libjpeg(_turbo): minor update 1.3.0 -> .1

The security patch got incorporated into the release.
wip/yesman
Vladimír Čunát 10 years ago
parent 1941168c3d
commit 02b85f5191
  1. 6
      pkgs/development/libraries/libjpeg-turbo/default.nix
  2. 40
      pkgs/development/libraries/libjpeg-turbo/libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch

@ -1,15 +1,13 @@
{ stdenv, fetchurl, nasm }:
stdenv.mkDerivation rec {
name = "libjpeg-turbo-1.3.0";
name = "libjpeg-turbo-1.3.1";
src = fetchurl {
url = "mirror://sourceforge/libjpeg-turbo/${name}.tar.gz";
sha256 = "0d0jwdmj3h89bxdxlwrys2mw18mqcj4rzgb5l2ndpah8zj600mr6";
sha256 = "1fbgcvlnn3d5gvf0v9jnlcabpv2z3nwxclzyabahxi6x2xs90cn1";
};
patches = [ ./libjpeg-turbo-1.3.0-CVE-2013-6629-and-6630.patch ];
buildInputs = [ nasm ];
doCheck = true;

@ -1,40 +0,0 @@
Thanks to the sources below; this patch discovered via Gentoo.
http://bugzilla.redhat.com/show_bug.cgi?id=1031734
http://bugzilla.redhat.com/show_bug.cgi?id=1031749
http://sourceforge.net/p/libjpeg-turbo/code/1090/
--- libjpeg-turbo-1.3.0/jdmarker.c
+++ libjpeg-turbo-1.3.0/jdmarker.c
@@ -304,7 +304,7 @@
/* Process a SOS marker */
{
INT32 length;
- int i, ci, n, c, cc;
+ int i, ci, n, c, cc, pi;
jpeg_component_info * compptr;
INPUT_VARS(cinfo);
@@ -348,6 +348,13 @@
TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
compptr->dc_tbl_no, compptr->ac_tbl_no);
+
+ /* This CSi (cc) should differ from the previous CSi */
+ for (pi = 0; pi < i; pi++) {
+ if (cinfo->cur_comp_info[pi] == compptr) {
+ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
+ }
+ }
}
/* Collect the additional scan parameters Ss, Se, Ah/Al. */
@@ -465,6 +472,8 @@
for (i = 0; i < count; i++)
INPUT_BYTE(cinfo, huffval[i], return FALSE);
+ MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));
+
length -= count;
if (index & 0x10) { /* AC table definition */
Loading…
Cancel
Save