From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][mickledore 09/13] tiff: Remove unused patch from tiff
Date: Thu, 1 Jun 2023 16:22:08 -1000 [thread overview]
Message-ID: <b61e75037ed92e6bf4d9d506ffedfc5d50085522.1685672395.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1685672395.git.steve@sakoman.com>
From: nikhil <nikhilar2410@gmail.com>
Remove 0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
file from tiff as it was removed while upgrading tiff from
4.4.0 -> 4.5.0
Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c53abdb5ce9cdbfb0f9e48b64b800c45549d18a6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 267 ------------------
1 file changed, 267 deletions(-)
delete mode 100644 meta/recipes-multimedia/libtiff/files/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
diff --git a/meta/recipes-multimedia/libtiff/files/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch b/meta/recipes-multimedia/libtiff/files/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
deleted file mode 100644
index 17b37be041..0000000000
--- a/meta/recipes-multimedia/libtiff/files/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
+++ /dev/null
@@ -1,267 +0,0 @@
-From f00484b9519df933723deb38fff943dc291a793d Mon Sep 17 00:00:00 2001
-From: Su_Laus <sulau@freenet.de>
-Date: Tue, 30 Aug 2022 16:56:48 +0200
-Subject: [PATCH] Revised handling of TIFFTAG_INKNAMES and related
- TIFFTAG_NUMBEROFINKS value
-
-In order to solve the buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value, a revised handling of those tags within LibTiff is proposed:
-
-Behaviour for writing:
- `NumberOfInks` MUST fit to the number of inks in the `InkNames` string.
- `NumberOfInks` is automatically set when `InkNames` is set.
- If `NumberOfInks` is different to the number of inks within `InkNames` string, that will be corrected and a warning is issued.
- If `NumberOfInks` is not equal to samplesperpixel only a warning will be issued.
-
-Behaviour for reading:
- When reading `InkNames` from a TIFF file, the `NumberOfInks` will be set automatically to the number of inks in `InkNames` string.
- If `NumberOfInks` is different to the number of inks within `InkNames` string, that will be corrected and a warning is issued.
- If `NumberOfInks` is not equal to samplesperpixel only a warning will be issued.
-
-This allows the safe use of the NumberOfInks value to read out the InkNames without buffer overflow
-
-This MR will close the following issues: #149, #150, #152, #168 (to be checked), #250, #269, #398 and #456.
-
-It also fixes the old bug at http://bugzilla.maptools.org/show_bug.cgi?id=2599, for which the limitation of `NumberOfInks = SPP` was introduced, which is in my opinion not necessary and does not solve the general issue.
-
-CVE: CVE-2022-3599 CVE-2022-4645
-Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246.patch]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
----
- libtiff/tif_dir.c | 119 ++++++++++++++++++++++++-----------------
- libtiff/tif_dir.h | 2 +
- libtiff/tif_dirinfo.c | 2 +-
- libtiff/tif_dirwrite.c | 5 ++
- libtiff/tif_print.c | 4 ++
- 5 files changed, 82 insertions(+), 50 deletions(-)
-
-diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
-index 793e8a79..816f7756 100644
---- a/libtiff/tif_dir.c
-+++ b/libtiff/tif_dir.c
-@@ -136,32 +136,30 @@ setExtraSamples(TIFF* tif, va_list ap, uint32_t* v)
- }
-
- /*
-- * Confirm we have "samplesperpixel" ink names separated by \0. Returns
-+ * Count ink names separated by \0. Returns
- * zero if the ink names are not as expected.
- */
--static uint32_t
--checkInkNamesString(TIFF* tif, uint32_t slen, const char* s)
-+static uint16_t
-+countInkNamesString(TIFF *tif, uint32_t slen, const char *s)
- {
-- TIFFDirectory* td = &tif->tif_dir;
-- uint16_t i = td->td_samplesperpixel;
-+ uint16_t i = 0;
-+ const char *ep = s + slen;
-+ const char *cp = s;
-
- if (slen > 0) {
-- const char* ep = s+slen;
-- const char* cp = s;
-- for (; i > 0; i--) {
-+ do {
- for (; cp < ep && *cp != '\0'; cp++) {}
- if (cp >= ep)
- goto bad;
- cp++; /* skip \0 */
-- }
-- return ((uint32_t)(cp - s));
-+ i++;
-+ } while (cp < ep);
-+ return (i);
- }
- bad:
- TIFFErrorExt(tif->tif_clientdata, "TIFFSetField",
-- "%s: Invalid InkNames value; expecting %"PRIu16" names, found %"PRIu16,
-- tif->tif_name,
-- td->td_samplesperpixel,
-- (uint16_t)(td->td_samplesperpixel-i));
-+ "%s: Invalid InkNames value; no NUL at given buffer end location %"PRIu32", after %"PRIu16" ink",
-+ tif->tif_name, slen, i);
- return (0);
- }
-
-@@ -478,13 +476,61 @@ _TIFFVSetField(TIFF* tif, uint32_t tag, va_list ap)
- _TIFFsetFloatArray(&td->td_refblackwhite, va_arg(ap, float*), 6);
- break;
- case TIFFTAG_INKNAMES:
-- v = (uint16_t) va_arg(ap, uint16_vap);
-- s = va_arg(ap, char*);
-- v = checkInkNamesString(tif, v, s);
-- status = v > 0;
-- if( v > 0 ) {
-- _TIFFsetNString(&td->td_inknames, s, v);
-- td->td_inknameslen = v;
-+ {
-+ v = (uint16_t) va_arg(ap, uint16_vap);
-+ s = va_arg(ap, char*);
-+ uint16_t ninksinstring;
-+ ninksinstring = countInkNamesString(tif, v, s);
-+ status = ninksinstring > 0;
-+ if(ninksinstring > 0 ) {
-+ _TIFFsetNString(&td->td_inknames, s, v);
-+ td->td_inknameslen = v;
-+ /* Set NumberOfInks to the value ninksinstring */
-+ if (TIFFFieldSet(tif, FIELD_NUMBEROFINKS))
-+ {
-+ if (td->td_numberofinks != ninksinstring) {
-+ TIFFErrorExt(tif->tif_clientdata, module,
-+ "Warning %s; Tag %s:\n Value %"PRIu16" of NumberOfInks is different from the number of inks %"PRIu16".\n -> NumberOfInks value adapted to %"PRIu16"",
-+ tif->tif_name, fip->field_name, td->td_numberofinks, ninksinstring, ninksinstring);
-+ td->td_numberofinks = ninksinstring;
-+ }
-+ } else {
-+ td->td_numberofinks = ninksinstring;
-+ TIFFSetFieldBit(tif, FIELD_NUMBEROFINKS);
-+ }
-+ if (TIFFFieldSet(tif, FIELD_SAMPLESPERPIXEL))
-+ {
-+ if (td->td_numberofinks != td->td_samplesperpixel) {
-+ TIFFErrorExt(tif->tif_clientdata, module,
-+ "Warning %s; Tag %s:\n Value %"PRIu16" of NumberOfInks is different from the SamplesPerPixel value %"PRIu16"",
-+ tif->tif_name, fip->field_name, td->td_numberofinks, td->td_samplesperpixel);
-+ }
-+ }
-+ }
-+ }
-+ break;
-+ case TIFFTAG_NUMBEROFINKS:
-+ v = (uint16_t)va_arg(ap, uint16_vap);
-+ /* If InkNames already set also NumberOfInks is set accordingly and should be equal */
-+ if (TIFFFieldSet(tif, FIELD_INKNAMES))
-+ {
-+ if (v != td->td_numberofinks) {
-+ TIFFErrorExt(tif->tif_clientdata, module,
-+ "Error %s; Tag %s:\n It is not possible to set the value %"PRIu32" for NumberOfInks\n which is different from the number of inks in the InkNames tag (%"PRIu16")",
-+ tif->tif_name, fip->field_name, v, td->td_numberofinks);
-+ /* Do not set / overwrite number of inks already set by InkNames case accordingly. */
-+ status = 0;
-+ }
-+ } else {
-+ td->td_numberofinks = (uint16_t)v;
-+ if (TIFFFieldSet(tif, FIELD_SAMPLESPERPIXEL))
-+ {
-+ if (td->td_numberofinks != td->td_samplesperpixel) {
-+ TIFFErrorExt(tif->tif_clientdata, module,
-+ "Warning %s; Tag %s:\n Value %"PRIu32" of NumberOfInks is different from the SamplesPerPixel value %"PRIu16"",
-+ tif->tif_name, fip->field_name, v, td->td_samplesperpixel);
-+ }
-+ }
- }
- break;
- case TIFFTAG_PERSAMPLE:
-@@ -986,34 +1032,6 @@ _TIFFVGetField(TIFF* tif, uint32_t tag, va_list ap)
- if (fip->field_bit == FIELD_CUSTOM) {
- standard_tag = 0;
- }
--
-- if( standard_tag == TIFFTAG_NUMBEROFINKS )
-- {
-- int i;
-- for (i = 0; i < td->td_customValueCount; i++) {
-- uint16_t val;
-- TIFFTagValue *tv = td->td_customValues + i;
-- if (tv->info->field_tag != standard_tag)
-- continue;
-- if( tv->value == NULL )
-- return 0;
-- val = *(uint16_t *)tv->value;
-- /* Truncate to SamplesPerPixel, since the */
-- /* setting code for INKNAMES assume that there are SamplesPerPixel */
-- /* inknames. */
-- /* Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 */
-- if( val > td->td_samplesperpixel )
-- {
-- TIFFWarningExt(tif->tif_clientdata,"_TIFFVGetField",
-- "Truncating NumberOfInks from %u to %"PRIu16,
-- val, td->td_samplesperpixel);
-- val = td->td_samplesperpixel;
-- }
-- *va_arg(ap, uint16_t*) = val;
-- return 1;
-- }
-- return 0;
-- }
-
- switch (standard_tag) {
- case TIFFTAG_SUBFILETYPE:
-@@ -1195,6 +1213,9 @@ _TIFFVGetField(TIFF* tif, uint32_t tag, va_list ap)
- case TIFFTAG_INKNAMES:
- *va_arg(ap, const char**) = td->td_inknames;
- break;
-+ case TIFFTAG_NUMBEROFINKS:
-+ *va_arg(ap, uint16_t *) = td->td_numberofinks;
-+ break;
- default:
- {
- int i;
-diff --git a/libtiff/tif_dir.h b/libtiff/tif_dir.h
-index 09065648..0c251c9e 100644
---- a/libtiff/tif_dir.h
-+++ b/libtiff/tif_dir.h
-@@ -117,6 +117,7 @@ typedef struct {
- /* CMYK parameters */
- int td_inknameslen;
- char* td_inknames;
-+ uint16_t td_numberofinks; /* number of inks in InkNames string */
-
- int td_customValueCount;
- TIFFTagValue *td_customValues;
-@@ -174,6 +175,7 @@ typedef struct {
- #define FIELD_TRANSFERFUNCTION 44
- #define FIELD_INKNAMES 46
- #define FIELD_SUBIFD 49
-+#define FIELD_NUMBEROFINKS 50
- /* FIELD_CUSTOM (see tiffio.h) 65 */
- /* end of support for well-known tags; codec-private tags follow */
- #define FIELD_CODEC 66 /* base of codec-private tags */
-diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c
-index 3371cb5c..3b4bcd33 100644
---- a/libtiff/tif_dirinfo.c
-+++ b/libtiff/tif_dirinfo.c
-@@ -114,7 +114,7 @@ tiffFields[] = {
- { TIFFTAG_SUBIFD, -1, -1, TIFF_IFD8, 0, TIFF_SETGET_C16_IFD8, TIFF_SETGET_UNDEFINED, FIELD_SUBIFD, 1, 1, "SubIFD", (TIFFFieldArray*) &tiffFieldArray },
- { TIFFTAG_INKSET, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "InkSet", NULL },
- { TIFFTAG_INKNAMES, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_C16_ASCII, TIFF_SETGET_UNDEFINED, FIELD_INKNAMES, 1, 1, "InkNames", NULL },
-- { TIFFTAG_NUMBEROFINKS, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "NumberOfInks", NULL },
-+ { TIFFTAG_NUMBEROFINKS, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_NUMBEROFINKS, 1, 0, "NumberOfInks", NULL },
- { TIFFTAG_DOTRANGE, 2, 2, TIFF_SHORT, 0, TIFF_SETGET_UINT16_PAIR, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "DotRange", NULL },
- { TIFFTAG_TARGETPRINTER, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "TargetPrinter", NULL },
- { TIFFTAG_EXTRASAMPLES, -1, -1, TIFF_SHORT, 0, TIFF_SETGET_C16_UINT16, TIFF_SETGET_UNDEFINED, FIELD_EXTRASAMPLES, 0, 1, "ExtraSamples", NULL },
-diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
-index 6c86fdca..062e4610 100644
---- a/libtiff/tif_dirwrite.c
-+++ b/libtiff/tif_dirwrite.c
-@@ -626,6 +626,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64_t* pdiroff)
- if (!TIFFWriteDirectoryTagAscii(tif,&ndir,dir,TIFFTAG_INKNAMES,tif->tif_dir.td_inknameslen,tif->tif_dir.td_inknames))
- goto bad;
- }
-+ if (TIFFFieldSet(tif, FIELD_NUMBEROFINKS))
-+ {
-+ if (!TIFFWriteDirectoryTagShort(tif, &ndir, dir, TIFFTAG_NUMBEROFINKS, tif->tif_dir.td_numberofinks))
-+ goto bad;
-+ }
- if (TIFFFieldSet(tif,FIELD_SUBIFD))
- {
- if (!TIFFWriteDirectoryTagSubifd(tif,&ndir,dir))
-diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
-index 16ce5780..a91b9e7b 100644
---- a/libtiff/tif_print.c
-+++ b/libtiff/tif_print.c
-@@ -397,6 +397,10 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
- }
- fputs("\n", fd);
- }
-+ if (TIFFFieldSet(tif, FIELD_NUMBEROFINKS)) {
-+ fprintf(fd, " NumberOfInks: %d\n",
-+ td->td_numberofinks);
-+ }
- if (TIFFFieldSet(tif,FIELD_THRESHHOLDING)) {
- fprintf(fd, " Thresholding: ");
- switch (td->td_threshholding) {
---
-2.34.1
-
--
2.34.1
next prev parent reply other threads:[~2023-06-02 2:22 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-02 2:21 [OE-core][mickledore 00/13] Patch review Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 01/13] linux-yocto/5.15: update to v5.15.109 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 02/13] linux-yocto/5.15: update to v5.15.110 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 03/13] linux-yocto/5.15: update to v5.15.111 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 04/13] linux-yocto/5.15: update to v5.15.112 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 05/13] linux-yocto/5.15: update to v5.15.113 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 06/13] git: ignore CVE-2023-25815 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 07/13] libgcrypt: update 1.10.1 -> 1.10.2 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 08/13] e2fsprogs: fix ptest bug for second running Steve Sakoman
2023-06-02 2:22 ` Steve Sakoman [this message]
2023-06-02 2:22 ` [OE-core][mickledore 10/13] populate_sdk_base.bbclass: respect MLPREFIX for ptest-pkgs's ptest-runner Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 11/13] qemurunner: avoid leaking server_socket Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 12/13] uninative: Upgrade to 3.10 to support gcc 13 Steve Sakoman
2023-06-02 2:22 ` [OE-core][mickledore 13/13] uninative: Upgrade to 4.0 to include latest gcc 13.1.1 Steve Sakoman
2023-06-04 17:39 ` Martin Jansa
2023-06-04 19:14 ` Steve Sakoman
2023-06-04 20:34 ` Martin Jansa
2023-06-08 18:50 ` Steve Sakoman
2023-06-08 19:01 ` Martin Jansa
2023-06-15 15:06 ` mkfs.ext4 segfaults with uninative-4.0 Was: " Martin Jansa
[not found] ` <1768DD7D92A3BE8A.10197@lists.openembedded.org>
2023-06-15 15:17 ` Martin Jansa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b61e75037ed92e6bf4d9d506ffedfc5d50085522.1685672395.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).