[arch-commits] Commit in libjpeg-turbo/trunk (PKGBUILD cve-2013-6629.patch)

Wed Dec 11 04:56:05 UTC 2013

Date: Wednesday, December 11, 2013 @ 05:56:04
  Author: bisson
Revision: 201419

fix FS#38094

Added:
  libjpeg-turbo/trunk/cve-2013-6629.patch
Modified:
  libjpeg-turbo/trunk/PKGBUILD

---------------------+
 PKGBUILD            |   13 ++++++++++---
 cve-2013-6629.patch |   36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================

--- PKGBUILD	2013-12-10 21:39:15 UTC (rev 201418)
+++ PKGBUILD	2013-12-11 04:56:04 UTC (rev 201419)
@@ -5,19 +5,26 @@
 
 pkgname=libjpeg-turbo
 pkgver=1.3.0
-pkgrel=3
+pkgrel=4
 pkgdesc='JPEG image codec with accelerated baseline compression and decompression'
 url='http://libjpeg-turbo.virtualgl.org/'
 license=('GPL' 'custom')
 arch=('i686' 'x86_64')
 makedepends=('nasm')
-source=("http://downloads.sourceforge.net/project/${pkgname}/${pkgver}/${pkgname}-${pkgver}.tar.gz")
-sha1sums=('1792c964b35604cebd3a8846f1ca6de5976e9c28')
+source=("http://downloads.sourceforge.net/project/${pkgname}/${pkgver}/${pkgname}-${pkgver}.tar.gz"
+        'cve-2013-6629.patch')
+sha1sums=('1792c964b35604cebd3a8846f1ca6de5976e9c28'
+          '10f2cf2276244d2b94d35bfca24639bc83ce1185')
 
 provides=('libjpeg=8.0.2' 'turbojpeg')
 conflicts=('libjpeg' 'turbojpeg')
 replaces=('libjpeg' 'turbojpeg')
 
+prepare() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+	patch -i ../cve-2013-6629.patch # FS#38094
+}
+
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
 	./configure --prefix=/usr --with-jpeg8 --mandir=/usr/share/man

Added: cve-2013-6629.patch
===================================================================
--- cve-2013-6629.patch	                        (rev 0)
+++ cve-2013-6629.patch	2013-12-11 04:56:04 UTC (rev 201419)
@@ -0,0 +1,36 @@
+Index: jdmarker.c
+===================================================================
+--- jdmarker.c	(revision 1088)
++++ jdmarker.c	(revision 1089)
+@@ -304,7 +304,7 @@
+ /* Process a SOS marker */
+ {
+   INT32 length;
+-  int i, ci, n, c, cc;
++  int i, ci, n, c, cc, pi;
+   jpeg_component_info * compptr;
+   INPUT_VARS(cinfo);
+ 
+@@ -348,6 +348,13 @@
+     
+     TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
+ 	     compptr->dc_tbl_no, compptr->ac_tbl_no);
++
++    /* This CSi (cc) should differ from the previous CSi */
++    for (pi = 0; pi < i; pi++) {
++      if (cinfo->cur_comp_info[pi] == compptr) {
++        ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
++      }
++    }
+   }
+ 
+   /* Collect the additional scan parameters Ss, Se, Ah/Al. */
+@@ -465,6 +472,8 @@
+     for (i = 0; i < count; i++)
+       INPUT_BYTE(cinfo, huffval[i], return FALSE);
+ 
++    MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));
++
+     length -= count;
+ 
+     if (index & 0x10) {		/* AC table definition */


