diff --git a/.dcraw.metadata b/.dcraw.metadata new file mode 100644 index 0000000..3d40b38 --- /dev/null +++ b/.dcraw.metadata @@ -0,0 +1 @@ +83a85200b0f105a40d23e885f5108bc3b53bdbe4 SOURCES/dcraw-9.19.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1a87ec3 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/dcraw-9.19.tar.gz diff --git a/SOURCES/dcraw-9.19-CVE-2013-1438.patch b/SOURCES/dcraw-9.19-CVE-2013-1438.patch new file mode 100644 index 0000000..96fa150 --- /dev/null +++ b/SOURCES/dcraw-9.19-CVE-2013-1438.patch @@ -0,0 +1,108 @@ +From 24f099951c3a86f04a29adc7b0dda474a3c44722 Mon Sep 17 00:00:00 2001 +From: Nils Philippsen +Date: Wed, 25 Sep 2013 15:04:43 +0200 +Subject: [PATCH] CVE-2013-1438: fix various security issues + +This fixes division by zero, infinite loop, and null pointer dereference +bugs. Ported from Alex Tutubalin's fix in LibRaw (commit +9ae25d8c3a6bfb40c582538193264f74c9b93bc0). +--- + dcraw.c | 33 ++++++++++++++++++++++++--------- + 1 file changed, 24 insertions(+), 9 deletions(-) + +diff --git a/dcraw.c b/dcraw.c +index 96e3d1f..dcf284c 100644 +--- a/dcraw.c ++++ b/dcraw.c +@@ -828,6 +828,9 @@ int CLASS ljpeg_diff (ushort *huff) + { + int len, diff; + ++ if (!huff) ++ longjmp(failure, 2); ++ + len = gethuff(huff); + if (len == 16 && (!dng_version || dng_version >= 0x1010000)) + return -32768; +@@ -883,6 +886,8 @@ void CLASS lossless_jpeg_load_raw() + ushort *rp; + + if (!ljpeg_start (&jh, 0)) return; ++ if (jh.wide < 1 || jh.high < 1 || jh.clrs < 1 || jh.bits < 1) ++ longjmp (failure, 2); + jwide = jh.wide * jh.clrs; + + for (jrow=0; jrow < jh.high; jrow++) { +@@ -902,6 +907,8 @@ void CLASS lossless_jpeg_load_raw() + } + if (raw_width == 3984 && (col -= 2) < 0) + col += (row--,raw_width); ++ if (row > raw_height) ++ longjmp (failure, 3); + if ((unsigned) row < raw_height) RAW(row,col) = val; + if (++col >= raw_width) + col = (row++,0); +@@ -5444,6 +5451,7 @@ int CLASS parse_tiff_ifd (int base) + data_offset = get4()+base; + ifd++; break; + } ++ if(len > 1000) len=1000; /* 1000 SubIFDs is enough */ + while (len--) { + i = ftell(ifp); + fseek (ifp, get4()+base, SEEK_SET); +@@ -5662,7 +5670,7 @@ guess_cfa_pc: + break; + case 50715: /* BlackLevelDeltaH */ + case 50716: /* BlackLevelDeltaV */ +- for (num=i=0; i < len; i++) ++ for (num=i=0; i < len && i < 65536; i++) + num += getreal(type); + black += num/len + 0.5; + break; +@@ -5787,9 +5795,13 @@ void CLASS apply_tiff() + if (thumb_offset) { + fseek (ifp, thumb_offset, SEEK_SET); + if (ljpeg_start (&jh, 1)) { +- thumb_misc = jh.bits; +- thumb_width = jh.wide; +- thumb_height = jh.high; ++ if ((unsigned)jh.bits < 17 && (unsigned)jh.wide < 0x10000 && ++ (unsigned)jh.high < 0x10000) ++ { ++ thumb_misc = jh.bits; ++ thumb_width = jh.wide; ++ thumb_height = jh.high; ++ } + } + } + for (i=0; i < tiff_nifds; i++) { +@@ -5797,8 +5809,9 @@ void CLASS apply_tiff() + max_samp = tiff_ifd[i].samples; + if (max_samp > 3) max_samp = 3; + if ((tiff_ifd[i].comp != 6 || tiff_ifd[i].samples != 3) && +- (tiff_ifd[i].width | tiff_ifd[i].height) < 0x10000 && +- tiff_ifd[i].width*tiff_ifd[i].height > raw_width*raw_height) { ++ (tiff_ifd[i].width | tiff_ifd[i].height) < 0x10000 && ++ (unsigned)tiff_ifd[i].bps < 33 && (unsigned)tiff_ifd[i].samples < 13 && ++ tiff_ifd[i].width*tiff_ifd[i].height > raw_width*raw_height) { + raw_width = tiff_ifd[i].width; + raw_height = tiff_ifd[i].height; + tiff_bps = tiff_ifd[i].bps; +@@ -5884,9 +5897,11 @@ void CLASS apply_tiff() + is_raw = 0; + for (i=0; i < tiff_nifds; i++) + if (i != raw && tiff_ifd[i].samples == max_samp && +- tiff_ifd[i].width * tiff_ifd[i].height / (SQR(tiff_ifd[i].bps)+1) > +- thumb_width * thumb_height / (SQR(thumb_misc)+1) +- && tiff_ifd[i].comp != 34892) { ++ tiff_ifd[i].bps > 0 && tiff_ifd[i].bps < 33 && ++ ((unsigned)(tiff_ifd[i].width | tiff_ifd[i].height)) < 0x10000 && ++ tiff_ifd[i].width * tiff_ifd[i].height / (SQR(tiff_ifd[i].bps)+1) > ++ thumb_width * thumb_height / (SQR(thumb_misc)+1) ++ && tiff_ifd[i].comp != 34892) { + thumb_width = tiff_ifd[i].width; + thumb_height = tiff_ifd[i].height; + thumb_offset = tiff_ifd[i].offset; +-- +1.8.4.2 + diff --git a/SOURCES/dcraw-9.19-lcms2.patch b/SOURCES/dcraw-9.19-lcms2.patch new file mode 100644 index 0000000..9d0556e --- /dev/null +++ b/SOURCES/dcraw-9.19-lcms2.patch @@ -0,0 +1,59 @@ +From 789b763bff1701ef31bd077ae49671dfe1c82a51 Mon Sep 17 00:00:00 2001 +From: Nils Philippsen +Date: Wed, 4 Sep 2013 17:13:49 +0200 +Subject: [PATCH] Add support for LCMS version 2.x. + +--- + dcraw.c | 21 ++++++++++++++++++++- + 1 file changed, 20 insertions(+), 1 deletion(-) + +diff --git a/dcraw.c b/dcraw.c +index 96e3d1f..4b280b5 100644 +--- a/dcraw.c ++++ b/dcraw.c +@@ -80,7 +80,13 @@ typedef unsigned long long UINT64; + #include /* Decode compressed Kodak DC120 photos */ + #endif /* and Adobe Lossy DNGs */ + #ifndef NO_LCMS +-#include /* Support color profiles */ ++#ifdef USE_LCMS2 ++#include /* Support color profiles */ ++#else ++#undef USE_LCMS1 ++#define USE_LCMS1 ++#include ++#endif + #endif + #ifdef LOCALEDIR + #include +@@ -8581,6 +8587,15 @@ notraw: + } + + #ifndef NO_LCMS ++#ifdef USE_LCMS2 ++static void lcms2_error_show_handler (cmsContext ContextID, ++ cmsUInt32Number ErrorCode, ++ const char *Text) ++{ ++ fprintf (stderr, "lcms2: Error #%d; %s\n", ErrorCode, Text); ++} ++#endif ++ + void CLASS apply_profile (const char *input, const char *output) + { + char *prof; +@@ -8589,7 +8604,11 @@ void CLASS apply_profile (const char *input, const char *output) + FILE *fp; + unsigned size; + ++#ifdef USE_LCMS2 ++ cmsSetLogErrorHandler (lcms2_error_show_handler); ++#else + cmsErrorAction (LCMS_ERROR_SHOW); ++#endif + if (strcmp (input, "embed")) + hInProfile = cmsOpenProfileFromFile (input, "r"); + else if (profile_length) { +-- +1.8.3.1 + diff --git a/SPECS/dcraw.spec b/SPECS/dcraw.spec new file mode 100644 index 0000000..f667912 --- /dev/null +++ b/SPECS/dcraw.spec @@ -0,0 +1,228 @@ +Summary: Tool for decoding raw image data from digital cameras +Name: dcraw +Version: 9.19 +Release: 6%{?dist} +Group: Applications/Multimedia +License: GPLv2+ +URL: http://cybercom.net/~dcoffin/dcraw +Source0: http://cybercom.net/~dcoffin/dcraw/archive/dcraw-%{version}.tar.gz +Patch0: dcraw-9.19-lcms2.patch +Patch1: dcraw-9.19-CVE-2013-1438.patch +BuildRequires: gettext +BuildRequires: libjpeg-devel +BuildRequires: lcms2-devel +BuildRequires: jasper-devel +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%__id_u -n) + +%description +This package contains dcraw, a command line tool to decode raw image data +downloaded from digital cameras. + +%prep +%setup -q -n dcraw +%patch0 -p1 -b .lcms2 +%patch1 -p1 -b .CVE-2013-1438 + +%build +gcc %optflags \ + -lm -ljpeg -llcms2 -ljasper \ + -DUSE_LCMS2 \ + -DLOCALEDIR="\"%{_datadir}/locale\"" \ + -o dcraw dcraw.c +# build language catalogs +for catsrc in dcraw_*.po; do + lang="${catsrc%.po}" + lang="${lang#dcraw_}" + msgfmt -o "dcraw_${lang}.mo" "$catsrc" +done + +%install +rm -rf %buildroot +install -d -m 0755 %{buildroot}%{_bindir} +install -m 0755 dcraw %{buildroot}%{_bindir} + +# install language catalogs +for catalog in dcraw_*.mo; do + lang="${catalog%.mo}" + lang="${lang#dcraw_}" + install -d -m 0755 "%{buildroot}%{_datadir}/locale/${lang}/LC_MESSAGES" + install -m 0644 "$catalog" "%{buildroot}%{_datadir}/locale/${lang}/LC_MESSAGES/dcraw.mo" +done + +install -d -m 0755 %{buildroot}%{_bindir} %{buildroot}%{_mandir}/man1 +install -m 0644 dcraw.1 %{buildroot}%{_mandir}/man1/dcraw.1 +# localized manpages +rm -f %{name}-man-files +touch %{name}-man-files +for manpage in dcraw_*.1; do + lang="${manpage%.1}" + lang="${lang#dcraw_}" + install -d -m 0755 "%{buildroot}%{_mandir}/${lang}/man1" + install -m 0644 "${manpage}" "%{buildroot}%{_mandir}/${lang}/man1/dcraw.1" + echo "%%lang($lang) %%{_mandir}/${lang}/man1/*" >> %{name}-man-files +done + +%find_lang %{name} + +%clean +rm -rf %buildroot + +%files -f %{name}.lang -f %{name}-man-files +%defattr(-, root, root) +%{_bindir}/dcraw +%{_mandir}/man1/* + +%changelog +* Fri Jan 24 2014 Daniel Mach - 9.19-6 +- Mass rebuild 2014-01-24 + +* Fri Dec 27 2013 Daniel Mach - 9.19-5 +- Mass rebuild 2013-12-27 + +* Fri Dec 06 2013 Nils Philippsen - 9.19-4 +- harden against corrupt input files (CVE-2013-1438) + +* Fri Sep 13 2013 Nils Philippsen - 9.19-3 +- build against the currently maintained version of lcms (2.x) + +* Sat Aug 03 2013 Fedora Release Engineering - 9.19-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Jun 20 2013 Nils Philippsen - 9.19-1 +- version 9.19 + +* Mon Jun 03 2013 Nils Philippsen - 9.18-1 +- version 9.18 + +* Wed Feb 13 2013 Fedora Release Engineering - 9.17-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Fri Jan 18 2013 Adam Tkac - 9.17-2 +- rebuild due to "jpeg8-ABI" feature drop + +* Mon Jan 14 2013 Nils Philippsen - 9.17-1 +- version 9.17 + +* Fri Dec 21 2012 Adam Tkac - 9.16-4 +- rebuild against new libjpeg + +* Thu Oct 18 2012 Nils Philippsen - 9.16-3 +- upstream changed 9.16 tarball, adds support for Samsung NX1000, Sony + DSC-RX100 models + +* Wed Jul 18 2012 Fedora Release Engineering - 9.16-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jul 04 2012 Nils Philippsen - 9.16-1 +- version 9.16 + +* Tue Jun 19 2012 Nils Philippsen - 9.15-1 +- version 9.15 + +* Tue Jan 10 2012 Nils Philippsen - 9.12-2 +- rebuild for gcc 4.7 + +* Thu Dec 22 2011 Nils Philippsen - 9.12-1 +- version 9.12 + +* Wed Oct 12 2011 Nils Philippsen - 9.11-1 +- version 9.11 + +* Mon Aug 01 2011 Nils Philippsen - 9.10-1 +- version 9.10 +- add BR: jasper-devel, link with jasper library + +* Mon May 23 2011 Nils Philippsen - 9.08-1 +- version 9.08 + +* Thu Apr 14 2011 Nils Philippsen - 9.07-1 +- version 9.07 + +* Fri Mar 04 2011 Nils Philippsen - 9.06-1 +- version 9.06 + +* Tue Feb 08 2011 Fedora Release Engineering - 9.04-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Tue Aug 03 2010 Nils Philippsen - 9.04-1 +- version 9.04 + +* Wed Jun 02 2010 Nils Philippsen - 9.01-1 +- version 9.01 +- color man page files with %%lang() + +* Fri Feb 12 2010 Nils Philippsen - 8.99-1 +- version 8.99 + +* Tue Aug 18 2009 Nils Philippsen - 8.96-1 +- version 8.96 + +* Fri Jul 24 2009 Fedora Release Engineering - 8.91-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Mar 02 2009 Nils Philippsen - 8.91-1 +- version 8.91 + +* Tue Feb 24 2009 Fedora Release Engineering - 8.89-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Thu Nov 27 2008 Nils Philippsen - 8.89-1 +- version 8.89 +- remove obsolete gps patch + +* Mon Feb 25 2008 Nils Philippsen - 8.82-1 +- version 8.82 + +* Tue Feb 19 2008 Fedora Release Engineering - 8.81-2 +- Autorebuild for GCC 4.3 + +* Mon Jan 14 2008 Nils Philippsen - 8.81-1 +- version 8.81 +- add support for GPS data (#428600, patch by Ulrich Drepper) + +* Fri Nov 30 2007 Nils Philippsen - 8.80-1 +- version 8.80 +- change license tag to GPLv2+ + +* Mon Feb 05 2007 Nils Philippsen - 8.77-2 +- rebuild with pristine source tarball + +* Mon Feb 05 2007 Nils Philippsen - 8.77-1 +- version 8.77 + +* Mon Feb 05 2007 Nils Philippsen - 8.53-2 +- fix summary, use %%find_lang (#225678) + +* Thu Feb 01 2007 Nils Philippsen - 8.53-1 +- upstream finally has a tarball, use that and its version (#209016) +- use dist tag + +* Wed Jul 12 2006 Jesse Keating - 0.0.20060521-1.1 +- rebuild + +* Tue May 23 2006 Nils Philippsen - 0.0.20060521-1 +- program and manpage version of 2006-05-21 +- use %%optflags +- change license tag to GPL +- use lcms + +* Fri Feb 10 2006 Jesse Keating - 0.0.20051211-1.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 0.0.20051211-1.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Wed Dec 14 2005 Nils Philippsen +- version of 2005-12-11 +- manpage of 2005-09-29 + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Wed Mar 02 2005 Nils Philippsen +- version of 2005-02-27 +- manpage of 2005-01-19 + +* Wed Dec 01 2004 Nils Philippsen +- version of 2004-11-28 +- initial build