New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
media-libs/openjpeg: Fix segfault, security bug 832007 #24822
Conversation
Pull Request assignmentSubmitter: @laumann media-libs/openjpeg: @gentoo/proxy-maint (maintainer needed) Linked bugsBugs linked: 832007 In order to force reassignment and/or bug reference scan, please append Docs: Code of Conduct ● Copyright policy (expl.) ● Devmanual ● GitHub PRs ● Proxy-maint guide |
From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001 | ||
From: xiaoxiaoafeifei <lliangliang2007@163.com> | ||
Date: Wed, 14 Jul 2021 09:35:13 +0800 | ||
Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to | ||
uninitialized pointer (fixes #1368) (#1369) | ||
|
||
--- | ||
src/bin/jp2/opj_decompress.c | 2 +- | ||
1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
||
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c | ||
index 0e0287350..18ead6721 100644 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Normally, I would scrub a patch to remove some cruft, but as I am not the author of the patch, I figured it's maybe best to leave it as-is. Let me know if I should scrub it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Scrubbing (at least the iwdevtools version) won't remove From or Subject, just git noise, so it should be fine to scrub.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Scrubbed!
Some output from scrub-patch. I'll add a link.
QA: openjpeg-2.4.0-r2-fix-segfault.patch has generated warnings:
001: From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
^^^ suggest replacing line with a http link pointing the upstream commit hash
Wasn't sure if it should be an |
From the devmanual:
Guess that answers that :-) |
a718a76
to
ebbb31f
Compare
Pull request CI reportReport generated at: 2022-03-30 20:52 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
Pull request CI reportReport generated at: 2022-03-30 21:37 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
Reason being: we want it to be re-emerged so the patch can be applied. No revbump? No reason for package managed to re-emerge it. |
ebbb31f
to
95ee66f
Compare
See: uclouvain/openjpeg@0afbdcf Bug: https://bugs.gentoo.org/832007 Signed-off-by: Thomas Bracht Laumann Jespersen <t@laumann.xyz>
95ee66f
to
d735b3b
Compare
Pull request CI reportReport generated at: 2022-03-31 08:22 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
See: uclouvain/openjpeg@0afbdcf
Bug: https://bugs.gentoo.org/832007
Signed-off-by: Thomas Bracht Laumann Jespersen t@laumann.xyz