Hello community, here is the log from the commit of package alembic for openSUSE:Factory checked in at 2020-08-18 12:25:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/alembic (Old) and /work/SRC/openSUSE:Factory/.alembic.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "alembic" Tue Aug 18 12:25:37 2020 rev:3 rq:827519 version:1.7.13 Changes: -------- --- /work/SRC/openSUSE:Factory/alembic/alembic.changes 2019-12-04 14:19:26.538390703 +0100 +++ /work/SRC/openSUSE:Factory/.alembic.new.3399/alembic.changes 2020-08-18 12:25:47.887841274 +0200 @@ -1,0 +2,13 @@ +Tue Aug 18 07:14:36 UTC 2020 - Dirk Mueller <[email protected]> + +- update to 1.7.13: + * Ogawa: Google generously setup AutoFuzz and it found several issues when + reading maliciously created files. These issues reported issues are fixed: + 253-258, 269-272, 282, 283 (PR266) + * AbcImport: Add support for connecting MFnData::kFloatArray. + * Fix issue where WFObjConvert headers were being put in the wrong place when + installed. (Issue 264) + * Partly address Issue 265 by making some adjustments to the Doxyfile and remove + a very old reference to MD5Hash in the very old Houdini SOP. + +------------------------------------------------------------------- Old: ---- alembic-1.7.12.tar.gz New: ---- alembic-1.7.13.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ alembic.spec ++++++ --- /var/tmp/diff_new_pack.nAuRjv/_old 2020-08-18 12:25:49.659842013 +0200 +++ /var/tmp/diff_new_pack.nAuRjv/_new 2020-08-18 12:25:49.663842015 +0200 @@ -1,7 +1,7 @@ # # spec file for package alembic # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # Copyright (c) 2019 LISA GmbH, Bingen, Germany. # # All modifications and additions to the file contributed by third parties @@ -18,9 +18,8 @@ %define libname libAlembic1_7 - Name: alembic -Version: 1.7.12 +Version: 1.7.13 Release: 0 Summary: Computer graphics interchange framework License: BSD-3-Clause @@ -69,11 +68,11 @@ -DUSE_BINARIES=OFF \ -DUSE_TESTS=OFF -make %{?_smp_mflags} +%make_build %install %cmake_install -rm -r %{buildroot}/usr/lib/cmake +rm -r %{buildroot}%{_prefix}/lib/cmake %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig ++++++ alembic-1.7.12.tar.gz -> alembic-1.7.13.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/CMakeLists.txt new/alembic-1.7.13/CMakeLists.txt --- old/alembic-1.7.12/CMakeLists.txt 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/CMakeLists.txt 2020-07-11 21:02:41.000000000 +0200 @@ -51,7 +51,7 @@ # Declare the project version SET(PROJECT_VERSION_MAJOR "1") SET(PROJECT_VERSION_MINOR "7") -SET(PROJECT_VERSION_PATCH "12") +SET(PROJECT_VERSION_PATCH "13") SET(PROJECT_VERSION ${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}) SET(VERSION ${PROJECT_VERSION}) @@ -134,17 +134,13 @@ ENDIF() # Set some debug vs opt flags -IF ("${CMAKE_BUILD_TYPE}" MATCHES "Debug") - ADD_DEFINITIONS(-DDEBUG=1 -UNDEBUG) - IF (NOT WINDOWS) - ADD_DEFINITIONS(-Wall -Werror -Wextra -Wno-unused-parameter) - ENDIF() -ELSEIF ("${CMAKE_BUILD_TYPE}" MATCHES "Release") - ADD_DEFINITIONS(-DNDEBUG=1 -UDEBUG) - IF (NOT WINDOWS) - ADD_DEFINITIONS(-O3) - ENDIF() -ENDIF() +if ("${CMAKE_BUILD_TYPE}" MATCHES "Debug" AND NOT MSVC) + add_definitions(-Wall -Werror -Wextra -Wno-unused-parameter -Wno-deprecated) + if((CMAKE_CXX_COMPILER_ID MATCHES "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 7.0) OR + CMAKE_CXX_COMPILER_ID MATCHES "CLANG") + add_definitions( -Wno-error=implicit-fallthrough) + endif() +endif() IF (NOT ${WINDOWS}) SET(EXTERNAL_MATH_LIBS "-lm") @@ -152,14 +148,12 @@ SET(EXTERNAL_MATH_LIBS "") ENDIF() -IF (${WINDOWS}) +IF (MSVC) SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /EHsc") - IF (MSVC) - IF ((CMAKE_CXX_COMPILER_VERSION VERSION_LESS 16) AND - (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 15)) - # MSVC15/MSVS2009 fix - SET (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /bigobj" ) - ENDIF () + IF ((CMAKE_CXX_COMPILER_VERSION VERSION_LESS 16) AND + (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 15)) + # MSVC15/MSVS2009 fix + SET (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /bigobj" ) ENDIF () ADD_DEFINITIONS(-DPLATFORM_WINDOWS -DPLATFORM=WINDOWS) IF (NOT ALEMBIC_ILMBASE_LINK_STATIC) @@ -223,19 +217,16 @@ # We only need boost if including PyAlembic, or using it in the lib IF (ALEMBIC_LIB_USES_BOOST OR USE_PYALEMBIC) INCLUDE("./cmake/AlembicBoost.cmake") - INCLUDE_DIRECTORIES(${Boost_INCLUDE_DIRS}) ENDIF() # IlmBase INCLUDE("./cmake/AlembicIlmBase.cmake") -INCLUDE_DIRECTORIES(${ALEMBIC_ILMBASE_INCLUDE_DIRECTORY}) # HDF5 IF (USE_HDF5) FIND_PACKAGE(ZLIB REQUIRED) SET(ALEMBIC_WITH_HDF5 "1") INCLUDE("./cmake/AlembicHDF5.cmake") - INCLUDE_DIRECTORIES(${HDF5_INCLUDE_DIRS}) SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DH5_USE_18_API") ENDIF() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/Doxyfile new/alembic-1.7.13/Doxyfile --- old/alembic-1.7.12/Doxyfile 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/Doxyfile 2020-07-11 21:02:41.000000000 +0200 @@ -38,7 +38,7 @@ # If a relative path is entered, it will be relative to the location # where doxygen was started. If left blank the current directory will be used. -OUTPUT_DIRECTORY = doc +OUTPUT_DIRECTORY = doc/Alembic # If the CREATE_SUBDIRS tag is set to YES, then doxygen will create # 4096 sub-directories (in 2 levels) under the output directory of each output @@ -574,14 +574,8 @@ # directories like "/usr/src/myproject". Separate the files or directories # with spaces. -INPUT = lib/Alembic/AbcCoreAbstract \ - lib/Alembic/AbcCoreHDF5 \ - lib/Alembic/Abc \ - lib/Alembic/AbcCollection \ - lib/Alembic/AbcGeom \ - lib/Alembic/AbcMaterial \ - lib/Alembic/Util \ - lib/Alembic/MD5Hash +INPUT = include/Alembic + # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is @@ -604,7 +598,7 @@ # should be searched for input files as well. Possible values are YES and NO. # If left blank NO is used. -RECURSIVE = NO +RECURSIVE = YES # The EXCLUDE tag can be used to specify files and/or directories that should # excluded from the INPUT source files. This way you can easily exclude a diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/NEWS.txt new/alembic-1.7.13/NEWS.txt --- old/alembic-1.7.12/NEWS.txt 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/NEWS.txt 2020-07-11 21:02:41.000000000 +0200 @@ -1,3 +1,30 @@ +2020-07-11, Alembic 1.7.13 +Thanks to your feedback and many issues submitted as well as a few pull requests +we have several bug fixes. + +API: + +Ogawa: Google generously setup AutoFuzz and it found several issues when +reading maliciously created files. These issues reported issues are fixed: +253-258, 269-272, 282, 283 (PR266) + +Maya: + +AbcImport: Add support for connecting MFnData::kFloatArray. + +Build: + +Fix issue where WFObjConvert headers were being put in the wrong place when +installed. (Issue 264) + +Partly address Issue 265 by making some adjustments to the Doxyfile and remove +a very old reference to MD5Hash in the very old Houdini SOP. + +Partly address issues outline in PR268, use MSVC instead of Windows variable +as they are Visual Studio specific flags and define +-Wno-error=implicit-fallthrough for CLANG and GCC 7 and up. + + 2019-10-25, Alembic 1.7.12 Thanks to your feedback and numerous pull requests we have several enhancements and bug fixes. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/examples/AbcClients/WFObjConvert/CMakeLists.txt new/alembic-1.7.13/examples/AbcClients/WFObjConvert/CMakeLists.txt --- old/alembic-1.7.12/examples/AbcClients/WFObjConvert/CMakeLists.txt 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/examples/AbcClients/WFObjConvert/CMakeLists.txt 2020-07-11 21:02:41.000000000 +0200 @@ -70,7 +70,7 @@ ARCHIVE DESTINATION ${ARCHIVE_INSTALL_DIR}) INSTALL(FILES ${PUBLIC_H_FILES} - DESTINATION include/AbcClients/WFObjConvert + DESTINATION include/Alembic/AbcClients/WFObjConvert PERMISSIONS OWNER_READ GROUP_READ WORLD_READ) IF (USE_TESTS AND USE_HDF5) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/houdini/SOP_AlembicIn/Makefile.hcustom new/alembic-1.7.13/houdini/SOP_AlembicIn/Makefile.hcustom --- old/alembic-1.7.12/houdini/SOP_AlembicIn/Makefile.hcustom 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/houdini/SOP_AlembicIn/Makefile.hcustom 2020-07-11 21:02:41.000000000 +0200 @@ -5,8 +5,7 @@ INCLUDES = -I $(ABCROOT) -LINKPATHS = -L $(ABCBUILDROOT)/MD5Hash \ - -L $(ABCBUILDROOT)/Util \ +LINKPATHS = -L $(ABCBUILDROOT)/Util \ -L $(ABCBUILDROOT)/AbcCoreAbstract \ -L $(ABCBUILDROOT)/AbcCoreOgawa \ -L $(ABCBUILDROOT)/AbcCoreHDF5 \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/Abc/Foundation.h new/alembic-1.7.13/lib/Alembic/Abc/Foundation.h --- old/alembic-1.7.12/lib/Alembic/Abc/Foundation.h 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/Abc/Foundation.h 2020-07-11 21:02:41.000000000 +0200 @@ -50,10 +50,10 @@ #include <string> #include <exception> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <assert.h> +#include <cstdlib> +#include <cstdio> +#include <cstring> +#include <cassert> namespace Alembic { namespace Abc { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/Abc/Tests/test1.cpp new/alembic-1.7.13/lib/Alembic/Abc/Tests/test1.cpp --- old/alembic-1.7.12/lib/Alembic/Abc/Tests/test1.cpp 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/Abc/Tests/test1.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -286,5 +286,7 @@ simpleTestOut(); simpleTestIn(); + Argument defArg; + ABCA_ASSERT(GetTimeSamplingIndex(defArg) == 0, "index should be 1"); return 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/ReadUtil.cpp new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/ReadUtil.cpp --- old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/ReadUtil.cpp 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/ReadUtil.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -1323,6 +1323,11 @@ curPod != Alembic::Util::kWstringPOD ), "Cannot convert the data to or from a string, or wstring." ); + if ( !iData ) + { + ABCA_THROW("ReadData invalid: Null IDataPtr."); + return; + } std::size_t dataSize = iData->getSize(); if ( dataSize < 16 ) @@ -1458,8 +1463,16 @@ iData->read( iData->getSize(), &( buf.front() ), 0, 0 ); std::size_t pos = 0; - while ( pos < buf.size() ) + std::size_t bufSize = buf.size(); + while ( pos < bufSize ) { + // make sure maxSample, tpc, and numSamples + // don't go beyond our butter + if ( pos + 8 + sizeof( chrono_t ) > bufSize) + { + ABCA_THROW("Read invalid: TimeSamples info."); + } + Util::uint32_t maxSample = *( (Util::uint32_t *)( &buf[pos] ) ); pos += 4; @@ -1471,6 +1484,12 @@ Util::uint32_t numSamples = *( (Util::uint32_t *)( &buf[pos] ) ); pos += 4; + // make sure our numSamples don't go beyond the buffer + if ( pos + sizeof( chrono_t ) * numSamples > bufSize) + { + ABCA_THROW("Read invalid: TimeSamples sample times."); + } + std::vector< chrono_t > sampleTimes( numSamples ); memcpy( &( sampleTimes.front() ), &buf[pos], sizeof( chrono_t ) * numSamples ); @@ -1516,13 +1535,24 @@ return; } - data->read( buf.size(), &( buf.front() ), 0, iThreadId ); + std::size_t bufSize = buf.size(); + data->read( bufSize, &( buf.front() ), 0, iThreadId ); std::size_t pos = 0; - while ( pos < buf.size() ) + while ( pos < bufSize ) { + if (pos + 4 > bufSize) + { + ABCA_THROW("Read invalid: Object Headers name size."); + } + Util::uint32_t nameSize = *( (Util::uint32_t *)( &buf[pos] ) ); pos += 4; + if (pos + nameSize + 1 > bufSize) + { + ABCA_THROW("Read invalid: Object Headers name and MetaData index."); + } + std::string name( &buf[pos], nameSize ); pos += nameSize; @@ -1534,18 +1564,33 @@ if ( metaDataIndex == 0xff ) { + if (pos + 4 > bufSize) + { + ABCA_THROW("Read invalid: Object Headers MetaData size."); + } + Util::uint32_t metaDataSize = *( (Util::uint32_t *)( &buf[pos] ) ); pos += 4; + if (pos + metaDataSize > bufSize) + { + ABCA_THROW("Read invalid: Object Headers MetaData string."); + } + std::string metaData( &buf[pos], metaDataSize ); pos += metaDataSize; objPtr->getMetaData().deserialize( metaData ); } - else + else if ( metaDataIndex < iMetaDataVec.size() ) { objPtr->getMetaData() = iMetaDataVec[metaDataIndex]; } + else + { + ABCA_THROW("Read invalid: Object Headers MetaData index."); + } + oHeaders.push_back( objPtr ); } @@ -1553,26 +1598,32 @@ //-***************************************************************************** Util::uint32_t GetUint32WithHint(const std::vector< char > & iBuf, + std::size_t iBufSize, Util::uint32_t iSizeHint, std::size_t & ioPos) { Util::uint32_t retVal = 0; - if ( iSizeHint == 0 ) + if ( iSizeHint == 0 && ioPos + 1 <= iBufSize ) { retVal = ( Util::uint32_t ) ( ( Util::uint8_t ) iBuf[ioPos] ); ioPos ++; } - else if ( iSizeHint == 1 ) + else if ( iSizeHint == 1 && ioPos + 2 <= iBufSize ) { retVal = ( Util::uint32_t )( *( (Util::uint16_t *)( &iBuf[ioPos] ) ) ); ioPos += 2; } - else if ( iSizeHint == 2 ) + else if ( iSizeHint == 2 && ioPos + 4 <= iBufSize ) { retVal = *( ( Util::uint32_t * )( &iBuf[ioPos] ) ); ioPos += 4; } + else + { + ABCA_THROW("Read invalid: Property Header bad uint32 hint."); + } + return retVal; } @@ -1643,10 +1694,16 @@ std::vector< char > buf( data->getSize() ); data->read( data->getSize(), &( buf.front() ), 0, iThreadId ); std::size_t pos = 0; - while ( pos < buf.size() ) + std::size_t bufSize = buf.size(); + while ( pos < bufSize ) { PropertyHeaderPtr header( new PropertyHeaderAndFriends() ); + if (pos + 4 > bufSize) + { + ABCA_THROW("Read invalid: Property header start."); + } + // first 4 bytes is always info Util::uint32_t info = *( (Util::uint32_t *)( &buf[pos] ) ); pos += 4; @@ -1698,15 +1755,15 @@ header->isHomogenous = ( info & 0x400 ) != 0; - header->nextSampleIndex = GetUint32WithHint( buf, sizeHint, pos ); + header->nextSampleIndex = GetUint32WithHint( buf, bufSize, sizeHint, pos ); if ( ( info & 0x0200 ) != 0 ) { header->firstChangedIndex = - GetUint32WithHint( buf, sizeHint, pos ); + GetUint32WithHint( buf, bufSize, sizeHint, pos ); header->lastChangedIndex = - GetUint32WithHint( buf, sizeHint, pos ); + GetUint32WithHint( buf, bufSize, sizeHint, pos ); } else if ( ( info & 0x800 ) != 0 ) { @@ -1722,7 +1779,7 @@ if ( ( info & 0x0100 ) != 0 ) { header->timeSamplingIndex = - GetUint32WithHint( buf, sizeHint, pos ); + GetUint32WithHint( buf, bufSize, sizeHint, pos ); header->header.setTimeSampling( iArchive.getTimeSampling( header->timeSamplingIndex ) ); @@ -1733,7 +1790,12 @@ } } - Util::uint32_t nameSize = GetUint32WithHint( buf, sizeHint, pos ); + Util::uint32_t nameSize = GetUint32WithHint( buf, bufSize, sizeHint, pos ); + + if (pos + nameSize > bufSize) + { + ABCA_THROW("Read invalid: Property Headers name."); + } std::string name( &buf[pos], nameSize ); header->header.setName( name ); @@ -1744,7 +1806,12 @@ if ( metaDataIndex == 0xff ) { Util::uint32_t metaDataSize = - GetUint32WithHint( buf, sizeHint, pos ); + GetUint32WithHint( buf, bufSize, sizeHint, pos ); + + if (pos + metaDataSize > bufSize) + { + ABCA_THROW("Read invalid: Property Header MetaData string."); + } std::string metaData( &buf[pos], metaDataSize ); pos += metaDataSize; @@ -1780,10 +1847,22 @@ // read as part of opening the archive so threadid 0 is ok iData->read( iData->getSize(), &( buf.front() ), 0, 0 ); std::size_t pos = 0; - while ( pos < buf.size() ) + std::size_t bufSize = buf.size(); + while ( pos < bufSize ) { + if (pos + 1 > bufSize) + { + ABCA_THROW("Read invalid: Indexed MetaData string size."); + } + // these are all small (less than 256 byte) meta data strings Util::uint8_t metaDataSize = buf[pos++]; + + if (pos + metaDataSize > bufSize) + { + ABCA_THROW("Read invalid: Indexed MetaData string."); + } + std::string metaData( &buf[pos], metaDataSize ); pos += metaDataSize; AbcA::MetaData md; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/ArchiveTests.cpp new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/ArchiveTests.cpp --- old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/ArchiveTests.cpp 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/ArchiveTests.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -406,6 +406,12 @@ TESTING_ASSERT_THROW(r( "garbage" ), Alembic::Util::Exception); } +void testIssue253(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + TESTING_ASSERT_THROW(r( "issue253.abc" ), Alembic::Util::Exception); +} + void runTests(bool iUseMMap) { testReadWriteEmptyArchive(iUseMMap); @@ -414,6 +420,8 @@ testReadWriteMaxNumSamplesArchive(iUseMMap); testGarbageArchive(iUseMMap); + + testIssue253(iUseMMap); } int main ( int argc, char *argv[] ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt --- old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt 2020-07-11 21:02:41.000000000 +0200 @@ -64,6 +64,9 @@ ADD_EXECUTABLE(AbcCoreOgawa_ConstantPropsTest ConstantPropsNumSampsTest.cpp) TARGET_LINK_LIBRARIES(AbcCoreOgawa_ConstantPropsTest Alembic) +ADD_EXECUTABLE(AbcCoreOgawa_FuzzTest fuzzTest.cpp) +TARGET_LINK_LIBRARIES(AbcCoreOgawa_FuzzTest Alembic) + ADD_TEST(AbcCoreOgawa_ArchiveTESTS AbcCoreOgawa_ArchiveTests) ADD_TEST(AbcCoreOgawa_ArrayPropertyTESTS AbcCoreOgawa_ArrayPropertyTests) ADD_TEST(AbcCoreOgawa_HashesTESTS AbcCoreOgawa_HashesTests) @@ -71,3 +74,17 @@ ADD_TEST(AbcCoreOgawa_TimeSamplingTESTS AbcCoreOgawa_TimeSamplingTests) ADD_TEST(AbcCoreOgawa_ObjectTESTS AbcCoreOgawa_ObjectTests) ADD_TEST(AbcCoreOgawa_ConstantPropsTest_TEST AbcCoreOgawa_ConstantPropsTest) +ADD_TEST(AbcCoreOgawa_FuzzTest_TEST AbcCoreOgawa_FuzzTest) + +file(COPY issue253.abc DESTINATION .) +file(COPY issue254.abc DESTINATION .) +file(COPY issue255.abc DESTINATION .) +file(COPY issue256.abc DESTINATION .) +file(COPY issue257.abc DESTINATION .) +file(COPY issue258.abc DESTINATION .) +file(COPY issue269.abc DESTINATION .) +file(COPY issue270.abc DESTINATION .) +file(COPY issue271.abc DESTINATION .) +file(COPY issue272.abc DESTINATION .) +file(COPY issue282.abc DESTINATION .) +file(COPY issue283.abc DESTINATION .) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp --- old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp 1970-01-01 01:00:00.000000000 +0100 +++ new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -0,0 +1,287 @@ +//-***************************************************************************** +// +// Copyright (c) 2020, +// Sony Pictures Imageworks Inc. and +// Industrial Light & Magic, a division of Lucasfilm Entertainment Company Ltd. +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Sony Pictures Imageworks, nor +// Industrial Light & Magic, nor the names of their contributors may be used +// to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +//-***************************************************************************** + +#include <Alembic/AbcCoreAbstract/All.h> +#include <Alembic/AbcCoreOgawa/All.h> +#include <Alembic/Util/All.h> + +#include <Alembic/AbcCoreAbstract/Tests/Assert.h> + +#include <fstream> +#include <sstream> +#include <vector> + +// for our scalar properties +std::vector<std::string> sampStrVec; +std::vector<std::wstring> sampWStrVec; +char samp[4096]; + +namespace ABCA = Alembic::AbcCoreAbstract; + +void walkProps(ABCA::CompoundPropertyReaderPtr parent) +{ + for (std::size_t i = 0; i < parent->getNumProperties(); ++i) + { + ABCA::CompoundPropertyReaderPtr childCompound = parent->getCompoundProperty(i); + if (childCompound) + { + walkProps(childCompound); + } + + ABCA::ScalarPropertyReaderPtr childScalar = parent->getScalarProperty(i); + if (childScalar) + { + if (childScalar->getDataType().getPod() == + Alembic::AbcCoreAbstract::kStringPOD) + { + sampStrVec.resize(childScalar->getDataType().getExtent()); + } + else if (childScalar->getDataType().getPod() == + Alembic::AbcCoreAbstract::kWstringPOD) + { + sampWStrVec.resize(childScalar->getDataType().getExtent()); + } + + for (std::size_t i = 0; i < childScalar->getNumSamples(); ++i) + { + if (childScalar->getDataType().getPod() == + Alembic::AbcCoreAbstract::kStringPOD) + { + childScalar->getSample(i, &sampStrVec.front()); + } + else if (childScalar->getDataType().getPod() == + Alembic::AbcCoreAbstract::kWstringPOD) + { + childScalar->getSample(i, &sampWStrVec.front()); + } + else + { + childScalar->getSample(i, samp); + } + } + } + + ABCA::ArrayPropertyReaderPtr childArray = parent->getArrayProperty(i); + if (childArray) + { + ABCA::ArraySamplePtr samp; + for (std::size_t i = 0; i < childArray->getNumSamples(); ++i) + { + childArray->getSample(i, samp); + } + } + } +} + +void walkObj(ABCA::ObjectReaderPtr parent) +{ + walkProps(parent->getProperties()); + for(std::size_t i = 0; i < parent->getNumChildren(); ++i) + { + ABCA::ObjectReaderPtr child = parent->getChild(i); + } +} + +void testIssue254(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue254.abc"); + try + { + walkObj(ar->getTop()); + } + catch(const std::exception& e) + { + std::string msg = "Ogawa IStreams::read failed."; + TESTING_ASSERT(msg == e.what()); + } + +} + +void testIssue255(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue255.abc"); + walkObj(ar->getTop()); + +} + +void testIssue256(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + r("issue256.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Read invalid: TimeSamples sample times."; + TESTING_ASSERT(msg == e.what()); + } + +} + +void testIssue257(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue257.abc"); + try + { + walkObj(ar->getTop()); + } + catch(const std::exception& e) + { + std::string msg = "Read invalid: Object Headers name and MetaData index."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testIssue258(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + r("issue258.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Read invalid: Indexed MetaData string."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testIssue269(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue269.abc"); + try + { + walkObj(ar->getTop()); + } + catch(const std::exception& e) + { + std::string msg = "ReadData invalid: Null IDataPtr."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testIssue270(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue270.abc"); + walkObj(ar->getTop()); +} + +void testIssue271(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue271.abc"); + walkObj(ar->getTop()); +} + +void testIssue272(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue272.abc"); + try + { + walkObj(ar->getTop()); + } + catch(const std::exception& e) + { + std::string msg = "Read invalid: Object Headers MetaData index."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testIssue282(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("issue282.abc"); + walkObj(ar->getTop()); +} + +void testIssue283(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + ABCA::ArchiveReaderPtr ar = r("issue283.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Invalid Alembic file."; + TESTING_ASSERT(msg == e.what()); + } +} + +int main ( int argc, char *argv[] ) +{ + testIssue254(true); + testIssue254(false); + + testIssue255(true); + testIssue255(false); + + testIssue256(true); + testIssue256(false); + + testIssue257(true); + testIssue257(false); + + testIssue258(true); + testIssue258(false); + + testIssue269(true); + testIssue269(false); + + testIssue270(true); + testIssue270(false); + + testIssue271(true); + testIssue271(false); + + testIssue272(true); + testIssue272(false); + + testIssue282(true); + testIssue282(false); + + testIssue283(true); + testIssue283(false); + + return 0; +} Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue253.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue253.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue254.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue254.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue255.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue255.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue256.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue256.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue257.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue257.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue258.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue258.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue269.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue269.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue270.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue270.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue271.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue271.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue272.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue272.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue282.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue282.abc differ Binary files old/alembic-1.7.12/lib/Alembic/AbcCoreOgawa/Tests/issue283.abc and new/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/issue283.abc differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/Ogawa/IGroup.cpp new/alembic-1.7.13/lib/Alembic/Ogawa/IGroup.cpp --- old/alembic-1.7.12/lib/Alembic/Ogawa/IGroup.cpp 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/Ogawa/IGroup.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -76,6 +76,14 @@ mData->pos = iPos; mData->streams->read(iThreadIndex, iPos, 8, &mData->numChildren); + // make sure we don't have a maliciously bad number of children + if ( mData->numChildren > (mData->streams->getSize() / 8) || + mData->numChildren == 0 ) + { + mData->numChildren = 0; + return; + } + // 0 should NOT have been written, this groups should have been the // special EMPTY_GROUP instead diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/Ogawa/IStreams.cpp new/alembic-1.7.13/lib/Alembic/Ogawa/IStreams.cpp --- old/alembic-1.7.12/lib/Alembic/Ogawa/IStreams.cpp 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/Ogawa/IStreams.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -80,6 +80,9 @@ virtual bool read(std::size_t iThreadId, Alembic::Util::uint64_t iPos, Alembic::Util::uint64_t iSize, void* oBuf) = 0; + + // not all streams have a size + virtual Alembic::Util::uint64_t size() {return 0xffffffffffffffff;}; }; typedef Alembic::Util::shared_ptr<IStreamReader> IStreamReaderPtr; @@ -172,6 +175,18 @@ } } + static int getFileLength(FileDescriptor iFile, Alembic::Util::uint64_t & oLength) + { + struct __stat64 buf; + + int err = _fstat64(iFile, &buf); + if (err < 0) return -1; + if (buf.st_size < 0) return -1; + + oLength = static_cast<Alembic::Util::uint64_t>(buf.st_size); + return 0; + } + static bool readFile(FileDescriptor iFid, void * oBuf, Alembic::Util::uint64_t iOffset, @@ -236,6 +251,18 @@ } } + static int getFileLength(FileDescriptor iFile, Alembic::Util::uint64_t & oLength) + { + struct stat buf; + + int err = fstat(iFile, &buf); + if (err < 0) return -1; + if (buf.st_size < 0) return -1; + + oLength = static_cast<size_t>(buf.st_size); + return 0; + } + static bool readFile(FileDescriptor iFid, void* oBuf, Alembic::Util::uint64_t iOffset, Alembic::Util::uint64_t iSize) @@ -283,7 +310,11 @@ : nstreams(iNumStreams) { fid = openFile(iFileName.c_str(), O_RDONLY); - + fileLen = 0; + if (getFileLength(fid, fileLen) < 0) + { + fileLen = 0; + } // don't check the return value here // IStream::init() will check isOpen } @@ -303,18 +334,29 @@ return (fid > -1); } + Alembic::Util::uint64_t size() + { + return fileLen; + } + bool read(std::size_t /*iTheadId*/, Alembic::Util::uint64_t iPos, Alembic::Util::uint64_t iSize, void* oBuf) { // Ignore the iThread. There's no need to lock. if (!isOpen()) return false; + if (fileLen < iSize && fileLen < iSize + iPos) + { + return false; + } + return readFile(fid, oBuf, iPos, iSize); } private: FileDescriptor fid; size_t nstreams; + Alembic::Util::uint64_t fileLen; }; @@ -514,10 +556,15 @@ return nstreams; } + Alembic::Util::uint64_t size() + { + return static_cast<Alembic::Util::uint64_t>(mappedRegion.len); + } + bool read(std::size_t iStream, Alembic::Util::uint64_t iPos, Alembic::Util::uint64_t iSize, void* oBuf) { - if (iPos + iSize > mappedRegion.len) return false; + if (iSize > mappedRegion.len || iPos > mappedRegion.len || iPos + iSize > mappedRegion.len) return false; const char* p = static_cast<const char*>(mappedRegion.p) + iPos; std::memcpy(oBuf, p, iSize); @@ -569,6 +616,7 @@ valid = false; frozen = false; version = 0; + size = 0; } void init(IStreamReaderPtr iReader, size_t iNumStreams) @@ -608,16 +656,18 @@ bool filefrozen = (header[5] == char(0xff)); Alembic::Util::uint16_t fileversion = (header[6] << 8) | header[7]; Alembic::Util::uint64_t groupPos = *((Alembic::Util::uint64_t*) (&(header[8]))); + Alembic::Util::uint64_t filesize = iReader->size(); if (i == 0) { firstGroupPos = groupPos; frozen = filefrozen; version = fileversion; + size = filesize; } // all the streams have to agree, or we are invalid else if (firstGroupPos != groupPos || frozen != filefrozen || - version != fileversion) + version != fileversion || size != filesize) { frozen = false; valid = false; @@ -638,18 +688,11 @@ bool valid; bool frozen; Alembic::Util::uint16_t version; + Alembic::Util::uint64_t size; IStreamReaderPtr reader; }; - -namespace -{ -} // anonymous namespace - - - - IStreams::IStreams(const std::string & iFileName, std::size_t iNumStreams, bool iUseMMap) : mData(new IStreams::PrivateData()) @@ -685,6 +728,11 @@ return mData->version; } +Alembic::Util::uint64_t IStreams::getSize() +{ + return mData->size; +} + void IStreams::read(std::size_t iThreadId, Alembic::Util::uint64_t iPos, Alembic::Util::uint64_t iSize, void * oBuf) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/Ogawa/IStreams.h new/alembic-1.7.13/lib/Alembic/Ogawa/IStreams.h --- old/alembic-1.7.12/lib/Alembic/Ogawa/IStreams.h 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/Ogawa/IStreams.h 2020-07-11 21:02:41.000000000 +0200 @@ -58,6 +58,8 @@ bool isFrozen(); Alembic::Util::uint16_t getVersion(); + Alembic::Util::uint64_t getSize(); + // locks on the threadId, seeks to iPos, and reads iSize bytes into oBuf void read(std::size_t iThreadId, Alembic::Util::uint64_t iPos, Alembic::Util::uint64_t iSize, void * oBuf); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/lib/Alembic/Util/Foundation.h new/alembic-1.7.13/lib/Alembic/Util/Foundation.h --- old/alembic-1.7.12/lib/Alembic/Util/Foundation.h 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/lib/Alembic/Util/Foundation.h 2020-07-11 21:02:41.000000000 +0200 @@ -76,10 +76,10 @@ #include <string> #include <vector> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <assert.h> +#include <cstdio> +#include <cstdlib> +#include <cstring> +#include <cassert> #include <Alembic/Util/Export.h> @@ -101,6 +101,10 @@ // needed for std min/max #include <algorithm> +// When we change this version (because of an ABI change) Make sure to at +// LEAST bump the minor version in CMakeLists.txt i.e. PROJECT_VERSION_MINOR +// This way we will hopefully not break any distros that kindly include us. +// See Issue243 #ifndef ALEMBIC_VERSION_NS #define ALEMBIC_VERSION_NS v12 #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.12/maya/AbcImport/AlembicNode.cpp new/alembic-1.7.13/maya/AbcImport/AlembicNode.cpp --- old/alembic-1.7.12/maya/AbcImport/AlembicNode.cpp 2019-10-26 06:47:57.000000000 +0200 +++ new/alembic-1.7.13/maya/AbcImport/AlembicNode.cpp 2020-07-11 21:02:41.000000000 +0200 @@ -73,8 +73,6 @@ #endif #include <Alembic/AbcCoreFactory/IFactory.h> -#include <Alembic/AbcCoreHDF5/ReadWrite.h> -#include <Alembic/AbcCoreOgawa/ReadWrite.h> #include <Alembic/AbcGeom/Visibility.h> MObject AlembicNode::mTimeAttr; @@ -325,6 +323,7 @@ status = gAttr.addDataAccept(MFnData::kString); status = gAttr.addDataAccept(MFnData::kIntArray); status = gAttr.addDataAccept(MFnData::kDoubleArray); + status = gAttr.addDataAccept(MFnData::kFloatArray); status = gAttr.addDataAccept(MFnData::kVectorArray); status = gAttr.addDataAccept(MFnData::kPointArray);
