Date: Wednesday, May 11, 2022 @ 21:06:06 Author: anthraxx Revision: 445032
archrelease: copy trunk to staging-x86_64 Added: jasper/repos/staging-x86_64/ jasper/repos/staging-x86_64/PKGBUILD (from rev 445031, jasper/trunk/PKGBUILD) jasper/repos/staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 445031, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch) ---------------------------------------------------+ PKGBUILD | 72 ++++++++++++++++++++ jasper-1.900.1-fix-filename-buffer-overflow.patch | 37 ++++++++++ 2 files changed, 109 insertions(+) Copied: jasper/repos/staging-x86_64/PKGBUILD (from rev 445031, jasper/trunk/PKGBUILD) =================================================================== --- staging-x86_64/PKGBUILD (rev 0) +++ staging-x86_64/PKGBUILD 2022-05-11 21:06:06 UTC (rev 445032) @@ -0,0 +1,72 @@ +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Maintainer: Eric BĂ©langer <e...@archlinux.org> + +pkgbase=jasper +pkgname=('jasper' 'jasper-doc') +pkgver=3.0.3 +pkgrel=1 +pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard' +url='https://www.ece.uvic.ca/~frodo/jasper/' +arch=('x86_64') +license=('custom:JasPer2.0') +makedepends=('glibc' 'libjpeg' 'freeglut' 'libxmu' 'glu' 'cmake' 'doxygen') +options=('debug') +source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz + jasper-1.900.1-fix-filename-buffer-overflow.patch) +sha512sums=('e407e24db2c8b279421070feadb71e79e8603729ed8170d84d21bced92eb18a91fb67ec9e99c27366f9afb26b6d5f38ff918c88afb8ce3f3ce87a76189d296c0' + 'b8d798bf75523c5db263783e42c653dd0cb03deee90be32eddf878bb6893cca02abadd94de6a8c737a5b7fe76f7fb245979f010765e6a95fc520b215e3a2a7f0') +b2sums=('c6849fe2de6853000ca9e88b3535f82396fa408f0a884459fd433cd3e400de6bd4caf840ad7482742b84d02b29328964f1726ab4b8ad1f9897bee4e8a690a340' + '9b1927a437ed9b32491f07a210600b5a7d10711ec954dadc030a8238b67e9c6d1a8e67956fd7a5515e7060f0a1651fa86763e21d6d20592f8f00e9d3260722a1') + +prepare() { + cd ${pkgbase}-version-${pkgver} + patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch" + sed -r 's|(CMAKE_SKIP_BUILD_RPATH) FALSE|\1 TRUE|g' -i CMakeLists.txt +} + +build() { + cd ${pkgbase}-version-${pkgver} + + cmake \ + -B buildx \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DCMAKE_C_FLAGS="$CFLAGS -ffat-lto-objects" \ + -DJAS_ENABLE_OPENGL=ON \ + -DJAS_ENABLE_LIBJPEG=ON \ + -DJAS_ENABLE_AUTOMATIC_DEPENDENCIES=OFF \ + -DCMAKE_SKIP_RPATH=ON \ + -DJAS_ENABLE_SHARED=ON + cmake --build buildx +} + +check() { + cd ${pkgbase}-version-${pkgver} + export LD_LIBRARY_PATH="$(pwd)/buildx/src/libjasper/" + make -C buildx -j1 test +} + +package_jasper() { + depends=('glibc' 'libjpeg' 'libjpeg.so' 'freeglut' 'glu') + optdepends=('jasper-doc: documentation') + provides=('libjasper.so') + + cd ${pkgbase}-version-${pkgver} + make -C buildx DESTDIR="${pkgdir}" install + rm -r "${pkgdir}/usr/share/doc" + + install -Dm 644 NEWS.txt README.md -t "${pkgdir}/usr/share/doc/${pkgname}" + install -Dm 644 LICENSE.txt -t "${pkgdir}/usr/share/licenses/${pkgname}" +} + +package_jasper-doc() { + pkgdesc+=' (documentation)' + optdepends=('jasper') + + cd ${pkgbase}-version-${pkgver} + make -C buildx DESTDIR="${pkgdir}" install + rm -rf "${pkgdir}/usr/"{bin,include,lib,share/man} + + install -Dm 644 LICENSE.txt -t "${pkgdir}/usr/share/licenses/${pkgname}" +} + +# vim: ts=2 sw=2 et: Copied: jasper/repos/staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 445031, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch) =================================================================== --- staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (rev 0) +++ staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch 2022-05-11 21:06:06 UTC (rev 445032) @@ -0,0 +1,37 @@ +Description: Filename buffer overflow fix + This patch fixes a security hole by a bad buffer size handling. +Author: Roland Stigge <sti...@antcom.de> +Bug-Debian: http://bugs.debian.org/645118 + +--- a/src/libjasper/include/jasper/jas_stream.h ++++ b/src/libjasper/include/jasper/jas_stream.h +@@ -77,6 +77,7 @@ + #include <jasper/jas_config.h> + + #include <stdio.h> ++#include <limits.h> + #if defined(JAS_HAVE_FCNTL_H) + #include <fcntl.h> + #endif +@@ -99,6 +100,12 @@ extern "C" { + #define O_BINARY 0 + #endif + ++#ifdef PATH_MAX ++#define JAS_PATH_MAX PATH_MAX ++#else ++#define JAS_PATH_MAX 4096 ++#endif ++ + /* + * Stream open flags. + */ +@@ -251,7 +258,7 @@ typedef struct { + typedef struct { + int fd; + int flags; +- char pathname[L_tmpnam + 1]; ++ char pathname[JAS_PATH_MAX + 1]; + } jas_stream_fileobj_t; + + #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01