CVE-2018-20330: Integer overflow causing segfault occurred when
attempting to load a BMP file with more than 1 billion pixels using the
`tjLoadImage()` function.
CVE-2018-19664: Buffer overrun occurred when attempting to decompress a
specially-crafted malformed JPEG image to a 256-color BMP using djpeg.
Cc: Murat Demirten <mdemirten@yh.com.tr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f60925beda)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Define CMAKE_INSTALL_RPATH only if ENABLE_SHARED is set otherwise the
following error is raised when installing binaries:
CMake Error at cmake_install.cmake:73 (file):
file RPATH_CHANGE could not write new RPATH:
/usr/lib
to the file:
/home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/bin/rdjpgcom
No valid ELF RPATH or RUNPATH entry exists in the file;
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7f905250bf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for BSD-3c is BSD-3-Clause.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/BSD-3c/BSD-3-Clause/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In preperation for adding more architectures to the jpeg-turbo simd
handling, introduce a hidden BR2_PACKAGE_JPEG_SIMDS_SUPPORT symbol and use
that to enable simd support and default to jpeg-turbo, instead of open
coding it in both places.
While we are at it, reword the help text to be more useful.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The jpeg-turbo configure script now contains PKG_PROG_PKG_CONFIG, even
though it doesn't so far use pkg-config to detect any dependencies (it does
install a .pc file now though):
checking pkg-config is at least version 0.9.0... ./configure: line 13540: \
/home/peko/source/buildroot/output/host/usr/bin/pkg-config: No such file or directory
Depend on host-pkgconf for consistency.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libjpeg and jpeg-turo are providers of the jpeg virtual package, so they
must declare themselves as such.
We do not have any problem, because the dependency is computed from the
Kconfig-defined option BR2_PACKAGE_PROVIDES_JPEG, and we do not check
the Makefile-defined <FOO>_PROVIDES variable.
For the sake of correctness, make both libjpeg and jpeg-turo declare
themselves as providers for the jpeg virtual package.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Use correct bin name so that JPEG_TURBO_REMOVE_USELESS_TOOLS fixup
actually removes it.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Introduce a virtual 'jpeg' package, which pulls in either libjpeg or
jpeg-turbo depending on a choice selection.
Rename jpeg package to libjpeg so we can reuse 'jpeg' for the virtual
package, making the change transparent to existing users and all the
packages using libjpeg.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
