Hello community, here is the log from the commit of package alembic for openSUSE:Factory checked in at 2020-08-29 20:35:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/alembic (Old) and /work/SRC/openSUSE:Factory/.alembic.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "alembic" Sat Aug 29 20:35:41 2020 rev:4 rq:829725 version:1.7.14 Changes: -------- --- /work/SRC/openSUSE:Factory/alembic/alembic.changes 2020-08-18 12:25:47.887841274 +0200 +++ /work/SRC/openSUSE:Factory/.alembic.new.3399/alembic.changes 2020-08-29 20:35:48.229299999 +0200 @@ -1,0 +2,12 @@ +Wed Aug 26 07:23:36 UTC 2020 - Dirk Mueller <[email protected]> + +- update to 1.7.14: + * Fix another Fuzzer issue with Ogawa::IData allocating too much memory + because of a malicious file. Add tests for Fuzzer issues: + 24846, 24853, 24598, 25051, and 25081. (PR296) + * Remove Murmur3 from the LICENSE.txt since it was moved into the public domain + a while ago, and is reflected as such in the code. (Issue 292) + * Fix uninitialized member variable in OTypedGeomParam. (PR290) + * Remove some unused local functions. (Issue 293) + +------------------------------------------------------------------- Old: ---- alembic-1.7.13.tar.gz New: ---- alembic-1.7.14.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ alembic.spec ++++++ --- /var/tmp/diff_new_pack.7IHvvs/_old 2020-08-29 20:35:50.653301021 +0200 +++ /var/tmp/diff_new_pack.7IHvvs/_new 2020-08-29 20:35:50.657301022 +0200 @@ -19,7 +19,7 @@ %define libname libAlembic1_7 Name: alembic -Version: 1.7.13 +Version: 1.7.14 Release: 0 Summary: Computer graphics interchange framework License: BSD-3-Clause ++++++ alembic-1.7.13.tar.gz -> alembic-1.7.14.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/CMakeLists.txt new/alembic-1.7.14/CMakeLists.txt --- old/alembic-1.7.13/CMakeLists.txt 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/CMakeLists.txt 2020-08-22 22:39:19.000000000 +0200 @@ -51,7 +51,7 @@ # Declare the project version SET(PROJECT_VERSION_MAJOR "1") SET(PROJECT_VERSION_MINOR "7") -SET(PROJECT_VERSION_PATCH "13") +SET(PROJECT_VERSION_PATCH "14") SET(PROJECT_VERSION ${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}) SET(VERSION ${PROJECT_VERSION}) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/LICENSE.txt new/alembic-1.7.14/LICENSE.txt --- old/alembic-1.7.13/LICENSE.txt 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/LICENSE.txt 2020-08-22 22:39:19.000000000 +0200 @@ -88,29 +88,3 @@ WHETHER IN CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -MurmurHash3 ------------------------------------------------------------------------- - -The MIT License (MIT) - -Copyright (c) <year> <copyright holders> - -Permission is hereby granted, free of charge, to any person obtaining a -copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be included -in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/NEWS.txt new/alembic-1.7.14/NEWS.txt --- old/alembic-1.7.13/NEWS.txt 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/NEWS.txt 2020-08-22 22:39:19.000000000 +0200 @@ -1,3 +1,38 @@ +2020-07-22, Alembic 1.7.14 +Thanks to your feedback,issues, and pull requests we have several bug fixes and +a few enhancements. + +API: + +Ogawa: + +Fix another Fuzzer issue with Ogawa::IData allocating too much memory +because of a malicious file. Add tests for Fuzzer issues: +24846, 24853, 24598, 25051, and 25081. (PR296) + +Add support for the Haiku OS. (PR298) + +Murmur3: + +Add preprocessor define to support FreeBSD. (Issue 288) + +Remove Murmur3 from the LICENSE.txt since it was moved into the public domain +a while ago, and is reflected as such in the code. (Issue 292) + +AbcGeom: + +Fix uninitialized member variable in OTypedGeomParam. (PR290) + +HDF: + +Remove some unused local functions. (Issue 293) + +Python bindings: + +Add GetArchiveStartAndEndTime. (PR291) + +Add optional dccFPS to the GetArchiveInfo dict. (PR294) + 2020-07-11, Alembic 1.7.13 Thanks to your feedback and many issues submitted as well as a few pull requests we have several bug fixes. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/AbcCoreHDF5/StringReadUtil.cpp new/alembic-1.7.14/lib/Alembic/AbcCoreHDF5/StringReadUtil.cpp --- old/alembic-1.7.13/lib/Alembic/AbcCoreHDF5/StringReadUtil.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/AbcCoreHDF5/StringReadUtil.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -63,19 +63,6 @@ } //-***************************************************************************** -// We always use little-endian types in the file itself. -// We also always use 32-bits for the wchars, even if on Windows wchar is -// only 16-bits. -template <class CharT> -static inline hid_t GetFileDtype(); - -template <> -inline hid_t GetFileDtype<char>() { return H5T_STD_I8LE; } - -template <> -inline hid_t GetFileDtype<wchar_t>() { return H5T_STD_I32LE; } - -//-***************************************************************************** template <class StringT, class CharT> void ReadStringT( hid_t iParent, @@ -154,7 +141,7 @@ ABCA_ASSERT( attrSpace >= 0, "Couldn't get dataspace for attribute: " << iAttrName ); DspaceCloser dspaceCloser( attrSpace ); - + H5S_class_t attrSpaceClass = H5Sget_simple_extent_type( attrSpace ); ABCA_ASSERT( attrSpaceClass == H5S_SCALAR, "Tried to read non-scalar attribute: " << iAttrName @@ -516,16 +503,16 @@ << std::endl << "Expecting rank: " << hdims.rank() << " instead was: " << rank ); - + dims = hdims; ABCA_ASSERT( dims.numPoints() > 0, "Degenerate dims in Dataset read" ); - + // Create temporary char storage buffer. size_t totalNumChars = dims.numPoints() + 1; std::vector<CharT> charStorage( totalNumChars, ( CharT )0 ); - + // Read into it. herr_t status = H5Dread( dsetId, GetNativeDtype<CharT>(), H5S_ALL, H5S_ALL, H5P_DEFAULT, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/StreamManager.cpp new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/StreamManager.cpp --- old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/StreamManager.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/StreamManager.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -67,6 +67,14 @@ return 0; } +#elif defined( __HAIKU__ ) + +#define COMPARE_EXCHANGE( V, COMP, EXCH ) __atomic_compare_exchange_n( &V, &COMP, EXCH, false, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST ) +#include <strings.h> +int ffsll(long long i) +{ + return (__builtin_ffsll(i)); +} // gcc 4.8 and above not using C++11 #elif defined(__GNUC__) && __GNUC__ >= 4 && __GNUC_MINOR__ >= 8 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt --- old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/CMakeLists.txt 2020-08-22 22:39:19.000000000 +0200 @@ -88,3 +88,8 @@ file(COPY issue272.abc DESTINATION .) file(COPY issue282.abc DESTINATION .) file(COPY issue283.abc DESTINATION .) +file(COPY fuzzer_issue24846.abc DESTINATION .) +file(COPY fuzzer_issue24853.abc DESTINATION .) +file(COPY fuzzer_issue24598.abc DESTINATION .) +file(COPY fuzzer_issue25051.abc DESTINATION .) +file(COPY fuzzer_issue25081.abc DESTINATION .) \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp --- old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzTest.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -125,7 +125,7 @@ } catch(const std::exception& e) { - std::string msg = "Ogawa IStreams::read failed."; + std::string msg = "Ogawa IData illegal size."; TESTING_ASSERT(msg == e.what()); } @@ -248,6 +248,78 @@ } } +void testFuzzer24846(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + ABCA::ArchiveReaderPtr ar = r("fuzzer_issue24846.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Ogawa IData illegal size."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testFuzzer24853(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + ABCA::ArchiveReaderPtr ar = r("fuzzer_issue24853.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Ogawa IData illegal size."; + TESTING_ASSERT(msg == e.what()); + } +} + + +void testFuzzer24598(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + ABCA::ArchiveReaderPtr ar = r("fuzzer_issue24598.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Ogawa IData illegal size."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testFuzzer25051(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + try + { + ABCA::ArchiveReaderPtr ar = r("fuzzer_issue25051.abc"); + } + catch(const std::exception& e) + { + std::string msg = "Ogawa IData illegal size."; + TESTING_ASSERT(msg == e.what()); + } +} + +void testFuzzer25081(bool iUseMMap) +{ + Alembic::AbcCoreOgawa::ReadArchive r(1, iUseMMap); + ABCA::ArchiveReaderPtr ar = r("fuzzer_issue25081.abc"); + try + { + walkObj(ar->getTop()); + } + catch(const std::exception& e) + { + std::string msg = "Invalid data in CprImpl(Object)"; + TESTING_ASSERT(msg == e.what()); + } +} + int main ( int argc, char *argv[] ) { testIssue254(true); @@ -283,5 +355,20 @@ testIssue283(true); testIssue283(false); + testFuzzer24846(true); + testFuzzer24846(false); + + testFuzzer24853(true); + testFuzzer24853(false); + + testFuzzer24598(true); + testFuzzer24598(false); + + testFuzzer25051(true); + testFuzzer25051(false); + + testFuzzer25081(true); + testFuzzer25081(false); + return 0; } Binary files old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue24598.abc and new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue24598.abc differ Binary files old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue24846.abc and new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue24846.abc differ Binary files old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue24853.abc and new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue24853.abc differ Binary files old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue25051.abc and new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue25051.abc differ Binary files old/alembic-1.7.13/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue25081.abc and new/alembic-1.7.14/lib/Alembic/AbcCoreOgawa/Tests/fuzzer_issue25081.abc differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/AbcGeom/OGeomParam.h new/alembic-1.7.14/lib/Alembic/AbcGeom/OGeomParam.h --- old/alembic-1.7.13/lib/Alembic/AbcGeom/OGeomParam.h 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/AbcGeom/OGeomParam.h 2020-08-22 22:39:19.000000000 +0200 @@ -141,7 +141,12 @@ } - OTypedGeomParam() {} + OTypedGeomParam() + : m_isIndexed(false) + , m_scope(kUnknownScope) + + { + } OTypedGeomParam( OCompoundProperty iParent, const std::string &iName, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/Ogawa/IData.cpp new/alembic-1.7.14/lib/Alembic/Ogawa/IData.cpp --- old/alembic-1.7.13/lib/Alembic/Ogawa/IData.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/Ogawa/IData.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -80,7 +80,14 @@ if ( mData->pos != 0 ) { mData->streams->read(iThreadId, mData->pos, 8, &size); - mData->size = size; + if (mData->streams->getSize() < size) + { + throw std::runtime_error("Ogawa IData illegal size."); + } + else + { + mData->size = size; + } } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/Ogawa/IStreams.cpp new/alembic-1.7.14/lib/Alembic/Ogawa/IStreams.cpp --- old/alembic-1.7.13/lib/Alembic/Ogawa/IStreams.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/Ogawa/IStreams.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -38,7 +38,8 @@ #include <stdexcept> -#if defined (__unix__) || (defined (__APPLE__) && defined (__MACH__)) +#if defined (__unix__) || defined (__HAIKU__) || \ + (defined (__APPLE__) && defined (__MACH__)) #include <sys/mman.h> #include <sys/stat.h> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/lib/Alembic/Util/Murmur3.cpp new/alembic-1.7.14/lib/Alembic/Util/Murmur3.cpp --- old/alembic-1.7.13/lib/Alembic/Util/Murmur3.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/lib/Alembic/Util/Murmur3.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -39,7 +39,7 @@ #include <Alembic/Util/Murmur3.h> #include <Alembic/Util/PlainOldDataType.h> -#ifdef __APPLE__ +#if defined(__APPLE__) || defined(__FreeBSD__) #include <machine/endian.h> #elif !defined(_MSC_VER) #include <endian.h> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/python/PyAlembic/PyArchiveInfo.cpp new/alembic-1.7.14/python/PyAlembic/PyArchiveInfo.cpp --- old/alembic-1.7.13/python/PyAlembic/PyArchiveInfo.cpp 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/python/PyAlembic/PyArchiveInfo.cpp 2020-08-22 22:39:19.000000000 +0200 @@ -83,24 +83,40 @@ AbcU::uint32_t libraryVersion; std::string whenWritten; std::string userDescription; + double dccFPS; Abc::GetArchiveInfo( iArchive, appName, libraryVersionString, libraryVersion, whenWritten, - userDescription ); + userDescription, + dccFPS ); dict info; info["appName"] = appName; info["libraryVersionString"] = libraryVersionString; info["libraryVersion"] = libraryVersion; info["whenWritten"] = whenWritten; info["userDescription"] = userDescription; + if ( dccFPS > 0.0 ) + { + info["dccFPS"] = dccFPS; + } return info; } //-***************************************************************************** +static tuple GetArchiveStartAndEndTimeWrapper( Abc::IArchive& iArchive ) +{ + double oStart; + double oEnd; + Abc::GetArchiveStartAndEndTime( iArchive, oStart, oEnd ); + + return make_tuple( oStart, oEnd ); +} + +//-***************************************************************************** void register_archiveinfo() { def( "CreateArchiveWithInfo", @@ -113,6 +129,11 @@ GetArchiveInfoWrapper, ( arg( "IArchive" ) ), "Return a dictionary that contains info of the given IArchive" ); + def( "GetArchiveStartAndEndTime", + GetArchiveStartAndEndTimeWrapper, + ( arg( "IArchive" ) ), + "Return tuple of start and end time for the IArchive using only the " + "TimeSamplings" ); def( "GetLibraryVersionShort", AbcA::GetLibraryVersionShort, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/alembic-1.7.13/python/PyAlembic/Tests/testLayer.py new/alembic-1.7.14/python/PyAlembic/Tests/testLayer.py --- old/alembic-1.7.13/python/PyAlembic/Tests/testLayer.py 2020-07-11 21:02:41.000000000 +0200 +++ new/alembic-1.7.14/python/PyAlembic/Tests/testLayer.py 2020-08-22 22:39:19.000000000 +0200 @@ -75,7 +75,7 @@ def testObjIn(): """read the archives as layered to test layering on objects""" - arch = IArchive(['layerObjA.abc', 'layerObjB.abc']) + arch = IArchive(['layerObjB.abc', 'layerObjA.abc']) obj = arch.getTop() assert obj.getNumChildren() == 2 @@ -129,7 +129,7 @@ def testPropIn(): """read the archives as layered to test property layering""" - arch = IArchive(['layerPropA.abc', 'layerPropB.abc']) + arch = IArchive(['layerPropB.abc', 'layerPropA.abc']) prop = arch.getTop().getProperties() assert prop.getNumProperties() == 2 @@ -170,4 +170,4 @@ test[1]() print "passed" -print "" \ No newline at end of file +print ""
