From 3e18fc97743579cf59f2770074b2948e9d309983 Mon Sep 17 00:00:00 2001 From: maxice8 Date: Tue, 2 Oct 2018 16:53:23 -0300 Subject: [PATCH] jasper: fix CVE-2018-9055 --- srcpkgs/jasper/patches/CVE-2018-9055.patch | 61 ++++++++++++++++++++++ srcpkgs/jasper/template | 5 +- 2 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 srcpkgs/jasper/patches/CVE-2018-9055.patch diff --git a/srcpkgs/jasper/patches/CVE-2018-9055.patch b/srcpkgs/jasper/patches/CVE-2018-9055.patch new file mode 100644 index 0000000000..34a06d9827 --- /dev/null +++ b/srcpkgs/jasper/patches/CVE-2018-9055.patch @@ -0,0 +1,61 @@ +From a7cfb760db46d2405dd180bc7c302f6311e605a3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fridrich=20=C5=A0trba?= +Date: Thu, 29 Mar 2018 16:33:15 +0200 +Subject: [PATCH] CVE-2018-9055 + +--- + src/libjasper/jpc/jpc_math.c | 4 ++-- + src/libjasper/jpc/jpc_math.h | 5 +++-- + 2 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/src/libjasper/jpc/jpc_math.c b/src/libjasper/jpc/jpc_math.c +index 2b70844..1b18880 100644 +--- a/src/libjasper/jpc/jpc_math.c ++++ b/src/libjasper/jpc/jpc_math.c +@@ -86,7 +86,7 @@ + + /* Calculate the integer quantity floor(log2(x)), where x is a positive + integer. */ +-int jpc_floorlog2(int x) ++int jpc_floorlog2(int_fast32_t x) + { + int y; + +@@ -105,7 +105,7 @@ int jpc_floorlog2(int x) + integer. */ + /* This function is the basically the same as ceillog2(x), except that the + allowable range for x is slightly different. */ +-int jpc_firstone(int x) ++int jpc_firstone(int_fast32_t x) + { + int n; + +diff --git a/src/libjasper/jpc/jpc_math.h b/src/libjasper/jpc/jpc_math.h +index e8e0978..0b75f4f 100644 +--- a/src/libjasper/jpc/jpc_math.h ++++ b/src/libjasper/jpc/jpc_math.h +@@ -67,6 +67,7 @@ + \******************************************************************************/ + + #include ++#include + + /******************************************************************************\ + * Macros +@@ -90,10 +91,10 @@ + + /* Calculate the bit position of the first leading one in a nonnegative + integer. */ +-int jpc_firstone(int x); ++int jpc_firstone(int_fast32_t x); + + /* Calculate the integer quantity floor(log2(x)), where x is a positive + integer. */ +-int jpc_floorlog2(int x); ++int jpc_floorlog2(int_fast32_t x); + + #endif +-- +2.16.2 + + diff --git a/srcpkgs/jasper/template b/srcpkgs/jasper/template index c06c2a3192..c49057f6a8 100644 --- a/srcpkgs/jasper/template +++ b/srcpkgs/jasper/template @@ -1,7 +1,8 @@ -# Template build file for 'jasper'. +# Template file for 'jasper' pkgname=jasper version=2.0.14 -revision=1 +revision=2 +patch_args="-Np1" wrksrc="${pkgname}-version-${version}" build_style=cmake makedepends="libjpeg-turbo-devel"