1 |
commit: ef8fc712dc72c1afcf0f57f58ee3726dc93b6204 |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Dec 12 15:29:46 2017 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Dec 12 15:30:48 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef8fc712 |
7 |
|
8 |
media-libs/jbig2dec: [QA] Move patches to a distfile |
9 |
|
10 |
Closes: https://bugs.gentoo.org/620588 |
11 |
|
12 |
media-libs/jbig2dec/Manifest | 1 + |
13 |
.../files/jbig2dec-0.13-CVE-2016-9601.patch | 897 --------------------- |
14 |
.../files/jbig2dec-0.13-CVE-2017-7885.patch | 29 - |
15 |
.../files/jbig2dec-0.13-CVE-2017-7975.patch | 31 - |
16 |
.../files/jbig2dec-0.13-CVE-2017-7976.patch | 29 - |
17 |
.../files/jbig2dec-0.13-CVE-2017-9216.patch | 31 - |
18 |
media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild | 11 +- |
19 |
7 files changed, 7 insertions(+), 1022 deletions(-) |
20 |
|
21 |
diff --git a/media-libs/jbig2dec/Manifest b/media-libs/jbig2dec/Manifest |
22 |
index 42cc82a7e76..37d772ed72f 100644 |
23 |
--- a/media-libs/jbig2dec/Manifest |
24 |
+++ b/media-libs/jbig2dec/Manifest |
25 |
@@ -1,3 +1,4 @@ |
26 |
DIST jb2streams.zip 1285838 BLAKE2B 9a2b6047a7b970439693d6f5fdefb9488019a562e7f831288b27df09bb19dec2f84854cf7fea50b5b041d331e925145f37f2f89848058ecdc074e7d6c238033f SHA512 382890b36345b8aaebb3554e776a53f3276c6d835335ce41f3f41829ff62bba7ae646602544103ba8541a7a824dca92d682b682c254ab2918c7fe45b3e358b45 |
27 |
+DIST jbig2dec-0.13-patchset.tar.bz2 8452 BLAKE2B 473a338b460c8a66991fb50e110f4386944c8d1ea557318bf8c249e3ed64d290ace9112ad713f92bb4c933fd187eae7ec9f2358ca904a1e41e003f9f9e8682e5 SHA512 024cb2a9c12f4c1f603b3379bfc0e190006accd484cea124c41d6663e3d094724f53bcf881650edcef80fc86f004e69423bdcaf60a3962e392685bae88375b9d |
28 |
DIST jbig2dec-0.13.tar.gz 442571 BLAKE2B 6a973f91502d8effc00cd49b68bb2f853edd41286fdc5cb159460607db8627c2c959ba1c96e65b2ef1df3d4072c9993ce66c06bc5dc1837c89f87c6da0025550 SHA512 ef64a65c54bec65f61602de7130dc9594aae58aaea7958f7cc987f25d0794511e15a423e86501ace4f40c0364796fb97ceab72edb0b69232926767ba16c1b05d |
29 |
DIST jbig2dec-0.14.tar.gz 463572 BLAKE2B 91351a3879bd1906fabe2620cf5379fbbc32eaae808a8c2754c661d6dc592d3c9da13c558c8f7ced30c48b73fbd9ed4631f2817298f959b59ad4dff5fce9ac1a SHA512 066bd880ac0665fc1e42b0ae0e481008b125aab6e173b7f82d61a2a30e72c90085cbded9b2a68c6836f92dea3d8d8d5c2228dba76e0d99c79c922197d215705b |
30 |
|
31 |
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch |
32 |
deleted file mode 100644 |
33 |
index 4ce96ae5d3c..00000000000 |
34 |
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2016-9601.patch |
35 |
+++ /dev/null |
36 |
@@ -1,897 +0,0 @@ |
37 |
-From e698d5c11d27212aa1098bc5b1673a3378563092 Mon Sep 17 00:00:00 2001 |
38 |
-From: Robin Watts <robin.watts@×××××××.com> |
39 |
-Date: Mon, 12 Dec 2016 17:47:17 +0000 |
40 |
-Subject: [PATCH] Squash signed/unsigned warnings in MSVC jbig2 build. |
41 |
- |
42 |
-Also rename "new" to "new_dict", because "new" is a bad |
43 |
-variable name. |
44 |
---- |
45 |
- jbig2.c | 4 +-- |
46 |
- jbig2.h | 8 +++--- |
47 |
- jbig2_generic.c | 2 +- |
48 |
- jbig2_halftone.c | 24 ++++++++---------- |
49 |
- jbig2_huffman.c | 10 ++++---- |
50 |
- jbig2_huffman.h | 2 +- |
51 |
- jbig2_image.c | 32 +++++++++++------------ |
52 |
- jbig2_mmr.c | 66 +++++++++++++++++++++++++----------------------- |
53 |
- jbig2_page.c | 6 ++--- |
54 |
- jbig2_priv.h | 4 +-- |
55 |
- jbig2_segment.c | 10 ++++---- |
56 |
- jbig2_symbol_dict.c | 73 +++++++++++++++++++++++++++-------------------------- |
57 |
- jbig2_symbol_dict.h | 6 ++--- |
58 |
- jbig2_text.c | 16 ++++++------ |
59 |
- jbig2_text.h | 2 +- |
60 |
- 15 files changed, 134 insertions(+), 131 deletions(-) |
61 |
- |
62 |
-diff --git a/jbig2.c b/jbig2.c |
63 |
-index f729e29..e51380f 100644 |
64 |
---- a/jbig2.c |
65 |
-+++ b/jbig2.c |
66 |
-@@ -379,7 +379,7 @@ typedef struct { |
67 |
- } Jbig2WordStreamBuf; |
68 |
- |
69 |
- static int |
70 |
--jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, int offset, uint32_t *word) |
71 |
-+jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, size_t offset, uint32_t *word) |
72 |
- { |
73 |
- Jbig2WordStreamBuf *z = (Jbig2WordStreamBuf *) self; |
74 |
- const byte *data = z->data; |
75 |
-@@ -390,7 +390,7 @@ jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, int offset, uint32_t |
76 |
- else if (offset > z->size) |
77 |
- return -1; |
78 |
- else { |
79 |
-- int i; |
80 |
-+ size_t i; |
81 |
- |
82 |
- result = 0; |
83 |
- for (i = 0; i < z->size - offset; i++) |
84 |
-diff --git a/jbig2.h b/jbig2.h |
85 |
-index d5aa52f..624e0ed 100644 |
86 |
---- a/jbig2.h |
87 |
-+++ b/jbig2.h |
88 |
-@@ -56,17 +56,19 @@ typedef struct _Jbig2SymbolDictionary Jbig2SymbolDictionary; |
89 |
- */ |
90 |
- |
91 |
- struct _Jbig2Image { |
92 |
-- int width, height, stride; |
93 |
-+ uint32_t width; |
94 |
-+ uint32_t height; |
95 |
-+ uint32_t stride; |
96 |
- uint8_t *data; |
97 |
- int refcount; |
98 |
- }; |
99 |
- |
100 |
--Jbig2Image *jbig2_image_new(Jbig2Ctx *ctx, int width, int height); |
101 |
-+Jbig2Image *jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height); |
102 |
- Jbig2Image *jbig2_image_clone(Jbig2Ctx *ctx, Jbig2Image *image); |
103 |
- void jbig2_image_release(Jbig2Ctx *ctx, Jbig2Image *image); |
104 |
- void jbig2_image_free(Jbig2Ctx *ctx, Jbig2Image *image); |
105 |
- void jbig2_image_clear(Jbig2Ctx *ctx, Jbig2Image *image, int value); |
106 |
--Jbig2Image *jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height); |
107 |
-+Jbig2Image *jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, uint32_t width, uint32_t height); |
108 |
- |
109 |
- /* errors are returned from the library via a callback. If no callback |
110 |
- is provided (a NULL argument is passed ot jbig2_ctx_new) a default |
111 |
-diff --git a/jbig2_generic.c b/jbig2_generic.c |
112 |
-index 02fdbfb..9656198 100644 |
113 |
---- a/jbig2_generic.c |
114 |
-+++ b/jbig2_generic.c |
115 |
-@@ -718,7 +718,7 @@ jbig2_immediate_generic_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte |
116 |
- byte seg_flags; |
117 |
- int8_t gbat[8]; |
118 |
- int offset; |
119 |
-- int gbat_bytes = 0; |
120 |
-+ uint32_t gbat_bytes = 0; |
121 |
- Jbig2GenericRegionParams params; |
122 |
- int code = 0; |
123 |
- Jbig2Image *image = NULL; |
124 |
-diff --git a/jbig2_halftone.c b/jbig2_halftone.c |
125 |
-index aeab576..acfbc56 100644 |
126 |
---- a/jbig2_halftone.c |
127 |
-+++ b/jbig2_halftone.c |
128 |
-@@ -257,8 +257,8 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment, |
129 |
- { |
130 |
- uint8_t **GSVALS = NULL; |
131 |
- size_t consumed_bytes = 0; |
132 |
-- int i, j, code, stride; |
133 |
-- int x, y; |
134 |
-+ uint32_t i, j, stride, x, y; |
135 |
-+ int code; |
136 |
- Jbig2Image **GSPLANES; |
137 |
- Jbig2GenericRegionParams rparams; |
138 |
- Jbig2WordStream *ws = NULL; |
139 |
-@@ -276,9 +276,8 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment, |
140 |
- if (GSPLANES[i] == NULL) { |
141 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate %dx%d image for GSPLANES", GSW, GSH); |
142 |
- /* free already allocated */ |
143 |
-- for (j = i - 1; j >= 0; --j) { |
144 |
-- jbig2_image_release(ctx, GSPLANES[j]); |
145 |
-- } |
146 |
-+ for (j = i; j > 0;) |
147 |
-+ jbig2_image_release(ctx, GSPLANES[--j]); |
148 |
- jbig2_free(ctx->allocator, GSPLANES); |
149 |
- return NULL; |
150 |
- } |
151 |
-@@ -323,9 +322,10 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment, |
152 |
- } |
153 |
- |
154 |
- /* C.5 step 2. Set j = GSBPP-2 */ |
155 |
-- j = GSBPP - 2; |
156 |
-+ j = GSBPP - 1; |
157 |
- /* C.5 step 3. decode loop */ |
158 |
-- while (j >= 0) { |
159 |
-+ while (j > 0) { |
160 |
-+ j--; |
161 |
- /* C.5 step 3. (a) */ |
162 |
- if (GSMMR) { |
163 |
- code = jbig2_decode_halftone_mmr(ctx, &rparams, data + consumed_bytes, size - consumed_bytes, GSPLANES[j], &consumed_bytes); |
164 |
-@@ -345,7 +345,6 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment, |
165 |
- GSPLANES[j]->data[i] ^= GSPLANES[j + 1]->data[i]; |
166 |
- |
167 |
- /* C.5 step 3. (c) */ |
168 |
-- --j; |
169 |
- } |
170 |
- |
171 |
- /* allocate GSVALS */ |
172 |
-@@ -359,9 +358,8 @@ jbig2_decode_gray_scale_image(Jbig2Ctx *ctx, Jbig2Segment *segment, |
173 |
- if (GSVALS[i] == NULL) { |
174 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate GSVALS: %d bytes", GSH * GSW); |
175 |
- /* free already allocated */ |
176 |
-- for (j = i - 1; j >= 0; --j) { |
177 |
-- jbig2_free(ctx->allocator, GSVALS[j]); |
178 |
-- } |
179 |
-+ for (j = i; j > 0;) |
180 |
-+ jbig2_free(ctx->allocator, GSVALS[--j]); |
181 |
- jbig2_free(ctx->allocator, GSVALS); |
182 |
- GSVALS = NULL; |
183 |
- goto cleanup; |
184 |
-@@ -450,7 +448,7 @@ jbig2_decode_halftone_region(Jbig2Ctx *ctx, Jbig2Segment *segment, |
185 |
- uint8_t **GI; |
186 |
- Jbig2Image *HSKIP = NULL; |
187 |
- Jbig2PatternDict *HPATS; |
188 |
-- int i; |
189 |
-+ uint32_t i; |
190 |
- uint32_t mg, ng; |
191 |
- int32_t x, y; |
192 |
- uint8_t gray_val; |
193 |
-@@ -476,7 +474,7 @@ jbig2_decode_halftone_region(Jbig2Ctx *ctx, Jbig2Segment *segment, |
194 |
- |
195 |
- /* calculate ceil(log2(HNUMPATS)) */ |
196 |
- HBPP = 0; |
197 |
-- while (HNUMPATS > (1 << ++HBPP)); |
198 |
-+ while (HNUMPATS > (1U << ++HBPP)); |
199 |
- |
200 |
- /* 6.6.5 point 4. decode gray-scale image as mentioned in annex C */ |
201 |
- GI = jbig2_decode_gray_scale_image(ctx, segment, data, size, |
202 |
-diff --git a/jbig2_huffman.c b/jbig2_huffman.c |
203 |
-index 4521b48..f77981b 100644 |
204 |
---- a/jbig2_huffman.c |
205 |
-+++ b/jbig2_huffman.c |
206 |
-@@ -47,16 +47,16 @@ struct _Jbig2HuffmanState { |
207 |
- is (offset + 4) * 8. */ |
208 |
- uint32_t this_word; |
209 |
- uint32_t next_word; |
210 |
-- int offset_bits; |
211 |
-- int offset; |
212 |
-- int offset_limit; |
213 |
-+ uint32_t offset_bits; |
214 |
-+ uint32_t offset; |
215 |
-+ uint32_t offset_limit; |
216 |
- |
217 |
- Jbig2WordStream *ws; |
218 |
- Jbig2Ctx *ctx; |
219 |
- }; |
220 |
- |
221 |
- static uint32_t |
222 |
--huff_get_next_word(Jbig2HuffmanState *hs, int offset) |
223 |
-+huff_get_next_word(Jbig2HuffmanState *hs, uint32_t offset) |
224 |
- { |
225 |
- uint32_t word = 0; |
226 |
- Jbig2WordStream *ws = hs->ws; |
227 |
-@@ -213,7 +213,7 @@ jbig2_huffman_advance(Jbig2HuffmanState *hs, int offset) |
228 |
- /* return the offset of the huffman decode pointer (in bytes) |
229 |
- * from the beginning of the WordStream |
230 |
- */ |
231 |
--int |
232 |
-+uint32_t |
233 |
- jbig2_huffman_offset(Jbig2HuffmanState *hs) |
234 |
- { |
235 |
- return hs->offset + (hs->offset_bits >> 3); |
236 |
-diff --git a/jbig2_huffman.h b/jbig2_huffman.h |
237 |
-index 5d1e6e0..cfda9e0 100644 |
238 |
---- a/jbig2_huffman.h |
239 |
-+++ b/jbig2_huffman.h |
240 |
-@@ -64,7 +64,7 @@ void jbig2_huffman_skip(Jbig2HuffmanState *hs); |
241 |
- |
242 |
- void jbig2_huffman_advance(Jbig2HuffmanState *hs, int offset); |
243 |
- |
244 |
--int jbig2_huffman_offset(Jbig2HuffmanState *hs); |
245 |
-+uint32_t jbig2_huffman_offset(Jbig2HuffmanState *hs); |
246 |
- |
247 |
- int32_t jbig2_huffman_get(Jbig2HuffmanState *hs, const Jbig2HuffmanTable *table, bool *oob); |
248 |
- |
249 |
-diff --git a/jbig2_image.c b/jbig2_image.c |
250 |
-index 1ae614e..94e5a4c 100644 |
251 |
---- a/jbig2_image.c |
252 |
-+++ b/jbig2_image.c |
253 |
-@@ -32,10 +32,10 @@ |
254 |
- |
255 |
- /* allocate a Jbig2Image structure and its associated bitmap */ |
256 |
- Jbig2Image * |
257 |
--jbig2_image_new(Jbig2Ctx *ctx, int width, int height) |
258 |
-+jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height) |
259 |
- { |
260 |
- Jbig2Image *image; |
261 |
-- int stride; |
262 |
-+ uint32_t stride; |
263 |
- int64_t check; |
264 |
- |
265 |
- image = jbig2_new(ctx, Jbig2Image, 1); |
266 |
-@@ -99,7 +99,7 @@ jbig2_image_free(Jbig2Ctx *ctx, Jbig2Image *image) |
267 |
- |
268 |
- /* resize a Jbig2Image */ |
269 |
- Jbig2Image * |
270 |
--jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height) |
271 |
-+jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, uint32_t width, uint32_t height) |
272 |
- { |
273 |
- if (width == image->width) { |
274 |
- /* check for integer multiplication overflow */ |
275 |
-@@ -133,11 +133,11 @@ jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height) |
276 |
- static int |
277 |
- jbig2_image_compose_unopt(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int y, Jbig2ComposeOp op) |
278 |
- { |
279 |
-- int i, j; |
280 |
-- int sw = src->width; |
281 |
-- int sh = src->height; |
282 |
-- int sx = 0; |
283 |
-- int sy = 0; |
284 |
-+ uint32_t i, j; |
285 |
-+ uint32_t sw = src->width; |
286 |
-+ uint32_t sh = src->height; |
287 |
-+ uint32_t sx = 0; |
288 |
-+ uint32_t sy = 0; |
289 |
- |
290 |
- /* clip to the dst image boundaries */ |
291 |
- if (x < 0) { |
292 |
-@@ -200,10 +200,10 @@ jbig2_image_compose_unopt(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x |
293 |
- int |
294 |
- jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int y, Jbig2ComposeOp op) |
295 |
- { |
296 |
-- int i, j; |
297 |
-- int w, h; |
298 |
-- int leftbyte, rightbyte; |
299 |
-- int shift; |
300 |
-+ uint32_t i, j; |
301 |
-+ uint32_t w, h; |
302 |
-+ uint32_t leftbyte, rightbyte; |
303 |
-+ uint32_t shift; |
304 |
- uint8_t *s, *ss; |
305 |
- uint8_t *d, *dd; |
306 |
- uint8_t mask, rightmask; |
307 |
-@@ -226,8 +226,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int |
308 |
- h += y; |
309 |
- y = 0; |
310 |
- } |
311 |
-- w = (x + w < dst->width) ? w : dst->width - x; |
312 |
-- h = (y + h < dst->height) ? h : dst->height - y; |
313 |
-+ w = ((uint32_t)x + w < dst->width) ? w : ((dst->width >= (uint32_t)x) ? dst->width - (uint32_t)x : 0); |
314 |
-+ h = ((uint32_t)y + h < dst->height) ? h : ((dst->height >= (uint32_t)y) ? dst->height - (uint32_t)y : 0); |
315 |
- #ifdef JBIG2_DEBUG |
316 |
- jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "compositing %dx%d at (%d, %d) after clipping\n", w, h, x, y); |
317 |
- #endif |
318 |
-@@ -249,8 +249,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int |
319 |
- } |
320 |
- #endif |
321 |
- |
322 |
-- leftbyte = x >> 3; |
323 |
-- rightbyte = (x + w - 1) >> 3; |
324 |
-+ leftbyte = (uint32_t)x >> 3; |
325 |
-+ rightbyte = ((uint32_t)x + w - 1) >> 3; |
326 |
- shift = x & 7; |
327 |
- |
328 |
- /* general OR case */ |
329 |
-diff --git a/jbig2_mmr.c b/jbig2_mmr.c |
330 |
-index d4cd3a2..390e27c 100644 |
331 |
---- a/jbig2_mmr.c |
332 |
-+++ b/jbig2_mmr.c |
333 |
-@@ -38,19 +38,21 @@ |
334 |
- #include "jbig2_mmr.h" |
335 |
- |
336 |
- typedef struct { |
337 |
-- int width; |
338 |
-- int height; |
339 |
-+ uint32_t width; |
340 |
-+ uint32_t height; |
341 |
- const byte *data; |
342 |
- size_t size; |
343 |
-- int data_index; |
344 |
-- int bit_index; |
345 |
-+ uint32_t data_index; |
346 |
-+ uint32_t bit_index; |
347 |
- uint32_t word; |
348 |
- } Jbig2MmrCtx; |
349 |
- |
350 |
-+#define MINUS1 ((uint32_t)-1) |
351 |
-+ |
352 |
- static void |
353 |
- jbig2_decode_mmr_init(Jbig2MmrCtx *mmr, int width, int height, const byte *data, size_t size) |
354 |
- { |
355 |
-- int i; |
356 |
-+ size_t i; |
357 |
- uint32_t word = 0; |
358 |
- |
359 |
- mmr->width = width; |
360 |
-@@ -732,14 +734,14 @@ const mmr_table_node jbig2_mmr_black_decode[] = { |
361 |
- #define getbit(buf, x) ( ( buf[x >> 3] >> ( 7 - (x & 7) ) ) & 1 ) |
362 |
- |
363 |
- static int |
364 |
--jbig2_find_changing_element(const byte *line, int x, int w) |
365 |
-+jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w) |
366 |
- { |
367 |
- int a, b; |
368 |
- |
369 |
- if (line == 0) |
370 |
-- return w; |
371 |
-+ return (int)w; |
372 |
- |
373 |
-- if (x == -1) { |
374 |
-+ if (x == MINUS1) { |
375 |
- a = 0; |
376 |
- x = 0; |
377 |
- } else { |
378 |
-@@ -758,7 +760,7 @@ jbig2_find_changing_element(const byte *line, int x, int w) |
379 |
- } |
380 |
- |
381 |
- static int |
382 |
--jbig2_find_changing_element_of_color(const byte *line, int x, int w, int color) |
383 |
-+jbig2_find_changing_element_of_color(const byte *line, uint32_t x, uint32_t w, int color) |
384 |
- { |
385 |
- if (line == 0) |
386 |
- return w; |
387 |
-@@ -772,9 +774,9 @@ static const byte lm[8] = { 0xFF, 0x7F, 0x3F, 0x1F, 0x0F, 0x07, 0x03, 0x01 }; |
388 |
- static const byte rm[8] = { 0x00, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE }; |
389 |
- |
390 |
- static void |
391 |
--jbig2_set_bits(byte *line, int x0, int x1) |
392 |
-+jbig2_set_bits(byte *line, uint32_t x0, uint32_t x1) |
393 |
- { |
394 |
-- int a0, a1, b0, b1, a; |
395 |
-+ uint32_t a0, a1, b0, b1, a; |
396 |
- |
397 |
- a0 = x0 >> 3; |
398 |
- a1 = x1 >> 3; |
399 |
-@@ -831,8 +833,8 @@ jbig2_decode_get_run(Jbig2MmrCtx *mmr, const mmr_table_node *table, int initial_ |
400 |
- static int |
401 |
- jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
402 |
- { |
403 |
-- int a0 = -1; |
404 |
-- int a1, a2, b1, b2; |
405 |
-+ uint32_t a0 = MINUS1; |
406 |
-+ uint32_t a1, a2, b1, b2; |
407 |
- int c = 0; /* 0 is white, black is 1 */ |
408 |
- |
409 |
- while (1) { |
410 |
-@@ -840,7 +842,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
411 |
- |
412 |
- /* printf ("%08x\n", word); */ |
413 |
- |
414 |
-- if (a0 >= mmr->width) |
415 |
-+ if (a0 != MINUS1 && a0 >= mmr->width) |
416 |
- break; |
417 |
- |
418 |
- if ((word >> (32 - 3)) == 1) { |
419 |
-@@ -848,7 +850,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
420 |
- |
421 |
- jbig2_decode_mmr_consume(mmr, 3); |
422 |
- |
423 |
-- if (a0 == -1) |
424 |
-+ if (a0 == MINUS1) |
425 |
- a0 = 0; |
426 |
- |
427 |
- if (c == 0) { |
428 |
-@@ -860,7 +862,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
429 |
- a1 = mmr->width; |
430 |
- if (a2 > mmr->width) |
431 |
- a2 = mmr->width; |
432 |
-- if (a2 < a1 || a1 < 0) |
433 |
-+ if (a1 == MINUS1 || a2 < a1) |
434 |
- return -1; |
435 |
- jbig2_set_bits(dst, a1, a2); |
436 |
- a0 = a2; |
437 |
-@@ -874,7 +876,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
438 |
- a1 = mmr->width; |
439 |
- if (a2 > mmr->width) |
440 |
- a2 = mmr->width; |
441 |
-- if (a1 < a0 || a0 < 0) |
442 |
-+ if (a0 == MINUS1 || a1 < a0) |
443 |
- return -1; |
444 |
- jbig2_set_bits(dst, a0, a1); |
445 |
- a0 = a2; |
446 |
-@@ -888,7 +890,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
447 |
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c); |
448 |
- b2 = jbig2_find_changing_element(ref, b1, mmr->width); |
449 |
- if (c) { |
450 |
-- if (b2 < a0 || a0 < 0) |
451 |
-+ if (a0 == MINUS1 || b2 < a0) |
452 |
- return -1; |
453 |
- jbig2_set_bits(dst, a0, b2); |
454 |
- } |
455 |
-@@ -900,7 +902,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
456 |
- jbig2_decode_mmr_consume(mmr, 1); |
457 |
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c); |
458 |
- if (c) { |
459 |
-- if (b1 < a0 || a0 < 0) |
460 |
-+ if (a0 == MINUS1 || b1 < a0) |
461 |
- return -1; |
462 |
- jbig2_set_bits(dst, a0, b1); |
463 |
- } |
464 |
-@@ -915,7 +917,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
465 |
- if (b1 + 1 > mmr->width) |
466 |
- break; |
467 |
- if (c) { |
468 |
-- if (b1 + 1 < a0 || a0 < 0) |
469 |
-+ if (a0 == MINUS1 || b1 + 1 < a0) |
470 |
- return -1; |
471 |
- jbig2_set_bits(dst, a0, b1 + 1); |
472 |
- } |
473 |
-@@ -930,7 +932,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
474 |
- if (b1 + 2 > mmr->width) |
475 |
- break; |
476 |
- if (c) { |
477 |
-- if (b1 + 2 < a0 || a0 < 0) |
478 |
-+ if (a0 == MINUS1 || b1 + 2 < a0) |
479 |
- return -1; |
480 |
- jbig2_set_bits(dst, a0, b1 + 2); |
481 |
- } |
482 |
-@@ -942,10 +944,10 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
483 |
- /* printf ("VR(3)\n"); */ |
484 |
- jbig2_decode_mmr_consume(mmr, 7); |
485 |
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c); |
486 |
-- if (b1 + 3 > mmr->width) |
487 |
-+ if (b1 + 3 > (int)mmr->width) |
488 |
- break; |
489 |
- if (c) { |
490 |
-- if (b1 + 3 < a0 || a0 < 0) |
491 |
-+ if (a0 == MINUS1 || b1 + 3 < a0) |
492 |
- return -1; |
493 |
- jbig2_set_bits(dst, a0, b1 + 3); |
494 |
- } |
495 |
-@@ -957,10 +959,10 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
496 |
- /* printf ("VL(1)\n"); */ |
497 |
- jbig2_decode_mmr_consume(mmr, 3); |
498 |
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c); |
499 |
-- if (b1 - 1 < 0) |
500 |
-+ if (b1 < 1) |
501 |
- break; |
502 |
- if (c) { |
503 |
-- if (b1 - 1 < a0 || a0 < 0) |
504 |
-+ if (a0 == MINUS1 || b1 - 1 < a0) |
505 |
- return -1; |
506 |
- jbig2_set_bits(dst, a0, b1 - 1); |
507 |
- } |
508 |
-@@ -972,7 +974,7 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
509 |
- /* printf ("VL(2)\n"); */ |
510 |
- jbig2_decode_mmr_consume(mmr, 6); |
511 |
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c); |
512 |
-- if (b1 - 2 < 0) |
513 |
-+ if (b1 < 2) |
514 |
- break; |
515 |
- if (c) { |
516 |
- if (b1 - 2 < a0 || a0 < 0) |
517 |
-@@ -987,10 +989,10 @@ jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst) |
518 |
- /* printf ("VL(3)\n"); */ |
519 |
- jbig2_decode_mmr_consume(mmr, 7); |
520 |
- b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c); |
521 |
-- if (b1 - 3 < 0) |
522 |
-+ if (b1 < 3) |
523 |
- break; |
524 |
- if (c) { |
525 |
-- if (b1 - 3 < a0 || a0 < 0) |
526 |
-+ if (a0 == MINUS1 || b1 - 3 < a0) |
527 |
- return -1; |
528 |
- jbig2_set_bits(dst, a0, b1 - 3); |
529 |
- } |
530 |
-@@ -1009,10 +1011,10 @@ int |
531 |
- jbig2_decode_generic_mmr(Jbig2Ctx *ctx, Jbig2Segment *segment, const Jbig2GenericRegionParams *params, const byte *data, size_t size, Jbig2Image *image) |
532 |
- { |
533 |
- Jbig2MmrCtx mmr; |
534 |
-- const int rowstride = image->stride; |
535 |
-+ const uint32_t rowstride = image->stride; |
536 |
- byte *dst = image->data; |
537 |
- byte *ref = NULL; |
538 |
-- int y; |
539 |
-+ uint32_t y; |
540 |
- int code = 0; |
541 |
- |
542 |
- jbig2_decode_mmr_init(&mmr, image->width, image->height, data, size); |
543 |
-@@ -1047,10 +1049,10 @@ int |
544 |
- jbig2_decode_halftone_mmr(Jbig2Ctx *ctx, const Jbig2GenericRegionParams *params, const byte *data, size_t size, Jbig2Image *image, size_t *consumed_bytes) |
545 |
- { |
546 |
- Jbig2MmrCtx mmr; |
547 |
-- const int rowstride = image->stride; |
548 |
-+ const uint32_t rowstride = image->stride; |
549 |
- byte *dst = image->data; |
550 |
- byte *ref = NULL; |
551 |
-- int y; |
552 |
-+ uint32_t y; |
553 |
- int code = 0; |
554 |
- const uint32_t EOFB = 0x001001; |
555 |
- |
556 |
-diff --git a/jbig2_page.c b/jbig2_page.c |
557 |
-index 110ff7c..1ed1c8a 100644 |
558 |
---- a/jbig2_page.c |
559 |
-+++ b/jbig2_page.c |
560 |
-@@ -155,9 +155,9 @@ int |
561 |
- jbig2_end_of_stripe(Jbig2Ctx *ctx, Jbig2Segment *segment, const uint8_t *segment_data) |
562 |
- { |
563 |
- Jbig2Page page = ctx->pages[ctx->current_page]; |
564 |
-- int end_row; |
565 |
-+ uint32_t end_row; |
566 |
- |
567 |
-- end_row = jbig2_get_int32(segment_data); |
568 |
-+ end_row = jbig2_get_uint32(segment_data); |
569 |
- if (end_row < page.end_row) { |
570 |
- jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, |
571 |
- "end of stripe segment with non-positive end row advance" " (new end row %d vs current end row %d)", end_row, page.end_row); |
572 |
-@@ -248,7 +248,7 @@ jbig2_page_add_result(Jbig2Ctx *ctx, Jbig2Page *page, Jbig2Image *image, int x, |
573 |
- |
574 |
- /* grow the page to accomodate a new stripe if necessary */ |
575 |
- if (page->striped) { |
576 |
-- int new_height = y + image->height + page->end_row; |
577 |
-+ uint32_t new_height = y + image->height + page->end_row; |
578 |
- |
579 |
- if (page->image->height < new_height) { |
580 |
- jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "growing page buffer to %d rows " "to accomodate new stripe", new_height); |
581 |
-diff --git a/jbig2_priv.h b/jbig2_priv.h |
582 |
-index 42ba496..3d44b42 100644 |
583 |
---- a/jbig2_priv.h |
584 |
-+++ b/jbig2_priv.h |
585 |
-@@ -132,7 +132,7 @@ struct _Jbig2Page { |
586 |
- uint32_t x_resolution, y_resolution; /* in pixels per meter */ |
587 |
- uint16_t stripe_size; |
588 |
- bool striped; |
589 |
-- int end_row; |
590 |
-+ uint32_t end_row; |
591 |
- uint8_t flags; |
592 |
- Jbig2Image *image; |
593 |
- }; |
594 |
-@@ -182,7 +182,7 @@ int jbig2_halftone_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segm |
595 |
- typedef struct _Jbig2WordStream Jbig2WordStream; |
596 |
- |
597 |
- struct _Jbig2WordStream { |
598 |
-- int (*get_next_word)(Jbig2WordStream *self, int offset, uint32_t *word); |
599 |
-+ int (*get_next_word)(Jbig2WordStream *self, size_t offset, uint32_t *word); |
600 |
- }; |
601 |
- |
602 |
- Jbig2WordStream *jbig2_word_stream_buf_new(Jbig2Ctx *ctx, const byte *data, size_t size); |
603 |
-diff --git a/jbig2_segment.c b/jbig2_segment.c |
604 |
-index 2e0db67..5b63706 100644 |
605 |
---- a/jbig2_segment.c |
606 |
-+++ b/jbig2_segment.c |
607 |
-@@ -39,10 +39,10 @@ jbig2_parse_segment_header(Jbig2Ctx *ctx, uint8_t *buf, size_t buf_size, size_t |
608 |
- uint8_t rtscarf; |
609 |
- uint32_t rtscarf_long; |
610 |
- uint32_t *referred_to_segments; |
611 |
-- int referred_to_segment_count; |
612 |
-- int referred_to_segment_size; |
613 |
-- int pa_size; |
614 |
-- int offset; |
615 |
-+ uint32_t referred_to_segment_count; |
616 |
-+ uint32_t referred_to_segment_size; |
617 |
-+ uint32_t pa_size; |
618 |
-+ uint32_t offset; |
619 |
- |
620 |
- /* minimum possible size of a jbig2 segment header */ |
621 |
- if (buf_size < 11) |
622 |
-@@ -83,7 +83,7 @@ jbig2_parse_segment_header(Jbig2Ctx *ctx, uint8_t *buf, size_t buf_size, size_t |
623 |
- |
624 |
- /* 7.2.5 */ |
625 |
- if (referred_to_segment_count) { |
626 |
-- int i; |
627 |
-+ uint32_t i; |
628 |
- |
629 |
- referred_to_segments = jbig2_new(ctx, uint32_t, referred_to_segment_count * referred_to_segment_size); |
630 |
- if (referred_to_segments == NULL) { |
631 |
-diff --git a/jbig2_symbol_dict.c b/jbig2_symbol_dict.c |
632 |
-index 2c71a4c..11a2252 100644 |
633 |
---- a/jbig2_symbol_dict.c |
634 |
-+++ b/jbig2_symbol_dict.c |
635 |
-@@ -88,40 +88,40 @@ jbig2_dump_symbol_dict(Jbig2Ctx *ctx, Jbig2Segment *segment) |
636 |
- |
637 |
- /* return a new empty symbol dict */ |
638 |
- Jbig2SymbolDict * |
639 |
--jbig2_sd_new(Jbig2Ctx *ctx, int n_symbols) |
640 |
-+jbig2_sd_new(Jbig2Ctx *ctx, uint32_t n_symbols) |
641 |
- { |
642 |
-- Jbig2SymbolDict *new = NULL; |
643 |
-+ Jbig2SymbolDict *new_dict = NULL; |
644 |
- |
645 |
- if (n_symbols < 0) { |
646 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "Negative number of symbols in symbol dict: %d", n_symbols); |
647 |
- return NULL; |
648 |
- } |
649 |
- |
650 |
-- new = jbig2_new(ctx, Jbig2SymbolDict, 1); |
651 |
-- if (new != NULL) { |
652 |
-- new->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols); |
653 |
-- new->n_symbols = n_symbols; |
654 |
-+ new_dict = jbig2_new(ctx, Jbig2SymbolDict, 1); |
655 |
-+ if (new_dict != NULL) { |
656 |
-+ new_dict->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols); |
657 |
-+ new_dict->n_symbols = n_symbols; |
658 |
- } else { |
659 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "unable to allocate new empty symbol dict"); |
660 |
- return NULL; |
661 |
- } |
662 |
- |
663 |
-- if (new->glyphs != NULL) { |
664 |
-- memset(new->glyphs, 0, n_symbols * sizeof(Jbig2Image *)); |
665 |
-+ if (new_dict->glyphs != NULL) { |
666 |
-+ memset(new_dict->glyphs, 0, n_symbols * sizeof(Jbig2Image *)); |
667 |
- } else { |
668 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "unable to allocate glyphs for new empty symbol dict"); |
669 |
-- jbig2_free(ctx->allocator, new); |
670 |
-+ jbig2_free(ctx->allocator, new_dict); |
671 |
- return NULL; |
672 |
- } |
673 |
- |
674 |
-- return new; |
675 |
-+ return new_dict; |
676 |
- } |
677 |
- |
678 |
- /* release the memory associated with a symbol dict */ |
679 |
- void |
680 |
- jbig2_sd_release(Jbig2Ctx *ctx, Jbig2SymbolDict *dict) |
681 |
- { |
682 |
-- int i; |
683 |
-+ uint32_t i; |
684 |
- |
685 |
- if (dict == NULL) |
686 |
- return; |
687 |
-@@ -142,12 +142,12 @@ jbig2_sd_glyph(Jbig2SymbolDict *dict, unsigned int id) |
688 |
- } |
689 |
- |
690 |
- /* count the number of dictionary segments referred to by the given segment */ |
691 |
--int |
692 |
-+uint32_t |
693 |
- jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment) |
694 |
- { |
695 |
- int index; |
696 |
- Jbig2Segment *rsegment; |
697 |
-- int n_dicts = 0; |
698 |
-+ uint32_t n_dicts = 0; |
699 |
- |
700 |
- for (index = 0; index < segment->referred_to_segment_count; index++) { |
701 |
- rsegment = jbig2_find_segment(ctx, segment->referred_to_segments[index]); |
702 |
-@@ -166,8 +166,8 @@ jbig2_sd_list_referred(Jbig2Ctx *ctx, Jbig2Segment *segment) |
703 |
- int index; |
704 |
- Jbig2Segment *rsegment; |
705 |
- Jbig2SymbolDict **dicts; |
706 |
-- int n_dicts = jbig2_sd_count_referred(ctx, segment); |
707 |
-- int dindex = 0; |
708 |
-+ uint32_t n_dicts = jbig2_sd_count_referred(ctx, segment); |
709 |
-+ uint32_t dindex = 0; |
710 |
- |
711 |
- dicts = jbig2_new(ctx, Jbig2SymbolDict *, n_dicts); |
712 |
- if (dicts == NULL) { |
713 |
-@@ -195,10 +195,10 @@ jbig2_sd_list_referred(Jbig2Ctx *ctx, Jbig2Segment *segment) |
714 |
- /* generate a new symbol dictionary by concatenating a list of |
715 |
- existing dictionaries */ |
716 |
- Jbig2SymbolDict * |
717 |
--jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts) |
718 |
-+jbig2_sd_cat(Jbig2Ctx *ctx, uint32_t n_dicts, Jbig2SymbolDict **dicts) |
719 |
- { |
720 |
-- int i, j, k, symbols; |
721 |
-- Jbig2SymbolDict *new = NULL; |
722 |
-+ uint32_t i, j, k, symbols; |
723 |
-+ Jbig2SymbolDict *new_dict = NULL; |
724 |
- |
725 |
- /* count the imported symbols and allocate a new array */ |
726 |
- symbols = 0; |
727 |
-@@ -206,17 +206,17 @@ jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts) |
728 |
- symbols += dicts[i]->n_symbols; |
729 |
- |
730 |
- /* fill a new array with cloned glyph pointers */ |
731 |
-- new = jbig2_sd_new(ctx, symbols); |
732 |
-- if (new != NULL) { |
733 |
-+ new_dict = jbig2_sd_new(ctx, symbols); |
734 |
-+ if (new_dict != NULL) { |
735 |
- k = 0; |
736 |
- for (i = 0; i < n_dicts; i++) |
737 |
- for (j = 0; j < dicts[i]->n_symbols; j++) |
738 |
-- new->glyphs[k++] = jbig2_image_clone(ctx, dicts[i]->glyphs[j]); |
739 |
-+ new_dict->glyphs[k++] = jbig2_image_clone(ctx, dicts[i]->glyphs[j]); |
740 |
- } else { |
741 |
- jbig2_error(ctx, JBIG2_SEVERITY_WARNING, -1, "failed to allocate new symbol dictionary"); |
742 |
- } |
743 |
- |
744 |
-- return new; |
745 |
-+ return new_dict; |
746 |
- } |
747 |
- |
748 |
- /* Decoding routines */ |
749 |
-@@ -431,7 +431,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, |
750 |
- |
751 |
- if (REFAGGNINST > 1) { |
752 |
- Jbig2Image *image; |
753 |
-- int i; |
754 |
-+ uint32_t i; |
755 |
- |
756 |
- if (tparams == NULL) { |
757 |
- /* First time through, we need to initialise the */ |
758 |
-@@ -512,7 +512,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, |
759 |
- uint32_t ID; |
760 |
- int32_t RDX, RDY; |
761 |
- int BMSIZE = 0; |
762 |
-- int ninsyms = params->SDNUMINSYMS; |
763 |
-+ uint32_t ninsyms = params->SDNUMINSYMS; |
764 |
- int code1 = 0; |
765 |
- int code2 = 0; |
766 |
- int code3 = 0; |
767 |
-@@ -609,8 +609,9 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, |
768 |
- if (params->SDHUFF && !params->SDREFAGG) { |
769 |
- /* 6.5.9 */ |
770 |
- Jbig2Image *image; |
771 |
-- int BMSIZE = jbig2_huffman_get(hs, params->SDHUFFBMSIZE, &code); |
772 |
-- int j, x; |
773 |
-+ uint32_t BMSIZE = jbig2_huffman_get(hs, params->SDHUFFBMSIZE, &code); |
774 |
-+ uint32_t j; |
775 |
-+ int x; |
776 |
- |
777 |
- if (code || (BMSIZE < 0)) { |
778 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "error decoding size of collective bitmap!"); |
779 |
-@@ -700,22 +701,22 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, |
780 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate symbols exported from symbols dictionary"); |
781 |
- goto cleanup4; |
782 |
- } else { |
783 |
-- int i = 0; |
784 |
-- int j = 0; |
785 |
-- int k; |
786 |
-+ uint32_t i = 0; |
787 |
-+ uint32_t j = 0; |
788 |
-+ uint32_t k; |
789 |
- int exflag = 0; |
790 |
-- int64_t limit = params->SDNUMINSYMS + params->SDNUMNEWSYMS; |
791 |
-- int32_t exrunlength; |
792 |
-+ uint32_t limit = params->SDNUMINSYMS + params->SDNUMNEWSYMS; |
793 |
-+ uint32_t exrunlength; |
794 |
- int zerolength = 0; |
795 |
- |
796 |
- while (i < limit) { |
797 |
- if (params->SDHUFF) |
798 |
- exrunlength = jbig2_huffman_get(hs, SBHUFFRSIZE, &code); |
799 |
- else |
800 |
-- code = jbig2_arith_int_decode(IAEX, as, &exrunlength); |
801 |
-+ code = jbig2_arith_int_decode(IAEX, as, (int32_t *)&exrunlength); |
802 |
- /* prevent infinite loop */ |
803 |
- zerolength = exrunlength > 0 ? 0 : zerolength + 1; |
804 |
-- if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength > params->SDNUMEXSYMS - j))) { |
805 |
-+ if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength + j > params->SDNUMEXSYMS))) { |
806 |
- if (code) |
807 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to decode exrunlength for exported symbols"); |
808 |
- else if (exrunlength <= 0) |
809 |
-@@ -797,8 +798,8 @@ jbig2_symbol_dictionary(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segmen |
810 |
- { |
811 |
- Jbig2SymbolDictParams params; |
812 |
- uint16_t flags; |
813 |
-- int sdat_bytes; |
814 |
-- int offset; |
815 |
-+ uint32_t sdat_bytes; |
816 |
-+ uint32_t offset; |
817 |
- Jbig2ArithCx *GB_stats = NULL; |
818 |
- Jbig2ArithCx *GR_stats = NULL; |
819 |
- int table_index = 0; |
820 |
-@@ -951,7 +952,7 @@ jbig2_symbol_dictionary(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segmen |
821 |
- |
822 |
- /* 7.4.2.2 (2) */ |
823 |
- { |
824 |
-- int n_dicts = jbig2_sd_count_referred(ctx, segment); |
825 |
-+ uint32_t n_dicts = jbig2_sd_count_referred(ctx, segment); |
826 |
- Jbig2SymbolDict **dicts = NULL; |
827 |
- |
828 |
- if (n_dicts > 0) { |
829 |
-diff --git a/jbig2_symbol_dict.h b/jbig2_symbol_dict.h |
830 |
-index d56d62d..30211d4 100644 |
831 |
---- a/jbig2_symbol_dict.h |
832 |
-+++ b/jbig2_symbol_dict.h |
833 |
-@@ -32,18 +32,18 @@ int jbig2_symbol_dictionary(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *se |
834 |
- Jbig2Image *jbig2_sd_glyph(Jbig2SymbolDict *dict, unsigned int id); |
835 |
- |
836 |
- /* return a new empty symbol dict */ |
837 |
--Jbig2SymbolDict *jbig2_sd_new(Jbig2Ctx *ctx, int n_symbols); |
838 |
-+Jbig2SymbolDict *jbig2_sd_new(Jbig2Ctx *ctx, uint32_t n_symbols); |
839 |
- |
840 |
- /* release the memory associated with a symbol dict */ |
841 |
- void jbig2_sd_release(Jbig2Ctx *ctx, Jbig2SymbolDict *dict); |
842 |
- |
843 |
- /* generate a new symbol dictionary by concatenating a list of |
844 |
- existing dictionaries */ |
845 |
--Jbig2SymbolDict *jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts); |
846 |
-+Jbig2SymbolDict *jbig2_sd_cat(Jbig2Ctx *ctx, uint32_t n_dicts, Jbig2SymbolDict **dicts); |
847 |
- |
848 |
- /* count the number of dictionary segments referred |
849 |
- to by the given segment */ |
850 |
--int jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment); |
851 |
-+uint32_t jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment); |
852 |
- |
853 |
- /* return an array of pointers to symbol dictionaries referred |
854 |
- to by a segment */ |
855 |
-diff --git a/jbig2_text.c b/jbig2_text.c |
856 |
-index 5c99640..e77460f 100644 |
857 |
---- a/jbig2_text.c |
858 |
-+++ b/jbig2_text.c |
859 |
-@@ -55,7 +55,7 @@ |
860 |
- int |
861 |
- jbig2_decode_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, |
862 |
- const Jbig2TextRegionParams *params, |
863 |
-- const Jbig2SymbolDict *const *dicts, const int n_dicts, |
864 |
-+ const Jbig2SymbolDict *const *dicts, const uint32_t n_dicts, |
865 |
- Jbig2Image *image, const byte *data, const size_t size, Jbig2ArithCx *GR_stats, Jbig2ArithState *as, Jbig2WordStream *ws) |
866 |
- { |
867 |
- /* relevent bits of 6.4.4 */ |
868 |
-@@ -476,19 +476,19 @@ cleanup2: |
869 |
- int |
870 |
- jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data) |
871 |
- { |
872 |
-- int offset = 0; |
873 |
-+ uint32_t offset = 0; |
874 |
- Jbig2RegionSegmentInfo region_info; |
875 |
- Jbig2TextRegionParams params; |
876 |
- Jbig2Image *image = NULL; |
877 |
- Jbig2SymbolDict **dicts = NULL; |
878 |
-- int n_dicts = 0; |
879 |
-+ uint32_t n_dicts = 0; |
880 |
- uint16_t flags = 0; |
881 |
- uint16_t huffman_flags = 0; |
882 |
- Jbig2ArithCx *GR_stats = NULL; |
883 |
- int code = 0; |
884 |
- Jbig2WordStream *ws = NULL; |
885 |
- Jbig2ArithState *as = NULL; |
886 |
-- int table_index = 0; |
887 |
-+ uint32_t table_index = 0; |
888 |
- const Jbig2HuffmanParams *huffman_params = NULL; |
889 |
- |
890 |
- /* 7.4.1 */ |
891 |
-@@ -779,7 +779,7 @@ jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data |
892 |
- code = jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "unable to retrive symbol dictionaries! previous parsing error?"); |
893 |
- goto cleanup1; |
894 |
- } else { |
895 |
-- int index; |
896 |
-+ uint32_t index; |
897 |
- |
898 |
- if (dicts[0] == NULL) { |
899 |
- code = jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, "unable to find first referenced symbol dictionary!"); |
900 |
-@@ -823,8 +823,8 @@ jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data |
901 |
- } |
902 |
- |
903 |
- if (!params.SBHUFF) { |
904 |
-- int SBSYMCODELEN, index; |
905 |
-- int SBNUMSYMS = 0; |
906 |
-+ uint32_t SBSYMCODELEN, index; |
907 |
-+ uint32_t SBNUMSYMS = 0; |
908 |
- |
909 |
- for (index = 0; index < n_dicts; index++) { |
910 |
- SBNUMSYMS += dicts[index]->n_symbols; |
911 |
-@@ -840,7 +840,7 @@ jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data |
912 |
- } |
913 |
- |
914 |
- /* Table 31 */ |
915 |
-- for (SBSYMCODELEN = 0; (1 << SBSYMCODELEN) < SBNUMSYMS; SBSYMCODELEN++) { |
916 |
-+ for (SBSYMCODELEN = 0; (1U << SBSYMCODELEN) < SBNUMSYMS; SBSYMCODELEN++) { |
917 |
- } |
918 |
- params.IAID = jbig2_arith_iaid_ctx_new(ctx, SBSYMCODELEN); |
919 |
- params.IARI = jbig2_arith_int_ctx_new(ctx); |
920 |
-diff --git a/jbig2_text.h b/jbig2_text.h |
921 |
-index aec2732..51d242e 100644 |
922 |
---- a/jbig2_text.h |
923 |
-+++ b/jbig2_text.h |
924 |
-@@ -70,5 +70,5 @@ typedef struct { |
925 |
- int |
926 |
- jbig2_decode_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, |
927 |
- const Jbig2TextRegionParams *params, |
928 |
-- const Jbig2SymbolDict *const *dicts, const int n_dicts, |
929 |
-+ const Jbig2SymbolDict *const *dicts, const uint32_t n_dicts, |
930 |
- Jbig2Image *image, const byte *data, const size_t size, Jbig2ArithCx *GR_stats, Jbig2ArithState *as, Jbig2WordStream *ws); |
931 |
--- |
932 |
-2.11.1 |
933 |
- |
934 |
|
935 |
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch |
936 |
deleted file mode 100644 |
937 |
index e8ffccd4534..00000000000 |
938 |
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7885.patch |
939 |
+++ /dev/null |
940 |
@@ -1,29 +0,0 @@ |
941 |
-From b184e783702246e154294326d03d9abda669fcfa Mon Sep 17 00:00:00 2001 |
942 |
-From: Shailesh Mistry <shailesh.mistry@××××××××××.uk> |
943 |
-Date: Wed, 3 May 2017 22:06:01 +0100 |
944 |
-Subject: [PATCH] Bug 697703: Prevent integer overflow vulnerability. |
945 |
- |
946 |
-Add extra check for the offset being greater than the size |
947 |
-of the image and hence reading off the end of the buffer. |
948 |
- |
949 |
-Thank you to Dai Ge for finding this issue and suggesting a patch. |
950 |
---- |
951 |
- jbig2dec/jbig2_symbol_dict.c | 2 +- |
952 |
- 1 file changed, 1 insertion(+), 1 deletion(-) |
953 |
- |
954 |
-diff --git a/jbig2dec/jbig2_symbol_dict.c b/jbig2dec/jbig2_symbol_dict.c |
955 |
-index 4acaba9d0..36225cb1f 100644 |
956 |
---- a/jbig2_symbol_dict.c |
957 |
-+++ b/jbig2_symbol_dict.c |
958 |
-@@ -629,7 +629,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, |
959 |
- byte *dst = image->data; |
960 |
- |
961 |
- /* SumatraPDF: prevent read access violation */ |
962 |
-- if (size - jbig2_huffman_offset(hs) < image->height * stride) { |
963 |
-+ if ((size - jbig2_huffman_offset(hs) < image->height * stride) || (size < jbig2_huffman_offset(hs))) { |
964 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "not enough data for decoding (%d/%d)", image->height * stride, |
965 |
- size - jbig2_huffman_offset(hs)); |
966 |
- jbig2_image_release(ctx, image); |
967 |
--- |
968 |
-2.13.1 |
969 |
- |
970 |
|
971 |
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch |
972 |
deleted file mode 100644 |
973 |
index d5e62762b9a..00000000000 |
974 |
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7975.patch |
975 |
+++ /dev/null |
976 |
@@ -1,31 +0,0 @@ |
977 |
-From 5e57e483298dae8b8d4ec9aab37a526736ac2e97 Mon Sep 17 00:00:00 2001 |
978 |
-From: Shailesh Mistry <shailesh.mistry@××××××××××.uk> |
979 |
-Date: Wed, 26 Apr 2017 22:12:14 +0100 |
980 |
-Subject: [PATCH] Bug 697693: Prevent SEGV due to integer overflow. |
981 |
- |
982 |
-While building a Huffman table, the start and end points were susceptible |
983 |
-to integer overflow. |
984 |
- |
985 |
-Thank you to Jiaqi for finding this issue and suggesting a patch. |
986 |
---- |
987 |
- jbig2dec/jbig2_huffman.c | 4 ++-- |
988 |
- 1 file changed, 2 insertions(+), 2 deletions(-) |
989 |
- |
990 |
-diff --git a/jbig2dec/jbig2_huffman.c b/jbig2dec/jbig2_huffman.c |
991 |
-index 511e46170..b4189a12c 100644 |
992 |
---- a/jbig2_huffman.c |
993 |
-+++ b/jbig2_huffman.c |
994 |
-@@ -421,8 +421,8 @@ jbig2_build_huffman_table(Jbig2Ctx *ctx, const Jbig2HuffmanParams *params) |
995 |
- |
996 |
- if (PREFLEN == CURLEN) { |
997 |
- int RANGELEN = lines[CURTEMP].RANGELEN; |
998 |
-- int start_j = CURCODE << shift; |
999 |
-- int end_j = (CURCODE + 1) << shift; |
1000 |
-+ uint32_t start_j = CURCODE << shift; |
1001 |
-+ uint32_t end_j = (CURCODE + 1) << shift; |
1002 |
- byte eflags = 0; |
1003 |
- |
1004 |
- if (end_j > max_j) { |
1005 |
--- |
1006 |
-2.13.1 |
1007 |
- |
1008 |
|
1009 |
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch |
1010 |
deleted file mode 100644 |
1011 |
index c6dbd182c61..00000000000 |
1012 |
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-7976.patch |
1013 |
+++ /dev/null |
1014 |
@@ -1,29 +0,0 @@ |
1015 |
-From ed6c5133a1004ce8d38f1b44de85a7186feda95e Mon Sep 17 00:00:00 2001 |
1016 |
-From: Shailesh Mistry <shailesh.mistry@××××××××××.uk> |
1017 |
-Date: Wed, 10 May 2017 17:50:39 +0100 |
1018 |
-Subject: [PATCH] Bug 697683: Bounds check before reading from image source |
1019 |
- data. |
1020 |
- |
1021 |
-Add extra check to prevent reading off the end of the image source |
1022 |
-data buffer. |
1023 |
- |
1024 |
-Thank you to Dai Ge for finding this issue and suggesting a patch. |
1025 |
---- |
1026 |
- jbig2dec/jbig2_image.c | 3 ++- |
1027 |
- 1 file changed, 2 insertions(+), 1 deletion(-) |
1028 |
- |
1029 |
-Backported dilfridge@g.o |
1030 |
- |
1031 |
-diff -ruN jbig2dec-0.13.orig/jbig2_image.c jbig2dec-0.13/jbig2_image.c |
1032 |
---- jbig2dec-0.13.orig/jbig2_image.c 2017-06-10 01:41:16.207939489 +0200 |
1033 |
-+++ jbig2dec-0.13/jbig2_image.c 2017-06-10 01:46:28.009952461 +0200 |
1034 |
-@@ -256,7 +256,8 @@ |
1035 |
- /* general OR case */ |
1036 |
- s = ss; |
1037 |
- d = dd = dst->data + y * dst->stride + leftbyte; |
1038 |
-- if (d < dst->data || leftbyte > dst->stride || h * dst->stride < 0 || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride) { |
1039 |
-+ if (d < dst->data || leftbyte > dst->stride || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride || |
1040 |
-+ s - leftbyte + (h - 1) * src->stride + rightbyte > src->data + src->height * src->stride) { |
1041 |
- return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "preventing heap overflow in jbig2_image_compose"); |
1042 |
- } |
1043 |
- if (leftbyte == rightbyte) { |
1044 |
|
1045 |
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch b/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch |
1046 |
deleted file mode 100644 |
1047 |
index 789ed6c9656..00000000000 |
1048 |
--- a/media-libs/jbig2dec/files/jbig2dec-0.13-CVE-2017-9216.patch |
1049 |
+++ /dev/null |
1050 |
@@ -1,31 +0,0 @@ |
1051 |
-From 3ebffb1d96ba0cacec23016eccb4047dab365853 Mon Sep 17 00:00:00 2001 |
1052 |
-From: Shailesh Mistry <shailesh.mistry@××××××××××.uk> |
1053 |
-Date: Wed, 24 May 2017 19:29:57 +0100 |
1054 |
-Subject: [PATCH] Bug 697934: Fix SEGV due to error code being ignored. |
1055 |
- |
1056 |
-The return code from jbig2_decode_text_region was being ignored so the |
1057 |
-code continued to try and parse the invalid file using incomplete/empty |
1058 |
-structures. |
1059 |
---- |
1060 |
- jbig2dec/jbig2_symbol_dict.c | 4 +++- |
1061 |
- 1 file changed, 3 insertions(+), 1 deletion(-) |
1062 |
- |
1063 |
-diff --git a/jbig2_symbol_dict.c b/jbig2_symbol_dict.c |
1064 |
-index 3cc1731..672425d 100644 |
1065 |
---- a/jbig2_symbol_dict.c |
1066 |
-+++ b/jbig2_symbol_dict.c |
1067 |
-@@ -493,8 +493,10 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, |
1068 |
- } |
1069 |
- |
1070 |
- /* multiple symbols are handled as a text region */ |
1071 |
-- jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts, |
1072 |
-+ code = jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts, |
1073 |
- n_refagg_dicts, image, data, size, GR_stats, as, ws); |
1074 |
-+ if (code < 0) |
1075 |
-+ goto cleanup4; |
1076 |
- |
1077 |
- SDNEWSYMS->glyphs[NSYMSDECODED] = image; |
1078 |
- refagg_dicts[0]->glyphs[params->SDNUMINSYMS + NSYMSDECODED] = jbig2_image_clone(ctx, SDNEWSYMS->glyphs[NSYMSDECODED]); |
1079 |
--- |
1080 |
-2.9.1 |
1081 |
- |
1082 |
|
1083 |
diff --git a/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild b/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild |
1084 |
index 38e94e73b33..387218d0d0f 100644 |
1085 |
--- a/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild |
1086 |
+++ b/media-libs/jbig2dec/jbig2dec-0.13-r4.ebuild |
1087 |
@@ -6,6 +6,7 @@ EAPI=6 |
1088 |
DESCRIPTION="A decoder implementation of the JBIG2 image compression format" |
1089 |
HOMEPAGE="http://ghostscript.com/jbig2dec.html" |
1090 |
SRC_URI="http://downloads.ghostscript.com/public/${PN}/${P}.tar.gz |
1091 |
+ https://dev.gentoo.org/~mgorny/dist/${P}-patchset.tar.bz2 |
1092 |
test? ( http://jbig2dec.sourceforge.net/ubc/jb2streams.zip )" |
1093 |
|
1094 |
LICENSE="AGPL-3" |
1095 |
@@ -23,11 +24,11 @@ RESTRICT="test" |
1096 |
DOCS="CHANGES README" |
1097 |
|
1098 |
PATCHES=( |
1099 |
- "${FILESDIR}/${P}-CVE-2016-9601.patch" |
1100 |
- "${FILESDIR}/${P}-CVE-2017-9216.patch" |
1101 |
- "${FILESDIR}/${P}-CVE-2017-7885.patch" |
1102 |
- "${FILESDIR}/${P}-CVE-2017-7975.patch" |
1103 |
- "${FILESDIR}/${P}-CVE-2017-7976.patch" |
1104 |
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2016-9601.patch" |
1105 |
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-9216.patch" |
1106 |
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-7885.patch" |
1107 |
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-7975.patch" |
1108 |
+ "${WORKDIR}/${P}-patchset/${P}-CVE-2017-7976.patch" |
1109 |
) |
1110 |
|
1111 |
src_prepare() { |