1 |
commit: 631dcc854482ebd56ee3e642d96ea30ad1d87e82 |
2 |
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jan 30 10:36:30 2023 +0000 |
4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jan 30 14:44:05 2023 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=631dcc85 |
7 |
|
8 |
kde-frameworks/kimageformats: heif: reject invalid files with zero size |
9 |
|
10 |
Upstream commit b654f20ecebc30ab73022a6b32c2fd1cef162ea6 |
11 |
|
12 |
See also: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50850 |
13 |
|
14 |
Bug: https://bugs.gentoo.org/891927 |
15 |
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> |
16 |
|
17 |
....102.0-heif-reject-invalid-files-w-0-size.patch | 31 +++++++++++++++ |
18 |
.../kimageformats/kimageformats-5.102.0-r1.ebuild | 46 ++++++++++++++++++++++ |
19 |
2 files changed, 77 insertions(+) |
20 |
|
21 |
diff --git a/kde-frameworks/kimageformats/files/kimageformats-5.102.0-heif-reject-invalid-files-w-0-size.patch b/kde-frameworks/kimageformats/files/kimageformats-5.102.0-heif-reject-invalid-files-w-0-size.patch |
22 |
new file mode 100644 |
23 |
index 000000000000..809d11ce382f |
24 |
--- /dev/null |
25 |
+++ b/kde-frameworks/kimageformats/files/kimageformats-5.102.0-heif-reject-invalid-files-w-0-size.patch |
26 |
@@ -0,0 +1,31 @@ |
27 |
+From b654f20ecebc30ab73022a6b32c2fd1cef162ea6 Mon Sep 17 00:00:00 2001 |
28 |
+From: =?UTF-8?q?Daniel=20Novomesk=C3=BD?= <dnovomesky@×××××.com> |
29 |
+Date: Sun, 29 Jan 2023 16:16:52 +0100 |
30 |
+Subject: [PATCH] heif: reject invalid files with zero size |
31 |
+ |
32 |
+--- |
33 |
+ src/imageformats/heif.cpp | 8 ++++++++ |
34 |
+ 1 file changed, 8 insertions(+) |
35 |
+ |
36 |
+diff --git a/src/imageformats/heif.cpp b/src/imageformats/heif.cpp |
37 |
+index 3365d92..c938c0d 100644 |
38 |
+--- a/src/imageformats/heif.cpp |
39 |
++++ b/src/imageformats/heif.cpp |
40 |
+@@ -449,6 +449,14 @@ bool HEIFHandler::ensureDecoder() |
41 |
+ return false; |
42 |
+ } |
43 |
+ |
44 |
++ if ((heif_image_handle_get_width(handle) == 0) || (heif_image_handle_get_height(handle) == 0)) { |
45 |
++ m_parseState = ParseHeicError; |
46 |
++ heif_image_handle_release(handle); |
47 |
++ heif_context_free(ctx); |
48 |
++ qWarning() << "HEIC image has zero dimension"; |
49 |
++ return false; |
50 |
++ } |
51 |
++ |
52 |
+ const bool hasAlphaChannel = heif_image_handle_has_alpha_channel(handle); |
53 |
+ const int bit_depth = heif_image_handle_get_luma_bits_per_pixel(handle); |
54 |
+ heif_chroma chroma; |
55 |
+-- |
56 |
+GitLab |
57 |
+ |
58 |
|
59 |
diff --git a/kde-frameworks/kimageformats/kimageformats-5.102.0-r1.ebuild b/kde-frameworks/kimageformats/kimageformats-5.102.0-r1.ebuild |
60 |
new file mode 100644 |
61 |
index 000000000000..fef1628f46c6 |
62 |
--- /dev/null |
63 |
+++ b/kde-frameworks/kimageformats/kimageformats-5.102.0-r1.ebuild |
64 |
@@ -0,0 +1,46 @@ |
65 |
+# Copyright 1999-2023 Gentoo Authors |
66 |
+# Distributed under the terms of the GNU General Public License v2 |
67 |
+ |
68 |
+EAPI=8 |
69 |
+ |
70 |
+ECM_QTHELP="false" |
71 |
+PVCUT=$(ver_cut 1-2) |
72 |
+QTMIN=5.15.5 |
73 |
+VIRTUALX_REQUIRED="test" |
74 |
+inherit ecm frameworks.kde.org |
75 |
+ |
76 |
+DESCRIPTION="Framework providing additional format plugins for Qt's image I/O system" |
77 |
+ |
78 |
+LICENSE="LGPL-2+" |
79 |
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" |
80 |
+IUSE="avif eps heif jpegxl openexr raw" |
81 |
+ |
82 |
+RDEPEND=" |
83 |
+ >=dev-qt/qtgui-${QTMIN}:5 |
84 |
+ =kde-frameworks/karchive-${PVCUT}*:5 |
85 |
+ avif? ( >=media-libs/libavif-0.8.2:= ) |
86 |
+ eps? ( >=dev-qt/qtprintsupport-${QTMIN}:5 ) |
87 |
+ heif? ( >=media-libs/libheif-1.10.0:= ) |
88 |
+ jpegxl? ( media-libs/libjxl ) |
89 |
+ openexr? ( >=media-libs/openexr-3:= ) |
90 |
+ raw? ( media-libs/libraw:= ) |
91 |
+" |
92 |
+DEPEND="${RDEPEND} |
93 |
+ test? ( heif? ( media-libs/libheif[x265] ) ) |
94 |
+" |
95 |
+ |
96 |
+DOCS=( src/imageformats/AUTHORS ) |
97 |
+ |
98 |
+PATCHES=( "${FILESDIR}/${P}-heif-reject-invalid-files-w-0-size.patch" ) |
99 |
+ |
100 |
+src_configure() { |
101 |
+ local mycmakeargs=( |
102 |
+ -DKIMAGEFORMATS_JXL=$(usex jpegxl) |
103 |
+ $(cmake_use_find_package avif libavif) |
104 |
+ $(cmake_use_find_package eps Qt5PrintSupport) |
105 |
+ -DKIMAGEFORMATS_HEIF=$(usex heif) |
106 |
+ $(cmake_use_find_package openexr OpenEXR) |
107 |
+ $(cmake_use_find_package raw LibRaw) |
108 |
+ ) |
109 |
+ ecm_src_configure |
110 |
+} |