packages/LibRaw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!64 Fix CVE-2025-43963

Browse Source 
From: @liu-haodong142 
Reviewed-by: @wk333 
Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot 2025-04-24 11:19:43 +00:00 committed by Gitee
commit db5d6f9e1d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
LibRaw.spec
View File

@ -1,6 +1,6 @@
Name: LibRaw
Version: 0.20.2
Release: 6
Release: 7
Summary: Library for reading RAW files obtained from digital photo cameras
License: BSD and (CDDL-1.0 or LGPLv2)
URL: http://www.libraw.org
@ -11,6 +11,8 @@ Patch0002: fix-use-of-uninitialized-value.patch
Patch0003: CVE-2023-1729.patch
# https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49
Patch0004: CVE-2021-32142.patch
Patch0005: backport-upstream_CVE-2025-43963.patch
BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg)
BuildRequires: autoconf automake libtool
Provides: bundled(dcraw) = 9.25
@ -71,6 +73,9 @@ rm -rfv samples/.deps samples/.dirstamp samples/*.o
%exclude %{_docdir}/libraw/*
%changelog
* Tue Apr 22 2025 hdliu <dev03108@linx-info.com> - 0.20.2-7
- Fix CVE-2025-43963
* Tue Mar 26 2024 yaoxin <yao_xin001@hoperun.com> - 0.20.2-6
- Fix CVE-2021-32142

35
backport-upstream_CVE-2025-43963.patch Normal file
View File

@ -0,0 +1,35 @@
From 511c586dd6267e26ccdb61c16b98566a05c6e01e Mon Sep 17 00:00:00 2001
From: hdliu <dev03108@linx-info.com>
Date: Mon, 21 Apr 2025 17:43:18 +0800
Subject: [PATCH] prevent out-of-buffer access in phase_one_correct()
Signed-off-by: hdliu <dev03108@linx-info.com>
---
src/decoders/load_mfbacks.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/decoders/load_mfbacks.cpp b/src/decoders/load_mfbacks.cpp
index 9d7c051..a8f2c6d 100644
--- a/src/decoders/load_mfbacks.cpp
+++ b/src/decoders/load_mfbacks.cpp
@@ -211,7 +211,7 @@ int LibRaw::phase_one_correct()
off_412 = ftell(ifp) - 38;
}
}
- else if (tag == 0x041f && !qlin_applied)
+ else if (tag == 0x041f && !qlin_applied && ph1.split_col > 0 && ph1.split_col < raw_width && ph1.split_row > 0 && ph1.split_row < raw_height)
{ /* Quadrant linearization */
ushort lc[2][2][16], ref[16];
int qr, qc;
@@ -288,7 +288,7 @@ int LibRaw::phase_one_correct()
}
qmult_applied = 1;
}
- else if (tag == 0x0431 && !qmult_applied)
+ else if (tag == 0x0431 && !qmult_applied && ph1.split_col > 0 && ph1.split_col < raw_width && ph1.split_row > 0 && ph1.split_row < raw_height)
{ /* Quadrant combined */
ushort lc[2][2][7], ref[7];
int qr, qc;
--
2.33.0