedAttributes
if (isMultiPart)
{
// multipart files must contain a chunkCount attribute
- _headers[0].setChunkCount(getChunkOffsetTableSize(_headers[0],true));
+ _headers[0].setChunkCount(getChunkOffsetTableSize(_headers[0]));
for (size_t i = 1; i < parts; i++)
{
@@ -159,7 +159,7 @@ MultiPartOutputFile::Data::do_header_sanity_checks(bool
overrideSharedAttributes
throw IEX_NAMESPACE::ArgExc ("Every header in a multipart file
should have a type");
-
_headers[i].setChunkCount(getChunkOffsetTableSize(_headers[i],true));
+ _headers[i].setChunkCount(getChunkOffsetTableSize(_headers[i]));
_headers[i].sanityCheck (_headers[i].hasTileDescription(),
isMultiPart);
@@ -191,7 +191,7 @@ MultiPartOutputFile::Data::do_header_sanity_checks(bool
overrideSharedAttributes
if (_headers[0].hasType() && isImage(_headers[0].type()) == false)
{
-
_headers[0].setChunkCount(getChunkOffsetTableSize(_headers[0],true));
+ _headers[0].setChunkCount(getChunkOffsetTableSize(_headers[0]));
}
}
@@ -500,7 +500,7 @@ MultiPartOutputFile::Data::writeChunkTableOffsets
(vector<OutputPartData*> &part
{
for (size_t i = 0; i < parts.size(); i++)
{
- int chunkTableSize = getChunkOffsetTableSize(parts[i]->header,false);
+ int chunkTableSize = getChunkOffsetTableSize(parts[i]->header);
Int64 pos = os->tellp();
