4 files changed, 4 insertions, 153 deletions
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch
deleted file mode 100644
index 663f499df6..0000000000
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 3e4fe4c42d4d63c36df966baea87da6fbc032553 Mon Sep 17 00:00:00 2001
-From: Lei Maohui <leimaohui@cn.fujitsu.com>
-Date: Thu, 7 Jan 2021 16:05:28 +0900
-Subject: [PATCH] This patch fixed include dir to /usr/include/. Obviously, it
- is not suitble for cross-compile. So, removed this patch temporarily.
-https://github.com/uclouvain/openjpeg/issues/1174
-Upsteam-Status: Pending
-https://github.com/uclouvain/openjpeg/issues/1320
-Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
---
- cmake/OpenJPEGConfig.cmake.in | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-diff --git a/cmake/OpenJPEGConfig.cmake.in b/cmake/OpenJPEGConfig.cmake.in
-index 8a726697..2925108a 100644
--- a/cmake/OpenJPEGConfig.cmake.in
-+++ b/cmake/OpenJPEGConfig.cmake.in
-@@ -27,8 +27,12 @@ if(EXISTS ${SELF_DIR}/OpenJPEGTargets.cmake)
-   # This is an install tree
-   include(${SELF_DIR}/OpenJPEGTargets.cmake)
- 
-+  # We find a relative path from the PKG directory to header files.
-+  set(PKG_DIR "@CMAKE_INSTALL_PREFIX@/@OPENJPEG_INSTALL_PACKAGE_DIR@")
-   set(INC_DIR "@CMAKE_INSTALL_PREFIX@/@OPENJPEG_INSTALL_INCLUDE_DIR@")
-  get_filename_component(OPENJPEG_INCLUDE_DIRS "${INC_DIR}" ABSOLUTE)
-+  file(RELATIVE_PATH PKG_TO_INC_RPATH "${PKG_DIR}" "${INC_DIR}")
-+
-+  get_filename_component(OPENJPEG_INCLUDE_DIRS "${SELF_DIR}/${PKG_TO_INC_RPATH}" ABSOLUTE)
- 
- else()
-   if(EXISTS ${SELF_DIR}/OpenJPEGExports.cmake)
-- 
-2.25.1
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch
deleted file mode 100644
index a7c2bb4f38..0000000000
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/pull/1395/commits/f0727df]
-CVE: CVE-2021-29338
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
-From f0727df07c4d944d7d1c5002451cfbc9545d3288 Mon Sep 17 00:00:00 2001
-From: Brad Parham <brad.a.parham@intel.com>
-Date: Wed, 12 Jan 2022 12:20:28 +0100
-Subject: [PATCH] Fix integer overflow in num_images
-Includes the fix for CVE-2021-29338
-Credit to @kaniini based on #1346
-Fixes #1338
---
- src/bin/jp2/opj_compress.c   | 4 ++--
- src/bin/jp2/opj_decompress.c | 5 ++---
- src/bin/jp2/opj_dump.c       | 7 ++++---
- 3 files changed, 8 insertions(+), 8 deletions(-)
-diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c
-index 8c71d4536..1399d5277 100644
--- a/src/bin/jp2/opj_compress.c
-+++ b/src/bin/jp2/opj_compress.c
-@@ -1959,9 +1959,9 @@ int main(int argc, char **argv)
-         num_images = get_num_images(img_fol.imgdirpath);
-         dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
-         if (dirptr) {
-            dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
-+            dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
-                     char)); /* Stores at max 10 image file names*/
-            dirptr->filename = (char**) malloc(num_images * sizeof(char*));
-+            dirptr->filename = (char**) calloc(num_images, sizeof(char*));
-             if (!dirptr->filename_buf) {
-                 ret = 0;
-                 goto fin;
-diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
-index fc0012b63..e1217f891 100644
--- a/src/bin/jp2/opj_decompress.c
-+++ b/src/bin/jp2/opj_decompress.c
-@@ -1374,14 +1374,13 @@ int main(int argc, char **argv)
-             return EXIT_FAILURE;
-         }
-         /* Stores at max 10 image file names */
-        dirptr->filename_buf = (char*)malloc(sizeof(char) *
-                                             (size_t)num_images * OPJ_PATH_LEN);
-+        dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
-         if (!dirptr->filename_buf) {
-             failed = 1;
-             goto fin;
-         }
- 
-        dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
-+        dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
- 
-         if (!dirptr->filename) {
-             failed = 1;
-diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c
-index 6111d2ab6..d2646f10e 100644
--- a/src/bin/jp2/opj_dump.c
-+++ b/src/bin/jp2/opj_dump.c
-@@ -515,13 +515,14 @@ int main(int argc, char *argv[])
-         if (!dirptr) {
-             return EXIT_FAILURE;
-         }
-        dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
-                char)); /* Stores at max 10 image file names*/
-+        /* Stores at max 10 image file names*/
-+        dirptr->filename_buf = (char*) calloc((size_t) num_images,
-+                                              OPJ_PATH_LEN * sizeof(char));
-         if (!dirptr->filename_buf) {
-             free(dirptr);
-             return EXIT_FAILURE;
-         }
-        dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
-+        dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
- 
-         if (!dirptr->filename) {
-             goto fails;
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch
deleted file mode 100644
index 8aa9c15e33..0000000000
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d]
-CVE: CVE-2022-1122
-While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits.
-From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
-From: xiaoxiaoafeifei <lliangliang2007@163.com>
-Date: Wed, 14 Jul 2021 09:35:13 +0800
-Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to
- uninitialized pointer (fixes #1368) (#1369)
---
- src/bin/jp2/opj_decompress.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
-index 0e028735..18ead672 100644
--- a/src/bin/jp2/opj_decompress.c
-+++ b/src/bin/jp2/opj_decompress.c
-@@ -1356,7 +1356,7 @@ int main(int argc, char **argv)
-         int it_image;
-         num_images = get_num_images(img_fol.imgdirpath);
- 
-        dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
-+        dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
-         if (!dirptr) {
-             destroy_parameters(&parameters);
-             return EXIT_FAILURE;
-- 
-2.25.1
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb
index f248619ec8..c71e535649 100644
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb
+++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb
@@ -5,14 +5,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c648878b4840d7babaade1303e7f108c"
 DEPENDS = "libpng tiff lcms zlib"
-SRC_URI = " \
+SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \
-    git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \
+           file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
-    file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
+           "
-    file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \
+SRCREV = "a5891555eb49ed7cc26b2901ea680acda136d811"
-    file://CVE-2021-29338.patch \
-    file://CVE-2022-1122.patch \
-"
-SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505"
 S = "${WORKDIR}/git"
 inherit cmake

diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch deleted file mode 100644 index 663f499df6..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch +++ /dev/null
@@ -1,36 +0,0 @@
1	From 3e4fe4c42d4d63c36df966baea87da6fbc032553 Mon Sep 17 00:00:00 2001
2	From: Lei Maohui <leimaohui@cn.fujitsu.com>
3	Date: Thu, 7 Jan 2021 16:05:28 +0900
4	Subject: [PATCH] This patch fixed include dir to /usr/include/. Obviously, it
5	is not suitble for cross-compile. So, removed this patch temporarily.
6	https://github.com/uclouvain/openjpeg/issues/1174
7
8	Upsteam-Status: Pending
9	https://github.com/uclouvain/openjpeg/issues/1320
10
11	Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
12	---
13	cmake/OpenJPEGConfig.cmake.in \| 6 +++++-
14	1 file changed, 5 insertions(+), 1 deletion(-)
15
16	diff --git a/cmake/OpenJPEGConfig.cmake.in b/cmake/OpenJPEGConfig.cmake.in
17	index 8a726697..2925108a 100644
18	--- a/cmake/OpenJPEGConfig.cmake.in
19	+++ b/cmake/OpenJPEGConfig.cmake.in
20	@@ -27,8 +27,12 @@ if(EXISTS ${SELF_DIR}/OpenJPEGTargets.cmake)
21	# This is an install tree
22	include(${SELF_DIR}/OpenJPEGTargets.cmake)
23
24	+ # We find a relative path from the PKG directory to header files.
25	+ set(PKG_DIR "@CMAKE_INSTALL_PREFIX@/@OPENJPEG_INSTALL_PACKAGE_DIR@")
26	set(INC_DIR "@CMAKE_INSTALL_PREFIX@/@OPENJPEG_INSTALL_INCLUDE_DIR@")
27	- get_filename_component(OPENJPEG_INCLUDE_DIRS "${INC_DIR}" ABSOLUTE)
28	+ file(RELATIVE_PATH PKG_TO_INC_RPATH "${PKG_DIR}" "${INC_DIR}")
29	+
30	+ get_filename_component(OPENJPEG_INCLUDE_DIRS "${SELF_DIR}/${PKG_TO_INC_RPATH}" ABSOLUTE)
31
32	else()
33	if(EXISTS ${SELF_DIR}/OpenJPEGExports.cmake)
34	--
35	2.25.1
36


diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch deleted file mode 100644 index a7c2bb4f38..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch +++ /dev/null
@@ -1,78 +0,0 @@
1	Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/pull/1395/commits/f0727df]
2	CVE: CVE-2021-29338
3
4	Signed-off-by: Kai Kang <kai.kang@windriver.com>
5
6	From f0727df07c4d944d7d1c5002451cfbc9545d3288 Mon Sep 17 00:00:00 2001
7	From: Brad Parham <brad.a.parham@intel.com>
8	Date: Wed, 12 Jan 2022 12:20:28 +0100
9	Subject: [PATCH] Fix integer overflow in num_images
10
11	Includes the fix for CVE-2021-29338
12	Credit to @kaniini based on #1346
13	Fixes #1338
14	---
15	src/bin/jp2/opj_compress.c \| 4 ++--
16	src/bin/jp2/opj_decompress.c \| 5 ++---
17	src/bin/jp2/opj_dump.c \| 7 ++++---
18	3 files changed, 8 insertions(+), 8 deletions(-)
19
20	diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c
21	index 8c71d4536..1399d5277 100644
22	--- a/src/bin/jp2/opj_compress.c
23	+++ b/src/bin/jp2/opj_compress.c
24	@@ -1959,9 +1959,9 @@ int main(int argc, char **argv)
25	num_images = get_num_images(img_fol.imgdirpath);
26	dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
27	if (dirptr) {
28	- dirptr->filename_buf = (char)malloc(num_images OPJ_PATH_LEN * sizeof(
29	+ dirptr->filename_buf = (char)calloc(num_images, OPJ_PATH_LEN sizeof(
30	char)); /* Stores at max 10 image file names*/
31	- dirptr->filename = (char*) malloc(num_images sizeof(char*));
32	+ dirptr->filename = (char*) calloc(num_images, sizeof(char));
33	if (!dirptr->filename_buf) {
34	ret = 0;
35	goto fin;
36	diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
37	index fc0012b63..e1217f891 100644
38	--- a/src/bin/jp2/opj_decompress.c
39	+++ b/src/bin/jp2/opj_decompress.c
40	@@ -1374,14 +1374,13 @@ int main(int argc, char **argv)
41	return EXIT_FAILURE;
42	}
43	/* Stores at max 10 image file names */
44	- dirptr->filename_buf = (char)malloc(sizeof(char)
45	- (size_t)num_images * OPJ_PATH_LEN);
46	+ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
47	if (!dirptr->filename_buf) {
48	failed = 1;
49	goto fin;
50	}
51
52	- dirptr->filename = (char*) malloc((size_t)num_images sizeof(char*));
53	+ dirptr->filename = (char*) calloc((size_t) num_images, sizeof(char));
54
55	if (!dirptr->filename) {
56	failed = 1;
57	diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c
58	index 6111d2ab6..d2646f10e 100644
59	--- a/src/bin/jp2/opj_dump.c
60	+++ b/src/bin/jp2/opj_dump.c
61	@@ -515,13 +515,14 @@ int main(int argc, char *argv[])
62	if (!dirptr) {
63	return EXIT_FAILURE;
64	}
65	- dirptr->filename_buf = (char)malloc((size_t)num_images OPJ_PATH_LEN * sizeof(
66	- char)); /* Stores at max 10 image file names*/
67	+ /* Stores at max 10 image file names*/
68	+ dirptr->filename_buf = (char*) calloc((size_t) num_images,
69	+ OPJ_PATH_LEN * sizeof(char));
70	if (!dirptr->filename_buf) {
71	free(dirptr);
72	return EXIT_FAILURE;
73	}
74	- dirptr->filename = (char*) malloc((size_t)num_images sizeof(char*));
75	+ dirptr->filename = (char*) calloc((size_t) num_images, sizeof(char));
76
77	if (!dirptr->filename) {
78	goto fails;


diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch deleted file mode 100644 index 8aa9c15e33..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch +++ /dev/null
@@ -1,31 +0,0 @@
1	Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d]
2	CVE: CVE-2022-1122
3
4	While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits.
5
6	From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
7	From: xiaoxiaoafeifei <lliangliang2007@163.com>
8	Date: Wed, 14 Jul 2021 09:35:13 +0800
9	Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to
10	uninitialized pointer (fixes #1368) (#1369)
11
12	---
13	src/bin/jp2/opj_decompress.c \| 2 +-
14	1 file changed, 1 insertion(+), 1 deletion(-)
15
16	diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
17	index 0e028735..18ead672 100644
18	--- a/src/bin/jp2/opj_decompress.c
19	+++ b/src/bin/jp2/opj_decompress.c
20	@@ -1356,7 +1356,7 @@ int main(int argc, char **argv)
21	int it_image;
22	num_images = get_num_images(img_fol.imgdirpath);
23
24	- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
25	+ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
26	if (!dirptr) {
27	destroy_parameters(&parameters);
28	return EXIT_FAILURE;
29	--
30	2.25.1
31


diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb index f248619ec8..c71e535649 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb
@@ -5,14 +5,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c648878b4840d7babaade1303e7f108c"
5		5
6	DEPENDS = "libpng tiff lcms zlib"	6	DEPENDS = "libpng tiff lcms zlib"
7		7
8	SRC_URI = " \	8	SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \
9	git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \	9	file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
10	file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \	10	"
11	file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \	11	SRCREV = "a5891555eb49ed7cc26b2901ea680acda136d811"
12	file://CVE-2021-29338.patch \
13	file://CVE-2022-1122.patch \
14	"
15	SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505"
16	S = "${WORKDIR}/git"	12	S = "${WORKDIR}/git"
17		13
18	inherit cmake	14	inherit cmake