packages/opencv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!26 修复三个opencv的被动依赖libtiff漏洞

Browse Source 
From: @shenwei41 
Reviewed-by: @henryshi1 
Signed-off-by: @henryshi1
This commit is contained in:
openeuler-ci-bot 2022-11-07 08:14:37 +00:00 committed by Gitee
commit cd4303d8e8
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
CVE-2022-0561_and_CVE-2022-0562.patch Normal file
View File

@ -0,0 +1,25 @@
diff -Npur opencv-4.5.2/3rdparty/libtiff/tif_dirread.c opencv-4.5.2-new/3rdparty/libtiff/tif_dirread.c
--- opencv-4.5.2/3rdparty/libtiff/tif_dirread.c 2021-04-02 19:23:54.000000000 +0800
+++ opencv-4.5.2-new/3rdparty/libtiff/tif_dirread.c 2022-05-21 14:44:25.639756094 +0800
@@ -4173,7 +4173,8 @@ TIFFReadDirectory(TIFF* tif)
goto bad;
}
- memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16));
+ if (old_extrasamples > 0)
+ memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16));
_TIFFsetShortArray(&tif->tif_dir.td_sampleinfo, new_sampleinfo, tif->tif_dir.td_extrasamples);
_TIFFfree(new_sampleinfo);
}
@@ -5765,8 +5766,9 @@ TIFFFetchStripThing(TIFF* tif, TIFFDirEn
_TIFFfree(data);
return(0);
}
- _TIFFmemcpy(resizeddata,data,(uint32)dir->tdir_count*sizeof(uint64));
- _TIFFmemset(resizeddata+(uint32)dir->tdir_count,0,(nstrips-(uint32)dir->tdir_count)*sizeof(uint64));
+ if( dir->tdir_count )
+ _TIFFmemcpy(resizeddata,data, (uint32)dir->tdir_count * sizeof(uint64));
+ _TIFFmemset(resizeddata+(uint32)dir->tdir_count, 0, (nstrips - (uint32)dir->tdir_count) * sizeof(uint64));
_TIFFfree(data);
data=resizeddata;
}

15
CVE-2022-0908.patch Normal file
View File

@ -0,0 +1,15 @@
diff -Npur opencv-4.5.2/3rdparty/libtiff/tif_dirread.c opencv-4.5.2-new/3rdparty/libtiff/tif_dirread.c
--- opencv-4.5.2/3rdparty/libtiff/tif_dirread.c 2021-04-02 19:23:54.000000000 +0800
+++ opencv-4.5.2-new/3rdparty/libtiff/tif_dirread.c 2022-05-21 14:36:31.761285562 +0800
@@ -5079,7 +5079,10 @@ TIFFFetchNormalTag(TIFF* tif, TIFFDirEnt
_TIFFfree(data);
return(0);
}
- _TIFFmemcpy(o,data,(uint32)dp->tdir_count);
+ if (dp->tdir_count > 0 )
+ {
+ _TIFFmemcpy(o,data,(uint32)dp->tdir_count);
+ }
o[(uint32)dp->tdir_count]=0;
if (data!=0)
_TIFFfree(data);

7
opencv.spec
View File

@ -1,6 +1,6 @@
Name: opencv
Version: 4.5.2
Release: 6
Release: 7
Summary: OpenCV means Intel® Open Source Computer Vision Library.
License: Apache-2.0
URL: https://github.com/opencv/opencv
@ -14,6 +14,8 @@ Source6: opencv_extra-4.5.2.tar.gz.ae
Patch1: Fix-OpenCV-build-with-OpenEXR-before-2.2.0.patch
Patch2: Fix_compilation_of_copy_assignment_operators_with_GCC.patch
Patch3: Repair_clang_abi.patch
Patch4: CVE-2022-0561_and_CVE-2022-0562.patch
Patch5: CVE-2022-0908.patch
BuildRequires: gcc-c++ gcc autoconf pkgconfig protobuf-compiler protobuf
BuildRequires: cmake
BuildRequires: python3-numpy python3-devel
@ -89,6 +91,9 @@ make install DESTDIR=%{buildroot}
%{python3_sitelib}/cv2/*
%changelog
* Thu Nov 05 2022 shenwei <shenwei41@huawei.com> - 4.5.2-7
- fix three cve bug of the opencv
* Thu Jan 28 2022 douyan <douyan@kylinos.cn> - 4.5.2-6
- add pkgconfig file