Signed-off-by: Zoltán Böszörményi <zbos...@gmail.com> --- .../opencv/opencv/CVE-2023-2617.patch | 88 ------------------- .../{opencv_4.7.0.bb => opencv_4.8.0.bb} | 9 +- 2 files changed, 4 insertions(+), 93 deletions(-) delete mode 100644 meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch rename meta-oe/recipes-support/opencv/{opencv_4.7.0.bb => opencv_4.8.0.bb} (97%)
diff --git a/meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch b/meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch deleted file mode 100644 index 92c096e29..000000000 --- a/meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch +++ /dev/null @@ -1,88 +0,0 @@ -commit ccc277247ac1a7aef0a90353edcdec35fbc5903c -Author: Nano <nanoape...@gmail.com> -Date: Wed Apr 26 15:09:52 2023 +0800 - - fix(wechat_qrcode): Init nBytes after the count value is determined (#3480) - - * fix(wechat_qrcode): Initialize nBytes after the count value is determined - - * fix(wechat_qrcode): Incorrect count data repair - - * chore: format expr - - * fix(wechat_qrcode): Avoid null pointer exception - - * fix(wechat_qrcode): return when bytes_ is empty - - * test(wechat_qrcode): add test case - - --------- - - Co-authored-by: GZTime <time...@outlook.com> - -CVE: CVE-2023-2617 - -Upstream-Status: Backport [https://github.com/opencv/opencv_contrib/commit/ccc277247ac1a7aef0a90353edcdec35fbc5903c] - -Signed-off-by: Soumya <soumya.sa...@windriver.com> ---- - -diff --git a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp -index 05de793c..b3a0a69c 100644 ---- a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp -+++ b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp -@@ -65,7 +65,8 @@ void DecodedBitStreamParser::append(std::string& result, string const& in, - - void DecodedBitStreamParser::append(std::string& result, const char* bufIn, size_t nIn, - ErrorHandler& err_handler) { -- if (err_handler.ErrCode()) return; -+ // avoid null pointer exception -+ if (err_handler.ErrCode() || bufIn == nullptr) return; - #ifndef NO_ICONV_INSIDE - if (nIn == 0) { - return; -@@ -190,16 +191,20 @@ void DecodedBitStreamParser::decodeByteSegment(Ref<BitSource> bits_, string& res - CharacterSetECI* currentCharacterSetECI, - ArrayRef<ArrayRef<char> >& byteSegments, - ErrorHandler& err_handler) { -- int nBytes = count; - BitSource& bits(*bits_); - // Don't crash trying to read more bits than we have available. - int available = bits.available(); - // try to repair count data if count data is invalid - if (count * 8 > available) { -- count = (available + 7 / 8); -+ count = (available + 7) / 8; - } -+ size_t nBytes = count; -+ -+ ArrayRef<char> bytes_(nBytes); -+ // issue https://github.com/opencv/opencv_contrib/issues/3478 -+ if (bytes_->empty()) -+ return; - -- ArrayRef<char> bytes_(count); - char* readBytes = &(*bytes_)[0]; - for (int i = 0; i < count; i++) { - // readBytes[i] = (char) bits.readBits(8); -diff --git a/modules/wechat_qrcode/test/test_qrcode.cpp b/modules/wechat_qrcode/test/test_qrcode.cpp -index d59932b8..ec2559b0 100644 ---- a/modules/wechat_qrcode/test/test_qrcode.cpp -+++ b/modules/wechat_qrcode/test/test_qrcode.cpp -@@ -455,5 +455,16 @@ TEST_P(Objdetect_QRCode_Easy_Multi, regression) { - std::string qrcode_model_path[] = {"", "dnn/wechat_2021-01"}; - INSTANTIATE_TEST_CASE_P(/**/, Objdetect_QRCode_Easy_Multi, testing::ValuesIn(qrcode_model_path)); - -+TEST(Objdetect_QRCode_bug, issue_3478) { -+ auto detector = wechat_qrcode::WeChatQRCode(); -+ std::string image_path = findDataFile("qrcode/issue_3478.png"); -+ Mat src = imread(image_path, IMREAD_GRAYSCALE); -+ ASSERT_FALSE(src.empty()) << "Can't read image: " << image_path; -+ std::vector<std::string> outs = detector.detectAndDecode(src); -+ ASSERT_EQ(1, (int) outs.size()); -+ ASSERT_EQ(16, (int) outs[0].size()); -+ ASSERT_EQ("KFCVW50 ", outs[0]); -+} -+ - } // namespace - } // namespace opencv_test diff --git a/meta-oe/recipes-support/opencv/opencv_4.7.0.bb b/meta-oe/recipes-support/opencv/opencv_4.8.0.bb similarity index 97% rename from meta-oe/recipes-support/opencv/opencv_4.7.0.bb rename to meta-oe/recipes-support/opencv/opencv_4.8.0.bb index a1fbaaa09..9564bbbe9 100644 --- a/meta-oe/recipes-support/opencv/opencv_4.7.0.bb +++ b/meta-oe/recipes-support/opencv/opencv_4.8.0.bb @@ -10,8 +10,8 @@ ARM_INSTRUCTION_SET:armv5 = "arm" DEPENDS = "libtool swig-native bzip2 zlib glib-2.0 libwebp" -SRCREV_opencv = "725e440d278aca07d35a5e8963ef990572b07316" -SRCREV_contrib = "e247b680a6bd396f110274b6c214406a93171350" +SRCREV_opencv = "f9a59f2592993d3dcc080e495f4f5e02dd8ec7ef" +SRCREV_contrib = "f10c84d48b0714f2b408c9e5cccfac1277c8e6cc" SRCREV_boostdesc = "34e4206aef44d50e6bbcd0ab06354b52e7466d26" SRCREV_vgg = "fccf7cd6a4b12079f73bbfb21745f9babcd4eb1d" SRCREV_face = "8afa57abc8229d611c4937165d20e2a2d9fc5a12" @@ -19,8 +19,8 @@ SRCREV_wechat-qrcode = "a8b69ccc738421293254aec5ddb38bd523503252" SRCREV_FORMAT = "opencv_contrib_ipp_boostdesc_vgg" -SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol=https \ - git://github.com/opencv/opencv_contrib.git;destsuffix=git/contrib;name=contrib;branch=master;protocol=https \ +SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=4.x;protocol=https \ + git://github.com/opencv/opencv_contrib.git;destsuffix=git/contrib;name=contrib;branch=4.x;protocol=https \ git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_boostdesc_20161012;destsuffix=git/boostdesc;name=boostdesc;protocol=https \ git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_vgg_20160317;destsuffix=git/vgg;name=vgg;protocol=https \ git://github.com/opencv/opencv_3rdparty.git;branch=contrib_face_alignment_20170818;destsuffix=git/face;name=face;protocol=https \ @@ -31,7 +31,6 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol file://download.patch \ file://0001-Make-ts-module-external.patch \ file://0008-Do-not-embed-build-directory-in-binaries.patch \ - file://CVE-2023-2617.patch;patchdir=contrib \ " SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=contrib" -- 2.41.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103711): https://lists.openembedded.org/g/openembedded-devel/message/103711 Mute This Topic: https://lists.openembedded.org/mt/100002939/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-