From ef5597eaa5b3d88289b5050807da80982f99a255 Mon Sep 17 00:00:00 2001 From: Justin Lecher Date: Sat, 24 Jan 2015 13:15:02 +0000 Subject: media-libs/jasper: Add fixes for CVE-2014-815{7,8}, #537530 Package-Manager: portage-2.2.15/cvs/Linux x86_64 Manifest-Sign-Key: 0xB9D4F231BD1558AB! --- media-libs/jasper/ChangeLog | 8 +- media-libs/jasper/Manifest | 33 ++- media-libs/jasper/files/jasper-CVE-2014-8157.patch | 12 + media-libs/jasper/files/jasper-CVE-2014-8158.patch | 329 +++++++++++++++++++++ media-libs/jasper/jasper-1.900.1-r9.ebuild | 54 ++++ 5 files changed, 420 insertions(+), 16 deletions(-) create mode 100644 media-libs/jasper/files/jasper-CVE-2014-8157.patch create mode 100644 media-libs/jasper/files/jasper-CVE-2014-8158.patch create mode 100644 media-libs/jasper/jasper-1.900.1-r9.ebuild (limited to 'media-libs/jasper') diff --git a/media-libs/jasper/ChangeLog b/media-libs/jasper/ChangeLog index 3e94d14b0fdf..3f382f5f83ba 100644 --- a/media-libs/jasper/ChangeLog +++ b/media-libs/jasper/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for media-libs/jasper # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/jasper/ChangeLog,v 1.115 2015/01/16 08:21:27 jlec Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/jasper/ChangeLog,v 1.116 2015/01/24 13:14:57 jlec Exp $ + +*jasper-1.900.1-r9 (24 Jan 2015) + + 24 Jan 2015; Justin Lecher +jasper-1.900.1-r9.ebuild, + +files/jasper-CVE-2014-8157.patch, +files/jasper-CVE-2014-8158.patch: + Add fixes for CVE-2014-815{7,8}, #537530 16 Jan 2015; Justin Lecher -jasper-1.900.1-r7.ebuild: Cleanup vulnerable versions for CVE-2014-{8137,8138}, #533744 diff --git a/media-libs/jasper/Manifest b/media-libs/jasper/Manifest index b7c887a8cef4..847104da3e25 100644 --- a/media-libs/jasper/Manifest +++ b/media-libs/jasper/Manifest @@ -6,29 +6,32 @@ AUX jasper-1.701.0-GL-ac.patch 487 SHA256 f0c1794cca1fbee9f7a97f3b47b2a98250cb61 AUX jasper-1.701.0-GL.patch 553 SHA256 b99a48047f5ac8b8f8db4147a6938b8f918e0f671b76f8d17dc7068fda74d282 SHA512 6038d0a7fc3c3fb288d38eb7d87373aef15365dc2f11d4e985a30f4ba3e669238182f6fcad62e126d66ce51d9f255ec287919af17de0f2c28440c15e01d73994 WHIRLPOOL a460190fa4e20ed25143e649d197f3df67bcc372e55febbebbdea39b25f878036b5af9e2411383807d24fe58c07e997990e006d08d1126619f785c0b0258eec1 AUX jasper-CVE-2014-8137.patch 1547 SHA256 27350b9a72067e0325464b1e51f0fcab2701db26c918d82aac977dc345a02999 SHA512 b689b8fdc3dfa7f7ffcb9d7e94c7eb8d11127adf55e2f67cb2311fe1495eb7a4a234e34bc50315059b85a257b083670a383a7cc751705fcacc49727c11152510 WHIRLPOOL 514aaa7803ef7861b42374c4590740a34a768747e67c9e089b698b0a73750f8d5ff8c2dfc1a322b00797757c44eb81ada97d7949fb454ec2247114c100ff7adc AUX jasper-CVE-2014-8138.patch 682 SHA256 597966eabef1eeb4155415352cee37492def0abb09349e1764ae92645f3a20c1 SHA512 ae9d1c85688f7711a5cd7765988e85c64bf5413dede80aa8c860caa505c079d6975410ccb3b0e18c65d84624226c5e12667bb7613a91e3856dab4f99483c2956 WHIRLPOOL c4e63768afc72cb63bef7136b7d0b6e803b582f698210668ed47ac601b375c729e27bffad906739dfe02fe2f2615ca553dddb5c53a5ec084c086f6a292debd3e +AUX jasper-CVE-2014-8157.patch 569 SHA256 60160f1eecb4cbfe7d8277e091333e9c1b4af7eeaccdfa3b539ac9658bb6a474 SHA512 44fc87f8a85a5c0b1f3669ca5ec139afcb8971f2d5bfd40ed95913dcf34fee4874301b580134ddca900091ef3cbfdd791b365a5c3ba74d0e8deb855b54322f68 WHIRLPOOL 6ab8ccd5d87eb80dee5ae29f963292faa7de930d4db308030591b73c32abf0d01d93d29fea7baffd11f90bce0716615fdc8b39ec7d24dbf6cd6ec38b94f6e7b0 +AUX jasper-CVE-2014-8158.patch 7900 SHA256 1dce24d47bcfc599bde5fa625e8b9bfbd1c6c637e4358493276d8a96338ff8b7 SHA512 7f2f2a990ced181fd5755cc630a8c6d75e8172c926c08350505f6b8b5e8e1f8b0891b4603a4c43da35f913c079f2759975ee7ee1532ebb87f06d01c165299ecb WHIRLPOOL e7787fe8a170be486d0b9ce0d650f2526f9112a6a241284fcf180aec885a9e39302c88e074101ff4f01a41f1fd47a84384b35f21edb1d92eac9a42cc6c29c686 AUX jasper-CVE-2014-9029.patch 1116 SHA256 a43747e7597a2a5108befd4acd31a582101a66096a752e61de853bc860d2a8e1 SHA512 20bac10654ea1b16d741bcc71ca91e484c4238cb285f551a19b1bac4c4cf8ec39bc33f8d3c42dbadd03e85eb667a8e286f208e9b20a5b39429bf8e4454bd9b16 WHIRLPOOL 63244c1a4601de0c3ddcee00edc259062f1effa5e58180ac7e207e8ff71bb019990de6abe4cb1cdefb41dded1a96380aa0dd7bb46f729000c57c1e04abea9bb0 AUX jasper-pkgconfig.patch 1691 SHA256 325003c739023264f368db2ce30598038706f45a8ec8a5a1f81fa855496e0ed1 SHA512 3cb1fe20b34e46c2d04f17eac6e1831d226368e4a7037be8324eb469b0217e1ad0520bb9d321a0f7c510828ca8505c4c42d4c54045606d0e9f2dad81c8ee21eb WHIRLPOOL 13e97b718827a712a4ee65162e6adafec1672fd9f96e8d773124b91e43c4571d5ab0975802fbf44d10fa2d4f9a895ff1fbd6adeaf817c7e70cfa08198c9425cf DIST jasper-1.900.1-fixes-20120611.patch.bz2 26303 SHA256 8727c94843f141c311be54eed97eca18f96542f52b991df6f7d4f005bad2ec59 SHA512 36ec1735a89008fa6be16698f78ca5ec52d4ef34f10653ba3bf081c665c4e2d747cdbd7bfc0d56859ad4dc0fac166cf08248336d25d3ba8e7feb57e65d5c5ef6 WHIRLPOOL 341639dc208c44eefb18d14b16bc74591989e4ec0bf6426bee1ed161f1c997a23dad487ac821f2bf8e1ae16ae74d6174dce39a913b44b4e24628a7a1510395a7 DIST jasper-1.900.1.zip 1415752 SHA256 6b905a9c2aca2e275544212666eefc4eb44d95d0a57e4305457b407fe63f9494 SHA512 e3a3c803de848b50482f5bd693b1945197c6999285226c45b671855734d7bb2611fbe6f28cd8ba9c56a4ea59417795eba42d72516c9fec93b8fbaa21b8210cb6 WHIRLPOOL cd53901537bb8d32706e82326bf01f7f960af5172e2da738d1fcc9c5a4087829210a177d3df96617cf289e5db8ec97e06aa6cd60ada3b887db65418b90e9a86b EBUILD jasper-1.900.1-r8.ebuild 1602 SHA256 4f23a4e199b74223b750b1832006b4b64095412fdf3b04f548a36ec11bbbd0d5 SHA512 6b2296873dfe427835cbb0eaecfdebc908b9f794235f4a5002883225a8fd3c64a80693b6c426d38599a95d38ddfa9dff459715353dc912033e31fbfbde79948b WHIRLPOOL 45be1fdf03b9c68bfb176449c161da4abcd53f31ca7af8b0bb0ac12167ecac5ec6709ba99d90db207f6a8d550a0b01784c88fbf34e8728a5345ba8560b18b615 -MISC ChangeLog 14277 SHA256 11f8d80ccc2dd4834edaafbe0580c4bcfe352ce49345b434a34e642255eaaf15 SHA512 d9cec041ca08298e8270a7df4fe31b26c8d9c8775171ad5b00b4cf7bf497d475ecf3fca24880a408b29f79085835a34632f05e0d116ca82c42cae1cfca7d865e WHIRLPOOL eb0b291696fbece49b07a0486afe4c3650333a67a32ff2932e2b6d43791b4681f79c699a7f17322545063e22495815fe2ae2ffda6f9c854210fb6baf6ac74ded +EBUILD jasper-1.900.1-r9.ebuild 1693 SHA256 1e6cdb1bd570ff67a8caeb4e597c9026ef994e8e335b25de13d1678de5fea5a2 SHA512 015d474fce555038c3d225ed7c89d1afedf7fe88818a8fcad0df29ee1abf44736ceff81fbf43fe82092c607500e51a10c2fa6feefb652992d2556d1c239f8731 WHIRLPOOL 606fa72bb5b837320135d55d2eca95a7b20b2f9b87cd5818d3b5dadec3a6574d5f49771dd2c7c0db281e0db0e87ae2b4c0a5a276ef9623df1c31801a99f44ac3 +MISC ChangeLog 14501 SHA256 c2eadb89fe694508da03214c4da5c6af8ea6354fb2e38c569185b55b62ea9ba4 SHA512 3324774c59cfa15cde49257e9a918623c97046edaf195a6cbb674e6d3e46dd44dc4818527ef9e560fe9437067bb9b8eb8079ce0bf7368e44c4823bb94ab5ea45 WHIRLPOOL fde0cf117bd73d6b90660f9f319ffe4ae1dc4f5c6ca82a5b449f3d22ad987e3697c60034753bcee8fc34d0431e52c891deb899a65e4837d6d8bb53b4826b9c06 MISC metadata.xml 158 SHA256 dae7918daac89b300804812d32584889aa1c4e8b9edeced06006900494457a6d SHA512 e4901a5df84502b46aa85ec01804ce680332cebe6148e4a9c8201a38935ee0d4a753bcdb3f18765b06019926a05bf099c0ed61395aa98211610ab7fdb8d7f895 WHIRLPOOL 2f12466ef66cc7b89ec428cd4b498b20f12ca6dbb219f180ac12985dfc4195882ea95809797828a720fe69a0e560d12de9c271f8aacaa06fba09c9c1ccd589e5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0 -iQJ8BAEBCgBmBQJUuMoIXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w +iQJ8BAEBCgBmBQJUw5umXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQyQ0JDQjFGMzBDQ0UxMjFGNENDNDgxMDdC -OUQ0RjIzMUJEMTU1OEFCAAoJELnU8jG9FVirbvAP/AwEmK66JrS24+vB+UoBJPah -OEm2MGvbGDmvXLIbbKkNzhfjxlu7O1AyTZAnCvLqrCPDlWDxoa2Q1U9sSMWWZR66 -eKlPH41XQ2MBl6lo7i31ozuh8Ys6lvRtVoGANJ3EZHHgIROCl9tA1LfDwzozKdRj -wQcD110CrzcOEhtVtlq90wTe4PMLYlkF9MA7GU9TIOviV+ThW0LCCrP5so974H/w -FGD8QNrcX/vNXsxdqjLxvHAJx4bMMbV4zwSTWXDnzv9WOSNSjgS59Jft2Wda92s8 -ngqYlFEh+SmyLCNX5jqPRygBttvNpJYqReslKOFs/iYWnGo1FeJzoLK1+50ZfIjq -dz/yUiOMe9/xg3ABLRw8kV2paJSVAFNzF8wise3yCpMp0qGuV4Nzh29bP/alYuYh -636fvEcYs9aJmOqG9941lHPF3eC5Z0yLhUEHDQhSjFq1vPJ1yx90S382xa8Z3PDN -xF+jsartLnmS23ZuhrQCOHjAoFxBHq9aMP0LFWprIniG9L4/3DRvaXh2XwLArNjm -gg9kFulEJ6Y+PZ7B32KMc5LRMbRPHWKgUNJqmLWlKkpAcRedEbVpr7O8vrI0VDTw -WpLgOwlwcVlkl4Qy+6AeZ8+HQFeAebQZNDCTxWXumdow/ht4xrMcTLKBdHFlWpv+ -y06FUha5ZH8O9oWPIYqV -=K57Z +OUQ0RjIzMUJEMTU1OEFCAAoJELnU8jG9FVirTpEP/j0wsJA+TvDnCwXj+SRa5glb +it7F4pBhSwDB45UpeSi+FqkbvZ/ynmGsMLeeEf+dM47cC9YehhF60XwtAYuDLWXv +j1tj+ry4RQtw/JyxQ4cCqlIuWWzOP8YqZxiN0g3ykPIAi0+mbGpqlOdUiNT/5aFp +DnT4DmisTT2JRASLAoQ2W1YaRTsxTWTqmnoIBOCk1E9vJF1F39RT0GqmdWEUFdk/ +IuDBl+uEs+WMeEw0H/PO/M1K/6QxxWm3vnKHpOxm+CIaWokL48D+SiuZrUcuNFcQ +cSzTE+vDSvJxsfywg3gvk92qkHrSYWwHlKn8xNCjh4h3qheZ6TjAN1H9QoXdM0YT +vC9iMeIJnA87/9k5/U0+W9dbD3/a3dScLF2n8pEUr/Aibpg8CE9IgpzyTcOPDm8W +42E7TYSMQpGS5nT8Jms6mvY7XFLRITopH7pg45mRCrQolyKLTlRN1HWg4y5IR7LM +I7PXMB0qidoPbcjcM0e9DZaS7p7eUKytw26gk0jjj5gJZIXuvGndnLDc/ho/gSaR +sbbfRjXeBk0cI0R1gBpQw0xieDo9o3GK8R3sCmFXoN5p3aFHbv5f8N50eFggWAcd +v6EmijM8hEV3hPC1q8hEIo4paIH3+3NJULzk1LWl2KrQtO97BFhbw6mwWnmAL5dD +1zK/wQ4VvjGuIHLL3UZM +=v/1Z -----END PGP SIGNATURE----- diff --git a/media-libs/jasper/files/jasper-CVE-2014-8157.patch b/media-libs/jasper/files/jasper-CVE-2014-8157.patch new file mode 100644 index 000000000000..ebfc1b2d0f25 --- /dev/null +++ b/media-libs/jasper/files/jasper-CVE-2014-8157.patch @@ -0,0 +1,12 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 2015-01-19 16:59:36.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2015-01-19 17:07:41.609863268 +0100 +@@ -489,7 +489,7 @@ static int jpc_dec_process_sot(jpc_dec_t + dec->curtileendoff = 0; + } + +- if (JAS_CAST(int, sot->tileno) > dec->numtiles) { ++ if (JAS_CAST(int, sot->tileno) >= dec->numtiles) { + jas_eprintf("invalid tile number in SOT marker segment\n"); + return -1; + } diff --git a/media-libs/jasper/files/jasper-CVE-2014-8158.patch b/media-libs/jasper/files/jasper-CVE-2014-8158.patch new file mode 100644 index 000000000000..ce9e4b497f39 --- /dev/null +++ b/media-libs/jasper/files/jasper-CVE-2014-8158.patch @@ -0,0 +1,329 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 2015-01-19 17:25:28.730195502 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c 2015-01-19 17:27:20.214663127 +0100 +@@ -306,11 +306,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + { + + int bufsize = JPC_CEILDIVPOW2(numcols, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize]; +-#endif + jpc_fix_t *buf = splitbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; +@@ -318,7 +314,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + register int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -326,7 +321,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + abort(); + } + } +-#endif + + if (numcols >= 2) { + hstartcol = (numcols + 1 - parity) >> 1; +@@ -360,12 +354,10 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -374,11 +366,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize]; +-#endif + jpc_fix_t *buf = splitbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; +@@ -386,7 +374,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + register int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -394,7 +381,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -428,12 +414,10 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -442,11 +426,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize * JPC_QMFB_COLGRPSIZE]; +-#endif + jpc_fix_t *buf = splitbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -457,7 +437,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -465,7 +444,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -517,12 +495,10 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -531,11 +507,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize * numcols]; +-#endif + jpc_fix_t *buf = splitbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -546,7 +518,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -554,7 +525,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -606,12 +576,10 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -619,18 +587,13 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + { + + int bufsize = JPC_CEILDIVPOW2(numcols, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize]; +-#endif + jpc_fix_t *buf = joinbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; + register int n; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -638,7 +601,6 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + abort(); + } + } +-#endif + + hstartcol = (numcols + 1 - parity) >> 1; + +@@ -670,12 +632,10 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + ++srcptr; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -684,18 +644,13 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize]; +-#endif + jpc_fix_t *buf = joinbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; + register int n; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -703,7 +658,6 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -735,12 +689,10 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + ++srcptr; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -749,11 +701,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize * JPC_QMFB_COLGRPSIZE]; +-#endif + jpc_fix_t *buf = joinbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -763,7 +711,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + register int i; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { +@@ -771,7 +718,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -821,12 +767,10 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + srcptr += JPC_QMFB_COLGRPSIZE; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -835,11 +779,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize * numcols]; +-#endif + jpc_fix_t *buf = joinbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -849,7 +789,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + register int i; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) { +@@ -857,7 +796,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -907,12 +845,10 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + srcptr += numcols; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + diff --git a/media-libs/jasper/jasper-1.900.1-r9.ebuild b/media-libs/jasper/jasper-1.900.1-r9.ebuild new file mode 100644 index 000000000000..ad5c7e0f488f --- /dev/null +++ b/media-libs/jasper/jasper-1.900.1-r9.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/jasper/jasper-1.900.1-r9.ebuild,v 1.1 2015/01/24 13:14:57 jlec Exp $ + +EAPI=5 + +# outdated './configure': breaks in 'USE=opengl ABI_X86="32 64"' case: +# uses /usr/lib64 for 32-bit ABI. +AUTOTOOLS_AUTORECONF=yes + +inherit autotools-multilib + +DESCRIPTION="software-based implementation of the codec specified in the JPEG-2000 Part-1 standard" +HOMEPAGE="http://www.ece.uvic.ca/~mdadams/jasper/" +SRC_URI=" + http://www.ece.uvic.ca/~mdadams/${PN}/software/${P}.zip + mirror://gentoo/${P}-fixes-20120611.patch.bz2" + +LICENSE="JasPer2.0" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x64-solaris ~x86-solaris" +IUSE="jpeg opengl static-libs" + +RDEPEND=" + jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] ) + opengl? ( + >=virtual/opengl-7.0-r1:0[${MULTILIB_USEDEP}] + >=media-libs/freeglut-2.8.1:0[${MULTILIB_USEDEP}] + virtual/glu + )" +DEPEND="${RDEPEND} + app-arch/unzip" + +PATCHES=( + "${WORKDIR}"/${P}-fixes-20120611.patch + "${FILESDIR}"/${PN}-1.701.0-GL-ac.patch + "${FILESDIR}"/${PN}-1.701.0-GL.patch + "${FILESDIR}"/${PN}-CVE-2014-9029.patch + "${FILESDIR}"/${PN}-CVE-2014-8137.patch + "${FILESDIR}"/${PN}-CVE-2014-8138.patch + "${FILESDIR}"/${PN}-CVE-2014-8157.patch + "${FILESDIR}"/${PN}-CVE-2014-8158.patch + "${FILESDIR}"/${PN}-pkgconfig.patch + ) + +DOCS=( NEWS README doc/. ) + +src_configure() { + local myeconfargs=( + $(use_enable jpeg libjpeg) + $(use_enable opengl) + ) + autotools-multilib_src_configure +} -- cgit v1.2.3-65-gdbad