[arch-commits] Commit in jasper/repos (3 files)

Levente Polyak anthraxx at archlinux.org
Wed Jan 13 23:53:12 UTC 2021 

    Date: Wednesday, January 13, 2021 @ 23:53:12
  Author: anthraxx
Revision: 406217

archrelease: copy trunk to testing-x86_64

Added:
  jasper/repos/testing-x86_64/
  jasper/repos/testing-x86_64/PKGBUILD
    (from rev 406216, jasper/trunk/PKGBUILD)
  jasper/repos/testing-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch
    (from rev 406216, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch)

---------------------------------------------------+
 PKGBUILD                                          |   82 ++++++++++++++++++++
 jasper-1.900.1-fix-filename-buffer-overflow.patch |   37 +++++++++
 2 files changed, 119 insertions(+)

Copied: jasper/repos/testing-x86_64/PKGBUILD (from rev 406216, jasper/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD	                        (rev 0)
+++ testing-x86_64/PKGBUILD	2021-01-13 23:53:12 UTC (rev 406217)
@@ -0,0 +1,82 @@
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Maintainer: Eric Bélanger <eric at archlinux.org>
+
+pkgbase=jasper
+pkgname=('jasper' 'jasper-doc')
+pkgver=2.0.24
+pkgrel=1
+pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard'
+url='https://www.ece.uvic.ca/~mdadams/jasper/'
+arch=('x86_64')
+license=('custom:JasPer2.0')
+makedepends=('glibc' 'libjpeg' 'freeglut' 'libxmu' 'glu' 'cmake' 'doxygen')
+options=('staticlibs')
+source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz
+        jasper-1.900.1-fix-filename-buffer-overflow.patch)
+sha512sums=('9e3c6b236844d5a25d9f75cfd55de9d1137b2c3f46d5646761fd501fefc6386ffbf935d2d806d9a28fa351569afd90d1fed494ef929615beca3a0dd0f8247e04'
+            'b8d798bf75523c5db263783e42c653dd0cb03deee90be32eddf878bb6893cca02abadd94de6a8c737a5b7fe76f7fb245979f010765e6a95fc520b215e3a2a7f0')
+b2sums=('20535ca3de34b28ef0f759411de105df56458d2b4dfecb912868fe7cd18b4879ee884f18b895d4e9f9a52520ecdd8acedb701c01e20948bac14e30779e5149ca'
+        '9b1927a437ed9b32491f07a210600b5a7d10711ec954dadc030a8238b67e9c6d1a8e67956fd7a5515e7060f0a1651fa86763e21d6d20592f8f00e9d3260722a1')
+
+prepare() {
+  cd ${pkgbase}-version-${pkgver}
+  patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch"
+  sed -r 's|(CMAKE_SKIP_BUILD_RPATH) FALSE|\1 TRUE|g' -i CMakeLists.txt
+}
+
+build() {
+  cd ${pkgbase}-version-${pkgver}
+
+  local options=(
+    -DCMAKE_INSTALL_PREFIX=/usr
+    -DCMAKE_INSTALL_LIBDIR=lib
+    -DCMAKE_BUILD_TYPE=Release
+    -DJAS_ENABLE_OPENGL=ON
+    -DJAS_ENABLE_LIBJPEG=ON
+    -DJAS_ENABLE_AUTOMATIC_DEPENDENCIES=OFF
+    -DCMAKE_SKIP_RPATH=ON
+  )
+
+  echo "Building static lib..."
+  cmake \
+    -B build-static \
+    "${options[@]}" \
+    -DJAS_ENABLE_SHARED=OFF
+  make -C build-static
+
+  echo "Building shared lib..."
+  cmake \
+    -B build-shared \
+    "${options[@]}" \
+    -DJAS_ENABLE_SHARED=ON
+  make -C build-shared
+}
+
+check() {
+  cd ${pkgbase}-version-${pkgver}/build-static
+  make -j1 test
+}
+
+package_jasper() {
+  depends=('glibc' 'libjpeg' 'libjpeg.so')
+  optdepends=('jasper-doc: documentation'
+              'freeglut: jiv support'
+              'glu: jiv support')
+  provides=('libjasper.so')
+  cd ${pkgbase}-version-${pkgver}
+  make -C build-static DESTDIR="${pkgdir}" install
+  make -C build-shared DESTDIR="${pkgdir}" install
+  install -Dm 644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
+  rm -r "${pkgdir}/usr/share/doc"
+}
+
+package_jasper-doc() {
+  pkgdesc+=' (documentation)'
+  optdepends=('jasper')
+  cd ${pkgbase}-version-${pkgver}
+  make -C build-shared DESTDIR="${pkgdir}" install
+  install -Dm 644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
+  rm -rf "${pkgdir}/usr/"{bin,include,lib,share/man}
+}
+
+# vim: ts=2 sw=2 et:

Copied: jasper/repos/testing-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 406216, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch)
===================================================================
--- testing-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch	                        (rev 0)
+++ testing-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch	2021-01-13 23:53:12 UTC (rev 406217)
@@ -0,0 +1,37 @@
+Description: Filename buffer overflow fix
+ This patch fixes a security hole by a bad buffer size handling.
+Author: Roland Stigge <stigge at antcom.de>
+Bug-Debian: http://bugs.debian.org/645118
+
+--- a/src/libjasper/include/jasper/jas_stream.h
++++ b/src/libjasper/include/jasper/jas_stream.h
+@@ -77,6 +77,7 @@
+ #include <jasper/jas_config.h>
+ 
+ #include <stdio.h>
++#include <limits.h>
+ #if defined(JAS_HAVE_FCNTL_H)
+ #include <fcntl.h>
+ #endif
+@@ -99,6 +100,12 @@ extern "C" {
+ #define O_BINARY	0
+ #endif
+ 
++#ifdef PATH_MAX
++#define JAS_PATH_MAX PATH_MAX
++#else
++#define JAS_PATH_MAX 4096
++#endif
++
+ /*
+  * Stream open flags.
+  */
+@@ -251,7 +258,7 @@ typedef struct {
+ typedef struct {
+ 	int fd;
+ 	int flags;
+-	char pathname[L_tmpnam + 1];
++	char pathname[JAS_PATH_MAX + 1];
+ } jas_stream_fileobj_t;
+ 
+ #define	JAS_STREAM_FILEOBJ_DELONCLOSE	0x01

More information about the arch-commits mailing list