summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2019-09-17 16:02:23 -0500
committerMax Rees <maxcrees@me.com>2019-09-17 16:02:23 -0500
commitf6242ae2f1469ee2f390a4da8e686b0374048698 (patch)
tree46b3aa529d0408c5f2b772b6061bef4a14a4e923
parenteb78aceece24112442a5bccc7ec52e99c0343a07 (diff)
downloadpackages-f6242ae2f1469ee2f390a4da8e686b0374048698.tar.gz
packages-f6242ae2f1469ee2f390a4da8e686b0374048698.tar.bz2
packages-f6242ae2f1469ee2f390a4da8e686b0374048698.tar.xz
packages-f6242ae2f1469ee2f390a4da8e686b0374048698.zip
user/opencv: patch CVE-2019-16249
-rw-r--r--user/opencv/APKBUILD10
-rw-r--r--user/opencv/CVE-2019-16249.patch57
2 files changed, 65 insertions, 2 deletions
diff --git a/user/opencv/APKBUILD b/user/opencv/APKBUILD
index 76403ac60..a8a38c149 100644
--- a/user/opencv/APKBUILD
+++ b/user/opencv/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer:
pkgname=opencv
pkgver=4.1.1
-pkgrel=0
+pkgrel=1
pkgdesc="Computer vision and machine learning software library"
url="https://opencv.org"
arch="all"
@@ -15,8 +15,13 @@ makedepends="cmake doxygen ffmpeg-dev gst-plugins-base-dev gtk+2.0-dev
subpackages="$pkgname-dev $pkgname-libs"
source="opencv-$pkgver.tar.gz::https://github.com/opencv/opencv/archive/$pkgver.tar.gz
cmake-license.patch
+ CVE-2019-16249.patch
"
+# secfixes:
+# 4.1.1-r1:
+# - CVE-2019-16249
+
prepare() {
default_prepare
# purge 3rd party except carotene
@@ -61,4 +66,5 @@ package() {
}
sha512sums="80fa48d992ca06a2a4ab6740df6d8c21f4926165486b393969da2c5bbe2f3a0b799fb76dee5e3654e90c743e49bbd2b5b02ad59a4766896bbf4cd5b4e3251e0f opencv-4.1.1.tar.gz
-ffa6930086051c545a44d28b8e428de7faaeecf961cdee6eef007b2b01db7e5897c6f184b1059df9763c1bcd90f88b9ead710dc13b51a608f21d683f55f39bd6 cmake-license.patch"
+ffa6930086051c545a44d28b8e428de7faaeecf961cdee6eef007b2b01db7e5897c6f184b1059df9763c1bcd90f88b9ead710dc13b51a608f21d683f55f39bd6 cmake-license.patch
+39f2f9abb1051220d6b842e9337c3636ee229781c7efcc92e987dae47ac82072dc95568e6a766e01329ee61c0a3be4efdd82aa3b56c011b44e175444d81c134d CVE-2019-16249.patch"
diff --git a/user/opencv/CVE-2019-16249.patch b/user/opencv/CVE-2019-16249.patch
new file mode 100644
index 000000000..a7f0027ac
--- /dev/null
+++ b/user/opencv/CVE-2019-16249.patch
@@ -0,0 +1,57 @@
+From cd7fa04985b10db5e66de542725d0da57f0d10b6 Mon Sep 17 00:00:00 2001
+From: Vitaly Tuzov <terfendail@mediana.jetos.com>
+Date: Tue, 17 Sep 2019 15:53:18 +0300
+Subject: [PATCH] Fixed out of bound reading in DIS optical flow evaluation
+ implementation
+
+---
+ modules/video/src/dis_flow.cpp | 18 +++++-------------
+ 1 file changed, 5 insertions(+), 13 deletions(-)
+
+diff --git a/modules/video/src/dis_flow.cpp b/modules/video/src/dis_flow.cpp
+index 85400c71ca7..a260b8726bb 100644
+--- a/modules/video/src/dis_flow.cpp
++++ b/modules/video/src/dis_flow.cpp
+@@ -494,7 +494,6 @@ DISOpticalFlowImpl::PatchInverseSearch_ParBody::PatchInverseSearch_ParBody(DISOp
+ v_float32x4 w10v = v_setall_f32(w10); \
+ v_float32x4 w11v = v_setall_f32(w11); \
+ \
+- v_uint8x16 I0_row_16, I1_row_16, I1_row_shifted_16, I1_row_next_16, I1_row_next_shifted_16; \
+ v_uint16x8 I0_row_8, I1_row_8, I1_row_shifted_8, I1_row_next_8, I1_row_next_shifted_8, tmp; \
+ v_uint32x4 I0_row_4_left, I1_row_4_left, I1_row_shifted_4_left, I1_row_next_4_left, I1_row_next_shifted_4_left; \
+ v_uint32x4 I0_row_4_right, I1_row_4_right, I1_row_shifted_4_right, I1_row_next_4_right, \
+@@ -502,29 +501,22 @@ DISOpticalFlowImpl::PatchInverseSearch_ParBody::PatchInverseSearch_ParBody(DISOp
+ v_float32x4 I_diff_left, I_diff_right; \
+ \
+ /* Preload and expand the first row of I1: */ \
+- I1_row_16 = v_load(I1_ptr); \
+- I1_row_shifted_16 = v_extract<1>(I1_row_16, I1_row_16); \
+- v_expand(I1_row_16, I1_row_8, tmp); \
+- v_expand(I1_row_shifted_16, I1_row_shifted_8, tmp); \
++ I1_row_8 = v_load_expand(I1_ptr); \
++ I1_row_shifted_8 = v_load_expand(I1_ptr + 1); \
+ v_expand(I1_row_8, I1_row_4_left, I1_row_4_right); \
+ v_expand(I1_row_shifted_8, I1_row_shifted_4_left, I1_row_shifted_4_right); \
+ I1_ptr += I1_stride;
+
+ #define HAL_PROCESS_BILINEAR_8x8_PATCH_EXTRACTION \
+ /* Load the next row of I1: */ \
+- I1_row_next_16 = v_load(I1_ptr); \
+- /* Circular shift left by 1 element: */ \
+- I1_row_next_shifted_16 = v_extract<1>(I1_row_next_16, I1_row_next_16); \
+- /* Expand to 8 ushorts (we only need the first 8 values): */ \
+- v_expand(I1_row_next_16, I1_row_next_8, tmp); \
+- v_expand(I1_row_next_shifted_16, I1_row_next_shifted_8, tmp); \
++ I1_row_next_8 = v_load_expand(I1_ptr); \
++ I1_row_next_shifted_8 = v_load_expand(I1_ptr + 1); \
+ /* Separate the left and right halves: */ \
+ v_expand(I1_row_next_8, I1_row_next_4_left, I1_row_next_4_right); \
+ v_expand(I1_row_next_shifted_8, I1_row_next_shifted_4_left, I1_row_next_shifted_4_right); \
+ \
+ /* Load current row of I0: */ \
+- I0_row_16 = v_load(I0_ptr); \
+- v_expand(I0_row_16, I0_row_8, tmp); \
++ I0_row_8 = v_load_expand(I0_ptr); \
+ v_expand(I0_row_8, I0_row_4_left, I0_row_4_right); \
+ \
+ /* Compute diffs between I0 and bilinearly interpolated I1: */ \