diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8fac940 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/libjpeg-turbo-1.5.3.tar.gz diff --git a/.libjpeg-turbo.metadata b/.libjpeg-turbo.metadata new file mode 100644 index 0000000..9642fe3 --- /dev/null +++ b/.libjpeg-turbo.metadata @@ -0,0 +1 @@ +87ebf4cab2bb27fcb8e7ccb18ec4eb680e1f2c2d SOURCES/libjpeg-turbo-1.5.3.tar.gz diff --git a/SOURCES/libjpeg-turbo-CET.patch b/SOURCES/libjpeg-turbo-CET.patch new file mode 100644 index 0000000..9a3028b --- /dev/null +++ b/SOURCES/libjpeg-turbo-CET.patch @@ -0,0 +1,819 @@ +diff --git a/simd/jccolext-mmx.asm b/simd/jccolext-mmx.asm +index 96a0372..3e95a2e 100644 +--- a/simd/jccolext-mmx.asm ++++ b/simd/jccolext-mmx.asm +@@ -42,6 +42,7 @@ + global EXTN(jsimd_rgb_ycc_convert_mmx) + + EXTN(jsimd_rgb_ycc_convert_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jccolext-sse2-64.asm b/simd/jccolext-sse2-64.asm +index 8e4642d..1b8e990 100644 +--- a/simd/jccolext-sse2-64.asm ++++ b/simd/jccolext-sse2-64.asm +@@ -41,6 +41,7 @@ + global EXTN(jsimd_rgb_ycc_convert_sse2) + + EXTN(jsimd_rgb_ycc_convert_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jccolext-sse2.asm b/simd/jccolext-sse2.asm +index cc38e98..847497c 100644 +--- a/simd/jccolext-sse2.asm ++++ b/simd/jccolext-sse2.asm +@@ -41,6 +41,7 @@ + global EXTN(jsimd_rgb_ycc_convert_sse2) + + EXTN(jsimd_rgb_ycc_convert_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jcgryext-mmx.asm b/simd/jcgryext-mmx.asm +index 1c1b8d8..cbf349c 100644 +--- a/simd/jcgryext-mmx.asm ++++ b/simd/jcgryext-mmx.asm +@@ -43,6 +43,7 @@ + global EXTN(jsimd_rgb_gray_convert_mmx) + + EXTN(jsimd_rgb_gray_convert_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jcgryext-sse2-64.asm b/simd/jcgryext-sse2-64.asm +index 541355a..6fa714b 100644 +--- a/simd/jcgryext-sse2-64.asm ++++ b/simd/jcgryext-sse2-64.asm +@@ -41,6 +41,7 @@ + global EXTN(jsimd_rgb_gray_convert_sse2) + + EXTN(jsimd_rgb_gray_convert_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jcgryext-sse2.asm b/simd/jcgryext-sse2.asm +index cd16dd1..6da4f24 100644 +--- a/simd/jcgryext-sse2.asm ++++ b/simd/jcgryext-sse2.asm +@@ -43,6 +43,7 @@ + global EXTN(jsimd_rgb_gray_convert_sse2) + + EXTN(jsimd_rgb_gray_convert_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jchuff-sse2-64.asm b/simd/jchuff-sse2-64.asm +index b1144d1..216b7ed 100644 +--- a/simd/jchuff-sse2-64.asm ++++ b/simd/jchuff-sse2-64.asm +@@ -186,6 +186,7 @@ EXTN(jconst_huff_encode_one_block): + global EXTN(jsimd_huff_encode_one_block_sse2) + + EXTN(jsimd_huff_encode_one_block_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jchuff-sse2.asm b/simd/jchuff-sse2.asm +index b81db75..0537a2c 100644 +--- a/simd/jchuff-sse2.asm ++++ b/simd/jchuff-sse2.asm +@@ -182,6 +182,7 @@ EXTN(jconst_huff_encode_one_block): + global EXTN(jsimd_huff_encode_one_block_sse2) + + EXTN(jsimd_huff_encode_one_block_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jcsample-mmx.asm b/simd/jcsample-mmx.asm +index 6cd544e..2834d1a 100644 +--- a/simd/jcsample-mmx.asm ++++ b/simd/jcsample-mmx.asm +@@ -42,6 +42,7 @@ + global EXTN(jsimd_h2v1_downsample_mmx) + + EXTN(jsimd_h2v1_downsample_mmx): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +@@ -184,6 +185,7 @@ EXTN(jsimd_h2v1_downsample_mmx): + global EXTN(jsimd_h2v2_downsample_mmx) + + EXTN(jsimd_h2v2_downsample_mmx): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jcsample-sse2-64.asm b/simd/jcsample-sse2-64.asm +index 40ee15f..336d259 100644 +--- a/simd/jcsample-sse2-64.asm ++++ b/simd/jcsample-sse2-64.asm +@@ -43,6 +43,7 @@ + global EXTN(jsimd_h2v1_downsample_sse2) + + EXTN(jsimd_h2v1_downsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +@@ -187,6 +188,7 @@ EXTN(jsimd_h2v1_downsample_sse2): + global EXTN(jsimd_h2v2_downsample_sse2) + + EXTN(jsimd_h2v2_downsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +diff --git a/simd/jcsample-sse2.asm b/simd/jcsample-sse2.asm +index 83c9d15..685e428 100644 +--- a/simd/jcsample-sse2.asm ++++ b/simd/jcsample-sse2.asm +@@ -42,6 +42,7 @@ + global EXTN(jsimd_h2v1_downsample_sse2) + + EXTN(jsimd_h2v1_downsample_sse2): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +@@ -197,6 +198,7 @@ EXTN(jsimd_h2v1_downsample_sse2): + global EXTN(jsimd_h2v2_downsample_sse2) + + EXTN(jsimd_h2v2_downsample_sse2): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jdcolext-mmx.asm b/simd/jdcolext-mmx.asm +index 21e34f6..428f1be 100644 +--- a/simd/jdcolext-mmx.asm ++++ b/simd/jdcolext-mmx.asm +@@ -42,6 +42,7 @@ + global EXTN(jsimd_ycc_rgb_convert_mmx) + + EXTN(jsimd_ycc_rgb_convert_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jdcolext-sse2-64.asm b/simd/jdcolext-sse2-64.asm +index 4634066..90ca172 100644 +--- a/simd/jdcolext-sse2-64.asm ++++ b/simd/jdcolext-sse2-64.asm +@@ -41,6 +41,7 @@ + global EXTN(jsimd_ycc_rgb_convert_sse2) + + EXTN(jsimd_ycc_rgb_convert_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jdcolext-sse2.asm b/simd/jdcolext-sse2.asm +index 682aef3..51b5388 100644 +--- a/simd/jdcolext-sse2.asm ++++ b/simd/jdcolext-sse2.asm +@@ -43,6 +43,7 @@ + global EXTN(jsimd_ycc_rgb_convert_sse2) + + EXTN(jsimd_ycc_rgb_convert_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jdmrgext-mmx.asm b/simd/jdmrgext-mmx.asm +index 63f45cf..c088eb8 100644 +--- a/simd/jdmrgext-mmx.asm ++++ b/simd/jdmrgext-mmx.asm +@@ -42,6 +42,7 @@ + global EXTN(jsimd_h2v1_merged_upsample_mmx) + + EXTN(jsimd_h2v1_merged_upsample_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +@@ -411,6 +412,7 @@ EXTN(jsimd_h2v1_merged_upsample_mmx): + global EXTN(jsimd_h2v2_merged_upsample_mmx) + + EXTN(jsimd_h2v2_merged_upsample_mmx): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +diff --git a/simd/jdmrgext-sse2-64.asm b/simd/jdmrgext-sse2-64.asm +index ad74c5f..d580d5b 100644 +--- a/simd/jdmrgext-sse2-64.asm ++++ b/simd/jdmrgext-sse2-64.asm +@@ -41,6 +41,7 @@ + global EXTN(jsimd_h2v1_merged_upsample_sse2) + + EXTN(jsimd_h2v1_merged_upsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +@@ -448,6 +449,7 @@ EXTN(jsimd_h2v1_merged_upsample_sse2): + global EXTN(jsimd_h2v2_merged_upsample_sse2) + + EXTN(jsimd_h2v2_merged_upsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +diff --git a/simd/jdmrgext-sse2.asm b/simd/jdmrgext-sse2.asm +index b50f698..6625784 100644 +--- a/simd/jdmrgext-sse2.asm ++++ b/simd/jdmrgext-sse2.asm +@@ -43,6 +43,7 @@ + global EXTN(jsimd_h2v1_merged_upsample_sse2) + + EXTN(jsimd_h2v1_merged_upsample_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +@@ -466,6 +467,7 @@ EXTN(jsimd_h2v1_merged_upsample_sse2): + global EXTN(jsimd_h2v2_merged_upsample_sse2) + + EXTN(jsimd_h2v2_merged_upsample_sse2): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +diff --git a/simd/jdsample-mmx.asm b/simd/jdsample-mmx.asm +index 5e4fa7a..4ec823d 100644 +--- a/simd/jdsample-mmx.asm ++++ b/simd/jdsample-mmx.asm +@@ -60,6 +60,7 @@ PW_EIGHT times 4 dw 8 + global EXTN(jsimd_h2v1_fancy_upsample_mmx) + + EXTN(jsimd_h2v1_fancy_upsample_mmx): ++ _endbr32 + push ebp + mov ebp,esp + pushpic ebx +@@ -218,6 +219,7 @@ EXTN(jsimd_h2v1_fancy_upsample_mmx): + global EXTN(jsimd_h2v2_fancy_upsample_mmx) + + EXTN(jsimd_h2v2_fancy_upsample_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +@@ -544,6 +546,7 @@ EXTN(jsimd_h2v2_fancy_upsample_mmx): + global EXTN(jsimd_h2v1_upsample_mmx) + + EXTN(jsimd_h2v1_upsample_mmx): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +@@ -645,6 +648,7 @@ EXTN(jsimd_h2v1_upsample_mmx): + global EXTN(jsimd_h2v2_upsample_mmx) + + EXTN(jsimd_h2v2_upsample_mmx): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +diff --git a/simd/jdsample-sse2-64.asm b/simd/jdsample-sse2-64.asm +index 1faaed6..fecd438 100644 +--- a/simd/jdsample-sse2-64.asm ++++ b/simd/jdsample-sse2-64.asm +@@ -61,6 +61,7 @@ PW_EIGHT times 8 dw 8 + global EXTN(jsimd_h2v1_fancy_upsample_sse2) + + EXTN(jsimd_h2v1_fancy_upsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +@@ -203,6 +204,7 @@ EXTN(jsimd_h2v1_fancy_upsample_sse2): + global EXTN(jsimd_h2v2_fancy_upsample_sse2) + + EXTN(jsimd_h2v2_fancy_upsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +@@ -500,6 +502,7 @@ EXTN(jsimd_h2v2_fancy_upsample_sse2): + global EXTN(jsimd_h2v1_upsample_sse2) + + EXTN(jsimd_h2v1_upsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +@@ -589,6 +592,7 @@ EXTN(jsimd_h2v1_upsample_sse2): + global EXTN(jsimd_h2v2_upsample_sse2) + + EXTN(jsimd_h2v2_upsample_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +diff --git a/simd/jdsample-sse2.asm b/simd/jdsample-sse2.asm +index 1d0059e..5da10a5 100644 +--- a/simd/jdsample-sse2.asm ++++ b/simd/jdsample-sse2.asm +@@ -60,6 +60,7 @@ PW_EIGHT times 8 dw 8 + global EXTN(jsimd_h2v1_fancy_upsample_sse2) + + EXTN(jsimd_h2v1_fancy_upsample_sse2): ++ _endbr32 + push ebp + mov ebp,esp + pushpic ebx +@@ -216,6 +217,7 @@ EXTN(jsimd_h2v1_fancy_upsample_sse2): + global EXTN(jsimd_h2v2_fancy_upsample_sse2) + + EXTN(jsimd_h2v2_fancy_upsample_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +@@ -540,6 +542,7 @@ EXTN(jsimd_h2v2_fancy_upsample_sse2): + global EXTN(jsimd_h2v1_upsample_sse2) + + EXTN(jsimd_h2v1_upsample_sse2): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +@@ -639,6 +642,7 @@ EXTN(jsimd_h2v1_upsample_sse2): + global EXTN(jsimd_h2v2_upsample_sse2) + + EXTN(jsimd_h2v2_upsample_sse2): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +diff --git a/simd/jfdctflt-3dn.asm b/simd/jfdctflt-3dn.asm +index 2191618..33df9d6 100644 +--- a/simd/jfdctflt-3dn.asm ++++ b/simd/jfdctflt-3dn.asm +@@ -57,6 +57,7 @@ PD_1_306 times 2 dd 1.306562964876376527856643 + global EXTN(jsimd_fdct_float_3dnow) + + EXTN(jsimd_fdct_float_3dnow): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jfdctflt-sse-64.asm b/simd/jfdctflt-sse-64.asm +index 4b64ea4..2a820d8 100644 +--- a/simd/jfdctflt-sse-64.asm ++++ b/simd/jfdctflt-sse-64.asm +@@ -67,6 +67,7 @@ PD_1_306 times 4 dd 1.306562964876376527856643 + global EXTN(jsimd_fdct_float_sse) + + EXTN(jsimd_fdct_float_sse): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jfdctflt-sse.asm b/simd/jfdctflt-sse.asm +index e7ede26..1b31cff 100644 +--- a/simd/jfdctflt-sse.asm ++++ b/simd/jfdctflt-sse.asm +@@ -67,6 +67,7 @@ PD_1_306 times 4 dd 1.306562964876376527856643 + global EXTN(jsimd_fdct_float_sse) + + EXTN(jsimd_fdct_float_sse): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jfdctfst-mmx.asm b/simd/jfdctfst-mmx.asm +index eb2eb9c..d9c7c24 100644 +--- a/simd/jfdctfst-mmx.asm ++++ b/simd/jfdctfst-mmx.asm +@@ -82,6 +82,7 @@ PW_F1306 times 4 dw F_1_306 << CONST_SHIFT + global EXTN(jsimd_fdct_ifast_mmx) + + EXTN(jsimd_fdct_ifast_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jfdctfst-sse2-64.asm b/simd/jfdctfst-sse2-64.asm +index 4c96685..1530012 100644 +--- a/simd/jfdctfst-sse2-64.asm ++++ b/simd/jfdctfst-sse2-64.asm +@@ -82,6 +82,7 @@ PW_F1306 times 8 dw F_1_306 << CONST_SHIFT + global EXTN(jsimd_fdct_ifast_sse2) + + EXTN(jsimd_fdct_ifast_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jfdctfst-sse2.asm b/simd/jfdctfst-sse2.asm +index 54856a2..e305ac8 100644 +--- a/simd/jfdctfst-sse2.asm ++++ b/simd/jfdctfst-sse2.asm +@@ -82,6 +82,7 @@ PW_F1306 times 8 dw F_1_306 << CONST_SHIFT + global EXTN(jsimd_fdct_ifast_sse2) + + EXTN(jsimd_fdct_ifast_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jfdctint-mmx.asm b/simd/jfdctint-mmx.asm +index 9142ad8..a03ad5f 100644 +--- a/simd/jfdctint-mmx.asm ++++ b/simd/jfdctint-mmx.asm +@@ -103,6 +103,7 @@ PW_DESCALE_P2X times 4 dw 1 << (PASS1_BITS-1) + global EXTN(jsimd_fdct_islow_mmx) + + EXTN(jsimd_fdct_islow_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jfdctint-sse2-64.asm b/simd/jfdctint-sse2-64.asm +index 9a0ca0f..c5c90b4 100644 +--- a/simd/jfdctint-sse2-64.asm ++++ b/simd/jfdctint-sse2-64.asm +@@ -103,6 +103,7 @@ PW_DESCALE_P2X times 8 dw 1 << (PASS1_BITS-1) + global EXTN(jsimd_fdct_islow_sse2) + + EXTN(jsimd_fdct_islow_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jfdctint-sse2.asm b/simd/jfdctint-sse2.asm +index db9d0bb..cdfeee5 100644 +--- a/simd/jfdctint-sse2.asm ++++ b/simd/jfdctint-sse2.asm +@@ -103,6 +103,7 @@ PW_DESCALE_P2X times 8 dw 1 << (PASS1_BITS-1) + global EXTN(jsimd_fdct_islow_sse2) + + EXTN(jsimd_fdct_islow_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctflt-3dn.asm b/simd/jidctflt-3dn.asm +index 99356f2..0c16289 100644 +--- a/simd/jidctflt-3dn.asm ++++ b/simd/jidctflt-3dn.asm +@@ -65,6 +65,7 @@ PB_CENTERJSAMP times 8 db CENTERJSAMPLE + global EXTN(jsimd_idct_float_3dnow) + + EXTN(jsimd_idct_float_3dnow): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctflt-sse.asm b/simd/jidctflt-sse.asm +index 4d4af2f..96fef5e 100644 +--- a/simd/jidctflt-sse.asm ++++ b/simd/jidctflt-sse.asm +@@ -75,6 +75,7 @@ PB_CENTERJSAMP times 8 db CENTERJSAMPLE + global EXTN(jsimd_idct_float_sse) + + EXTN(jsimd_idct_float_sse): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctflt-sse2-64.asm b/simd/jidctflt-sse2-64.asm +index bdda05d..70863f0 100644 +--- a/simd/jidctflt-sse2-64.asm ++++ b/simd/jidctflt-sse2-64.asm +@@ -76,6 +76,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_float_sse2) + + EXTN(jsimd_idct_float_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jidctflt-sse2.asm b/simd/jidctflt-sse2.asm +index a15a9c1..0eb849e 100644 +--- a/simd/jidctflt-sse2.asm ++++ b/simd/jidctflt-sse2.asm +@@ -75,6 +75,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_float_sse2) + + EXTN(jsimd_idct_float_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctfst-mmx.asm b/simd/jidctfst-mmx.asm +index 6e95bfb..095deed 100644 +--- a/simd/jidctfst-mmx.asm ++++ b/simd/jidctfst-mmx.asm +@@ -96,6 +96,7 @@ PB_CENTERJSAMP times 8 db CENTERJSAMPLE + global EXTN(jsimd_idct_ifast_mmx) + + EXTN(jsimd_idct_ifast_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctfst-sse2-64.asm b/simd/jidctfst-sse2-64.asm +index 4884642..f486c7e 100644 +--- a/simd/jidctfst-sse2-64.asm ++++ b/simd/jidctfst-sse2-64.asm +@@ -95,6 +95,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_ifast_sse2) + + EXTN(jsimd_idct_ifast_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jidctfst-sse2.asm b/simd/jidctfst-sse2.asm +index f591e55..7060d1e 100644 +--- a/simd/jidctfst-sse2.asm ++++ b/simd/jidctfst-sse2.asm +@@ -94,6 +94,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_ifast_sse2) + + EXTN(jsimd_idct_ifast_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctint-mmx.asm b/simd/jidctint-mmx.asm +index 5bd1981..35080f6 100644 +--- a/simd/jidctint-mmx.asm ++++ b/simd/jidctint-mmx.asm +@@ -109,6 +109,7 @@ PB_CENTERJSAMP times 8 db CENTERJSAMPLE + global EXTN(jsimd_idct_islow_mmx) + + EXTN(jsimd_idct_islow_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctint-sse2-64.asm b/simd/jidctint-sse2-64.asm +index afe1d6a..842f2dd 100644 +--- a/simd/jidctint-sse2-64.asm ++++ b/simd/jidctint-sse2-64.asm +@@ -108,6 +108,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_islow_sse2) + + EXTN(jsimd_idct_islow_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +diff --git a/simd/jidctint-sse2.asm b/simd/jidctint-sse2.asm +index 6c7e7d9..3482088 100644 +--- a/simd/jidctint-sse2.asm ++++ b/simd/jidctint-sse2.asm +@@ -107,6 +107,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_islow_sse2) + + EXTN(jsimd_idct_islow_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +diff --git a/simd/jidctred-mmx.asm b/simd/jidctred-mmx.asm +index ba054e3..159e4c2 100644 +--- a/simd/jidctred-mmx.asm ++++ b/simd/jidctred-mmx.asm +@@ -117,6 +117,7 @@ PB_CENTERJSAMP times 8 db CENTERJSAMPLE + global EXTN(jsimd_idct_4x4_mmx) + + EXTN(jsimd_idct_4x4_mmx): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +@@ -505,6 +506,7 @@ EXTN(jsimd_idct_4x4_mmx): + global EXTN(jsimd_idct_2x2_mmx) + + EXTN(jsimd_idct_2x2_mmx): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +diff --git a/simd/jidctred-sse2-64.asm b/simd/jidctred-sse2-64.asm +index a54bbe2..539602e 100644 +--- a/simd/jidctred-sse2-64.asm ++++ b/simd/jidctred-sse2-64.asm +@@ -116,6 +116,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_4x4_sse2) + + EXTN(jsimd_idct_4x4_sse2): ++ _endbr64 + push rbp + mov rax,rsp ; rax = original rbp + sub rsp, byte 4 +@@ -415,6 +416,7 @@ EXTN(jsimd_idct_4x4_sse2): + global EXTN(jsimd_idct_2x2_sse2) + + EXTN(jsimd_idct_2x2_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +diff --git a/simd/jidctred-sse2.asm b/simd/jidctred-sse2.asm +index 232d983..0145364 100644 +--- a/simd/jidctred-sse2.asm ++++ b/simd/jidctred-sse2.asm +@@ -115,6 +115,7 @@ PB_CENTERJSAMP times 16 db CENTERJSAMPLE + global EXTN(jsimd_idct_4x4_sse2) + + EXTN(jsimd_idct_4x4_sse2): ++ _endbr32 + push ebp + mov eax,esp ; eax = original ebp + sub esp, byte 4 +@@ -426,6 +427,7 @@ EXTN(jsimd_idct_4x4_sse2): + global EXTN(jsimd_idct_2x2_sse2) + + EXTN(jsimd_idct_2x2_sse2): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +diff --git a/simd/jquant-3dn.asm b/simd/jquant-3dn.asm +index 0b4164b..eba7485 100644 +--- a/simd/jquant-3dn.asm ++++ b/simd/jquant-3dn.asm +@@ -37,6 +37,7 @@ + global EXTN(jsimd_convsamp_float_3dnow) + + EXTN(jsimd_convsamp_float_3dnow): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +@@ -140,6 +141,7 @@ EXTN(jsimd_convsamp_float_3dnow): + global EXTN(jsimd_quantize_float_3dnow) + + EXTN(jsimd_quantize_float_3dnow): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jquant-mmx.asm b/simd/jquant-mmx.asm +index aed6071..59a7f78 100644 +--- a/simd/jquant-mmx.asm ++++ b/simd/jquant-mmx.asm +@@ -37,6 +37,7 @@ + global EXTN(jsimd_convsamp_mmx) + + EXTN(jsimd_convsamp_mmx): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +@@ -142,6 +143,7 @@ EXTN(jsimd_convsamp_mmx): + global EXTN(jsimd_quantize_mmx) + + EXTN(jsimd_quantize_mmx): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jquant-sse.asm b/simd/jquant-sse.asm +index 1baf88f..87f513e 100644 +--- a/simd/jquant-sse.asm ++++ b/simd/jquant-sse.asm +@@ -37,6 +37,7 @@ + global EXTN(jsimd_convsamp_float_sse) + + EXTN(jsimd_convsamp_float_sse): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +@@ -140,6 +141,7 @@ EXTN(jsimd_convsamp_float_sse): + global EXTN(jsimd_quantize_float_sse) + + EXTN(jsimd_quantize_float_sse): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jquantf-sse2-64.asm b/simd/jquantf-sse2-64.asm +index ef5c1f9..b618287 100644 +--- a/simd/jquantf-sse2-64.asm ++++ b/simd/jquantf-sse2-64.asm +@@ -38,6 +38,7 @@ + global EXTN(jsimd_convsamp_float_sse2) + + EXTN(jsimd_convsamp_float_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +@@ -112,6 +113,7 @@ EXTN(jsimd_convsamp_float_sse2): + global EXTN(jsimd_quantize_float_sse2) + + EXTN(jsimd_quantize_float_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +diff --git a/simd/jquantf-sse2.asm b/simd/jquantf-sse2.asm +index 1cbc267..086416a 100644 +--- a/simd/jquantf-sse2.asm ++++ b/simd/jquantf-sse2.asm +@@ -37,6 +37,7 @@ + global EXTN(jsimd_convsamp_float_sse2) + + EXTN(jsimd_convsamp_float_sse2): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +@@ -117,6 +118,7 @@ EXTN(jsimd_convsamp_float_sse2): + global EXTN(jsimd_quantize_float_sse2) + + EXTN(jsimd_quantize_float_sse2): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jquanti-sse2-64.asm b/simd/jquanti-sse2-64.asm +index 66c4e51..65c8564 100644 +--- a/simd/jquanti-sse2-64.asm ++++ b/simd/jquanti-sse2-64.asm +@@ -38,6 +38,7 @@ + global EXTN(jsimd_convsamp_sse2) + + EXTN(jsimd_convsamp_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +@@ -114,6 +115,7 @@ EXTN(jsimd_convsamp_sse2): + global EXTN(jsimd_quantize_sse2) + + EXTN(jsimd_quantize_sse2): ++ _endbr64 + push rbp + mov rax,rsp + mov rbp,rsp +diff --git a/simd/jquanti-sse2.asm b/simd/jquanti-sse2.asm +index aea8604..4ed539e 100644 +--- a/simd/jquanti-sse2.asm ++++ b/simd/jquanti-sse2.asm +@@ -37,6 +37,7 @@ + global EXTN(jsimd_convsamp_sse2) + + EXTN(jsimd_convsamp_sse2): ++ _endbr32 + push ebp + mov ebp,esp + push ebx +@@ -119,6 +120,7 @@ EXTN(jsimd_convsamp_sse2): + global EXTN(jsimd_quantize_sse2) + + EXTN(jsimd_quantize_sse2): ++ _endbr32 + push ebp + mov ebp,esp + ; push ebx ; unused +diff --git a/simd/jsimdcpu.asm b/simd/jsimdcpu.asm +index 599083b..03ae0cb 100644 +--- a/simd/jsimdcpu.asm ++++ b/simd/jsimdcpu.asm +@@ -31,6 +31,7 @@ + global EXTN(jpeg_simd_cpu_support) + + EXTN(jpeg_simd_cpu_support): ++ _endbr32 + push ebx + ; push ecx ; need not be preserved + ; push edx ; need not be preserved +diff --git a/simd/jsimdext.inc b/simd/jsimdext.inc +index f28db60..abc3493 100644 +--- a/simd/jsimdext.inc ++++ b/simd/jsimdext.inc +@@ -367,6 +367,14 @@ const_base: + + %endif + ++%imacro _endbr32 0 ++ dd 0xfb1e0ff3 ++%endmacro ++ ++%imacro _endbr64 0 ++ dd 0xfa1e0ff3 ++%endmacro ++ + ; -------------------------------------------------------------------------- + ; Defines picked up from the C headers + ; diff --git a/SOURCES/libjpeg-turbo-CVE-2018-1152.patch b/SOURCES/libjpeg-turbo-CVE-2018-1152.patch new file mode 100644 index 0000000..a71d3e1 --- /dev/null +++ b/SOURCES/libjpeg-turbo-CVE-2018-1152.patch @@ -0,0 +1,39 @@ +From 399719595f413158b3510128eb85f944654f960c Mon Sep 17 00:00:00 2001 +From: DRC +Date: Tue, 12 Jun 2018 20:27:00 -0500 +Subject: [PATCH] tjLoadImage(): Fix FPE triggered by malformed BMP + +In rdbmp.c, it is necessary to guard against 32-bit overflow/wraparound +when allocating the row buffer, because since BMP files have 32-bit +width and height fields, the value of biWidth can be up to 4294967295. +Specifically, if biWidth is 1073741824 and cinfo->input_components = 4, +then the samplesperrow argument in alloc_sarray() would wrap around to +0, and a division by zero error would occur at line 458 in jmemmgr.c. + +If biWidth is set to a higher value, then samplesperrow would wrap +around to a small number, which would likely cause a buffer overflow +(this has not been tested or verified.) +--- + rdbmp.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/rdbmp.c b/rdbmp.c +index eaa7086..4104b68 100644 +--- a/rdbmp.c ++++ b/rdbmp.c +@@ -434,6 +434,12 @@ start_input_bmp (j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + progress->total_extra_passes++; /* count file input as separate pass */ + } + ++ /* Ensure that biWidth * cinfo->input_components doesn't exceed the maximum ++ value of the JDIMENSION type. This is only a danger with BMP files, since ++ their width and height fields are 32-bit integers. */ ++ if ((unsigned long long)biWidth * ++ (unsigned long long)cinfo->input_components > 0xFFFFFFFFULL) ++ ERREXIT(cinfo, JERR_WIDTH_OVERFLOW); + /* Allocate one-row buffer for returned data */ + source->pub.buffer = (*cinfo->mem->alloc_sarray) + ((j_common_ptr) cinfo, JPOOL_IMAGE, +-- +2.17.1 + diff --git a/SOURCES/libjpeg-turbo-CVE-2018-11813.patch b/SOURCES/libjpeg-turbo-CVE-2018-11813.patch new file mode 100644 index 0000000..a2dd3ac --- /dev/null +++ b/SOURCES/libjpeg-turbo-CVE-2018-11813.patch @@ -0,0 +1,59 @@ +From ac483bbac827694aef13a179c1bffcb2a3dc32b8 Mon Sep 17 00:00:00 2001 +From: DRC +Date: Tue, 12 Jun 2018 16:08:26 -0500 +Subject: [PATCH] Fix CVE-2018-11813 + +Fixed an issue (CVE-2018-11813) whereby a specially-crafted malformed input +file (specifically, a file with a valid Targa header but incomplete pixel data) +would cause cjpeg to generate a JPEG file that was potentially thousands of +times larger than the input file. The Targa reader in cjpeg was not properly +detecting that the end of the input file had been reached prematurely, so after +all valid pixels had been read from the input, the reader injected dummy pixels +with values of 255 into the JPEG compressor until the number of pixels +specified in the Targa header had been compressed. The Targa reader in cjpeg +now behaves like the PPM reader and aborts compression if the end of the input +file is reached prematurely. Because this issue only affected cjpeg and not +the underlying library, and because it did not involve any out-of-bounds reads +or other exploitable behaviors, it was not believed to represent a security +threat. +--- + rdtarga.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/rdtarga.c b/rdtarga.c +index b9bbd07..f874ece 100644 +--- a/rdtarga.c ++++ b/rdtarga.c +@@ -125,11 +125,10 @@ METHODDEF(void) + read_non_rle_pixel (tga_source_ptr sinfo) + /* Read one Targa pixel from the input file; no RLE expansion */ + { +- register FILE *infile = sinfo->pub.input_file; + register int i; + + for (i = 0; i < sinfo->pixel_size; i++) { +- sinfo->tga_pixel[i] = (U_CHAR) getc(infile); ++ sinfo->tga_pixel[i] = (U_CHAR) read_byte(sinfo); + } + } + +@@ -138,7 +137,6 @@ METHODDEF(void) + read_rle_pixel (tga_source_ptr sinfo) + /* Read one Targa pixel from the input file, expanding RLE data as needed */ + { +- register FILE *infile = sinfo->pub.input_file; + register int i; + + /* Duplicate previously read pixel? */ +@@ -160,7 +158,7 @@ read_rle_pixel (tga_source_ptr sinfo) + + /* Read next pixel */ + for (i = 0; i < sinfo->pixel_size; i++) { +- sinfo->tga_pixel[i] = (U_CHAR) getc(infile); ++ sinfo->tga_pixel[i] = (U_CHAR) read_byte(sinfo); + } + } + +-- +2.17.1 + diff --git a/SOURCES/libjpeg-turbo-CVE-2018-14498.patch b/SOURCES/libjpeg-turbo-CVE-2018-14498.patch new file mode 100644 index 0000000..d76f754 --- /dev/null +++ b/SOURCES/libjpeg-turbo-CVE-2018-14498.patch @@ -0,0 +1,151 @@ +From c7dd3cd0fec2d6785f2bd79e3e2f0adb62ee8bc1 Mon Sep 17 00:00:00 2001 +From: DRC +Date: Fri, 20 Jul 2018 17:21:36 -0500 +Subject: [PATCH] cjpeg: Fix OOB read caused by malformed 8-bit BMP + +... in which one or more of the color indices is out of range for the +number of palette entries. + +Fix partly borrowed from jpeg-9c. This commit also adopts Guido's +JERR_PPM_OUTOFRANGE enum value in lieu of our project-specific +JERR_PPM_TOOLARGE enum value. + +Fixes #258 +--- + cderror.h | 5 +++-- + rdbmp.c | 7 ++++++- + rdppm.c | 12 ++++++------ + 3 files changed, 15 insertions(+), 9 deletions(-) + +diff --git a/cderror.h b/cderror.h +index 63de498..e57a8c8 100644 +--- a/cderror.h ++++ b/cderror.h +@@ -2,7 +2,7 @@ + * cderror.h + * + * Copyright (C) 1994-1997, Thomas G. Lane. +- * Modified 2009 by Guido Vollbeding. ++ * Modified 2009-2017 by Guido Vollbeding. + * This file is part of the Independent JPEG Group's software. + * For conditions of distribution and use, see the accompanying README.ijg + * file. +@@ -49,6 +49,7 @@ JMESSAGE(JERR_BMP_COLORSPACE, "BMP output must be grayscale or RGB") + JMESSAGE(JERR_BMP_COMPRESSED, "Sorry, compressed BMPs not yet supported") + JMESSAGE(JERR_BMP_EMPTY, "Empty BMP image") + JMESSAGE(JERR_BMP_NOT, "Not a BMP file - does not start with BM") ++JMESSAGE(JERR_BMP_OUTOFRANGE, "Numeric value out of range in BMP file") + JMESSAGE(JTRC_BMP, "%ux%u 24-bit BMP image") + JMESSAGE(JTRC_BMP_MAPPED, "%ux%u 8-bit colormapped BMP image") + JMESSAGE(JTRC_BMP_OS2, "%ux%u 24-bit OS2 BMP image") +@@ -75,8 +76,8 @@ JMESSAGE(JWRN_GIF_NOMOREDATA, "Ran out of GIF bits") + #ifdef PPM_SUPPORTED + JMESSAGE(JERR_PPM_COLORSPACE, "PPM output must be grayscale or RGB") + JMESSAGE(JERR_PPM_NONNUMERIC, "Nonnumeric data in PPM file") +-JMESSAGE(JERR_PPM_TOOLARGE, "Integer value too large in PPM file") + JMESSAGE(JERR_PPM_NOT, "Not a PPM/PGM file") ++JMESSAGE(JERR_PPM_OUTOFRANGE, "Numeric value out of range in PPM file") + JMESSAGE(JTRC_PGM, "%ux%u PGM image") + JMESSAGE(JTRC_PGM_TEXT, "%ux%u text PGM image") + JMESSAGE(JTRC_PPM, "%ux%u PPM image") +diff --git a/rdbmp.c b/rdbmp.c +index 4104b68..a7dbe9f 100644 +--- a/rdbmp.c ++++ b/rdbmp.c +@@ -3,7 +3,7 @@ + * + * This file was part of the Independent JPEG Group's software: + * Copyright (C) 1994-1996, Thomas G. Lane. +- * Modified 2009-2010 by Guido Vollbeding. ++ * Modified 2009-2017 by Guido Vollbeding. + * libjpeg-turbo Modifications: + * Modified 2011 by Siarhei Siamashka. + * Copyright (C) 2015, D. R. Commander. +@@ -66,6 +66,7 @@ typedef struct _bmp_source_struct { + JDIMENSION row_width; /* Physical width of scanlines in file */ + + int bits_per_pixel; /* remembers 8- or 24-bit format */ ++ int cmap_length; /* colormap length */ + } bmp_source_struct; + + +@@ -126,6 +127,7 @@ get_8bit_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + { + bmp_source_ptr source = (bmp_source_ptr) sinfo; + register JSAMPARRAY colormap = source->colormap; ++ int cmaplen = source->cmap_length; + JSAMPARRAY image_ptr; + register int t; + register JSAMPROW inptr, outptr; +@@ -142,6 +144,8 @@ get_8bit_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + outptr = source->pub.buffer[0]; + for (col = cinfo->image_width; col > 0; col--) { + t = GETJSAMPLE(*inptr++); ++ if (t >= cmaplen) ++ ERREXIT(cinfo, JERR_BMP_OUTOFRANGE); + *outptr++ = colormap[0][t]; /* can omit GETJSAMPLE() safely */ + *outptr++ = colormap[1][t]; + *outptr++ = colormap[2][t]; +@@ -401,6 +405,7 @@ start_input_bmp (j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + source->colormap = (*cinfo->mem->alloc_sarray) + ((j_common_ptr) cinfo, JPOOL_IMAGE, + (JDIMENSION) biClrUsed, (JDIMENSION) 3); ++ source->cmap_length = (int)biClrUsed; + /* and read it from the file */ + read_colormap(source, (int) biClrUsed, mapentrysize); + /* account for size of colormap */ +diff --git a/rdppm.c b/rdppm.c +index 33ff749..c0c0962 100644 +--- a/rdppm.c ++++ b/rdppm.c +@@ -69,7 +69,7 @@ typedef struct { + JSAMPROW pixrow; /* compressor input buffer */ + size_t buffer_width; /* width of I/O buffer */ + JSAMPLE *rescale; /* => maxval-remapping array, or NULL */ +- int maxval; ++ unsigned int maxval; + } ppm_source_struct; + + typedef ppm_source_struct *ppm_source_ptr; +@@ -119,7 +119,7 @@ read_pbm_integer (j_compress_ptr cinfo, FILE *infile, unsigned int maxval) + } + + if (val > maxval) +- ERREXIT(cinfo, JERR_PPM_TOOLARGE); ++ ERREXIT(cinfo, JERR_PPM_OUTOFRANGE); + + return val; + } +@@ -255,7 +255,7 @@ get_word_gray_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + temp = UCH(*bufferptr++) << 8; + temp |= UCH(*bufferptr++); + if (temp > maxval) +- ERREXIT(cinfo, JERR_PPM_TOOLARGE); ++ ERREXIT(cinfo, JERR_PPM_OUTOFRANGE); + *ptr++ = rescale[temp]; + } + return 1; +@@ -282,17 +282,17 @@ get_word_rgb_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo) + temp = UCH(*bufferptr++) << 8; + temp |= UCH(*bufferptr++); + if (temp > maxval) +- ERREXIT(cinfo, JERR_PPM_TOOLARGE); ++ ERREXIT(cinfo, JERR_PPM_OUTOFRANGE); + *ptr++ = rescale[temp]; + temp = UCH(*bufferptr++) << 8; + temp |= UCH(*bufferptr++); + if (temp > maxval) +- ERREXIT(cinfo, JERR_PPM_TOOLARGE); ++ ERREXIT(cinfo, JERR_PPM_OUTOFRANGE); + *ptr++ = rescale[temp]; + temp = UCH(*bufferptr++) << 8; + temp |= UCH(*bufferptr++); + if (temp > maxval) +- ERREXIT(cinfo, JERR_PPM_TOOLARGE); ++ ERREXIT(cinfo, JERR_PPM_OUTOFRANGE); + *ptr++ = rescale[temp]; + } + return 1; +-- +2.21.0 + diff --git a/SOURCES/libjpeg-turbo-CVE-2020-17541.patch b/SOURCES/libjpeg-turbo-CVE-2020-17541.patch new file mode 100644 index 0000000..fe91ef8 --- /dev/null +++ b/SOURCES/libjpeg-turbo-CVE-2020-17541.patch @@ -0,0 +1,13 @@ +diff --git a/jchuff.c b/jchuff.c +index fffaace..3bf0194 100644 +--- a/jchuff.c ++++ b/jchuff.c +@@ -428,7 +428,7 @@ dump_buffer (working_state *state) + * scanning order-- 1, 8, 16, etc.), then this will produce an encoded block + * larger than 200 bytes. + */ +-#define BUFSIZE (DCTSIZE2 * 4) ++#define BUFSIZE (DCTSIZE2 * 8) + + #define LOAD_BUFFER() { \ + if (state->free_in_buffer < BUFSIZE) { \ diff --git a/SOURCES/libjpeg-turbo-coverity.patch b/SOURCES/libjpeg-turbo-coverity.patch new file mode 100644 index 0000000..3d89a98 --- /dev/null +++ b/SOURCES/libjpeg-turbo-coverity.patch @@ -0,0 +1,25 @@ +diff --git a/md5/md5hl.c b/md5/md5hl.c +index 983ea76..1b5ced2 100644 +--- a/md5/md5hl.c ++++ b/md5/md5hl.c +@@ -75,14 +75,18 @@ MD5FileChunk(const char *filename, char *buf, off_t ofs, off_t len) + #endif + if (f < 0) + return 0; +- if (fstat(f, &stbuf) < 0) ++ if (fstat(f, &stbuf) < 0) { ++ close(f); + return 0; ++ } + if (ofs > stbuf.st_size) + ofs = stbuf.st_size; + if ((len == 0) || (len > stbuf.st_size - ofs)) + len = stbuf.st_size - ofs; +- if (lseek(f, ofs, SEEK_SET) < 0) ++ if (lseek(f, ofs, SEEK_SET) < 0) { ++ close(f); + return 0; ++ } + n = len; + i = 0; + while (n > 0) { diff --git a/SOURCES/libjpeg-turbo-header-files.patch b/SOURCES/libjpeg-turbo-header-files.patch new file mode 100644 index 0000000..e55058a --- /dev/null +++ b/SOURCES/libjpeg-turbo-header-files.patch @@ -0,0 +1,12 @@ +diff --git a/Makefile.am b/Makefile.am +index d767e4f..584d0c0 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,6 +1,6 @@ + lib_LTLIBRARIES = libjpeg.la + libjpeg_la_LDFLAGS = -version-info ${LIBTOOL_CURRENT}:${SO_MINOR_VERSION}:${SO_AGE} -no-undefined +-include_HEADERS = jerror.h jmorecfg.h jpeglib.h ++include_HEADERS = jerror.h jmorecfg.h jpegint.h jconfig.h jpeglib.h + + if WITH_TURBOJPEG + lib_LTLIBRARIES += libturbojpeg.la diff --git a/SOURCES/libjpeg-turbo-honor-naflags.patch b/SOURCES/libjpeg-turbo-honor-naflags.patch new file mode 100644 index 0000000..23aac64 --- /dev/null +++ b/SOURCES/libjpeg-turbo-honor-naflags.patch @@ -0,0 +1,33 @@ +diff --git a/acinclude.m4 b/acinclude.m4 +index 113169f..0417819 100644 +--- a/acinclude.m4 ++++ b/acinclude.m4 +@@ -90,17 +90,17 @@ fi + + AC_MSG_CHECKING([for object file format specifier (NAFLAGS) ]) + case "$objfmt" in +- MSOMF) NAFLAGS='-fobj -DOBJ32';; +- Win32-COFF) NAFLAGS='-fwin32 -DWIN32';; +- Win64-COFF) NAFLAGS='-fwin64 -DWIN64 -D__x86_64__';; +- COFF) NAFLAGS='-fcoff -DCOFF';; +- a.out) NAFLAGS='-faout -DAOUT';; +- BSD-a.out) NAFLAGS='-faoutb -DAOUT';; +- ELF) NAFLAGS='-felf -DELF';; +- ELF64) NAFLAGS='-felf64 -DELF -D__x86_64__';; +- RDF) NAFLAGS='-frdf -DRDF';; +- Mach-O) NAFLAGS='-fmacho -DMACHO';; +- Mach-O64) NAFLAGS='-fmacho64 -DMACHO -D__x86_64__';; ++ MSOMF) NAFLAGS="$NAFLAGS -fobj -DOBJ32";; ++ Win32-COFF) NAFLAGS="$NAFLAGS -fwin32 -DWIN32";; ++ Win64-COFF) NAFLAGS="$NAFLAGS -fwin64 -DWIN64 -D__x86_64__";; ++ COFF) NAFLAGS="$NAFLAGS -fcoff -DCOFF";; ++ a.out) NAFLAGS="$NAFLAGS -faout -DAOUT";; ++ BSD-a.out) NAFLAGS="$NAFLAGS -faoutb -DAOUT";; ++ ELF) NAFLAGS="$NAFLAGS -felf -DELF";; ++ ELF64) NAFLAGS="$NAFLAGS -felf64 -DELF -D__x86_64__";; ++ RDF) NAFLAGS="$NAFLAGS -frdf -DRDF";; ++ Mach-O) NAFLAGS="$NAFLAGS -fmacho -DMACHO";; ++ Mach-O64) NAFLAGS="$NAFLAGS -fmacho64 -DMACHO -D__x86_64__";; + esac + AC_MSG_RESULT([$NAFLAGS]) + AC_SUBST([NAFLAGS]) diff --git a/SOURCES/libjpeg-turbo14-noinst.patch b/SOURCES/libjpeg-turbo14-noinst.patch new file mode 100644 index 0000000..3499142 --- /dev/null +++ b/SOURCES/libjpeg-turbo14-noinst.patch @@ -0,0 +1,29 @@ +diff --git a/Makefile.am b/Makefile.am +index 80f0059..eea9a32 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -92,9 +92,7 @@ noinst_PROGRAMS = jcstest + + if WITH_TURBOJPEG + +-bin_PROGRAMS += tjbench +- +-noinst_PROGRAMS += tjunittest ++noinst_PROGRAMS += tjbench tjunittest + + tjbench_SOURCES = tjbench.c bmp.h bmp.c tjutil.h tjutil.c rdbmp.c rdppm.c \ + wrbmp.c wrppm.c +@@ -160,13 +158,6 @@ dist_man1_MANS = cjpeg.1 djpeg.1 jpegtran.1 rdjpgcom.1 wrjpgcom.1 + DOCS= coderules.txt jconfig.txt change.log rdrle.c wrrle.c BUILDING.md \ + ChangeLog.md + +-dist_doc_DATA = README.ijg README.md libjpeg.txt structure.txt usage.txt \ +- wizard.txt LICENSE.md +- +-exampledir = $(docdir) +-dist_example_DATA = example.c +- +- + EXTRA_DIST = win release $(DOCS) testimages CMakeLists.txt \ + sharedlib/CMakeLists.txt cmakescripts libjpeg.map.in doc doxygen.config \ + doxygen-extra.css jccolext.c jdcolext.c jdcol565.c jdmrgext.c jdmrg565.c \ diff --git a/SPECS/libjpeg-turbo.spec b/SPECS/libjpeg-turbo.spec new file mode 100644 index 0000000..353ee06 --- /dev/null +++ b/SPECS/libjpeg-turbo.spec @@ -0,0 +1,427 @@ +Name: libjpeg-turbo +Version: 1.5.3 +Release: 11%{?dist} +Summary: A MMX/SSE2/SIMD accelerated library for manipulating JPEG image files +License: IJG +URL: http://sourceforge.net/projects/libjpeg-turbo + +Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +Patch0: libjpeg-turbo14-noinst.patch +Patch1: libjpeg-turbo-header-files.patch +Patch2: libjpeg-turbo-CVE-2018-11813.patch +Patch3: libjpeg-turbo-CVE-2018-1152.patch +Patch4: libjpeg-turbo-honor-naflags.patch +Patch5: libjpeg-turbo-coverity.patch +Patch6: libjpeg-turbo-CET.patch +Patch7: libjpeg-turbo-CVE-2018-14498.patch +Patch8: libjpeg-turbo-CVE-2020-17541.patch + +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool +BuildRequires: nasm + +Obsoletes: libjpeg < 6b-47 +# add provides (even if it not needed) to workaround bad packages, like +# java-1.6.0-openjdk (#rh607554) -- atkac +Provides: libjpeg = 6b-47%{?dist} +%if "%{?_isa}" != "" +Provides: libjpeg%{_isa} = 6b-47%{?dist} +%endif + +%description +The libjpeg-turbo package contains a library of functions for manipulating JPEG +images. + +%package devel +Summary: Headers for the libjpeg-turbo library +Obsoletes: libjpeg-devel < 6b-47 +Provides: libjpeg-devel = 6b-47%{?dist} +%if "%{?_isa}" != "" +Provides: libjpeg-devel%{_isa} = 6b-47%{?dist} +%endif +Requires: libjpeg-turbo%{?_isa} = %{version}-%{release} +Obsoletes: libjpeg-turbo-static < 1.3.1 +Provides: libjpeg-turbo-static = 1.3.1%{?dist} + +%description devel +This package contains header files necessary for developing programs which will +manipulate JPEG files using the libjpeg-turbo library. + +%package utils +Summary: Utilities for manipulating JPEG images +Requires: libjpeg-turbo%{?_isa} = %{version}-%{release} + +%description utils +The libjpeg-turbo-utils package contains simple client programs for accessing +the libjpeg functions. It contains cjpeg, djpeg, jpegtran, rdjpgcom and +wrjpgcom. Cjpeg compresses an image file into JPEG format. Djpeg decompresses a +JPEG file into a regular image file. Jpegtran can perform various useful +transformations on JPEG files. Rdjpgcom displays any text comments included in a +JPEG file. Wrjpgcom inserts text comments into a JPEG file. + +%package -n turbojpeg +Summary: TurboJPEG library + +%description -n turbojpeg +The turbojpeg package contains the TurboJPEG shared library. + +%package -n turbojpeg-devel +Summary: Headers for the TurboJPEG library +Requires: turbojpeg%{?_isa} = %{version}-%{release} + +%description -n turbojpeg-devel +This package contains header files necessary for developing programs which will +manipulate JPEG files using the TurboJPEG library. + +%prep +%setup -q +%patch0 -p1 -b .noinst +%patch1 -p1 -b .header-files +%patch2 -p1 -b .CVE-2018-11813 +%patch3 -p1 -b .CVE-2018-1152 +%patch4 -p1 -b .honor-naflags +%patch5 -p1 -b .coverity +%patch6 -p1 -b .CET +%patch7 -p1 -b .CVE-2018-14498 +%patch8 -p1 -b .CVE-2020-17541 + +%build +autoreconf -vif +export NAFLAGS="-g -Fdwarf" +export CCASFLAGS="-Wa,--generate-missing-build-notes=yes" +# NASM object files are missing GNU Property note for Intel CET, +# force it on the resulting library +%ifarch %{ix86} x86_64 +export LDFLAGS="$RPM_LD_FLAGS -Wl,-z,ibt -Wl,-z,shstk" +%endif +%configure --disable-static + +make %{?_smp_mflags} V=1 + +%install +make install DESTDIR=%{buildroot} +find %{buildroot} -name "*.la" -delete + +# Fix perms +chmod -x README.md + +# multilib header hack +# we only apply this to known Red Hat multilib arches, per bug #1264675 +case `uname -i` in + i386 | ppc | s390 | sparc ) + wordsize="32" + ;; + x86_64 | ppc64 | s390x | sparc64 ) + wordsize="64" + ;; + *) + wordsize="" + ;; +esac + +if test -n "$wordsize" +then + mv $RPM_BUILD_ROOT%{_includedir}/jconfig.h \ + $RPM_BUILD_ROOT%{_includedir}/jconfig-$wordsize.h + + cat >$RPM_BUILD_ROOT%{_includedir}/jconfig.h < + +#if __WORDSIZE == 32 +# include "jconfig-32.h" +#elif __WORDSIZE == 64 +# include "jconfig-64.h" +#else +# error "unexpected value for __WORDSIZE macro" +#endif + +#endif +EOF + +fi + +%check +make test %{?_smp_mflags} + +%ldconfig_scriptlets +%ldconfig_scriptlets -n turbojpeg + +%files +%doc README.md README.ijg ChangeLog.md +%{_libdir}/libjpeg.so.62* + +%files devel +%doc coderules.txt jconfig.txt libjpeg.txt structure.txt example.c +%{_includedir}/jconfig*.h +%{_includedir}/jerror.h +%{_includedir}/jmorecfg.h +%{_includedir}/jpegint.h +%{_includedir}/jpeglib.h +%{_libdir}/libjpeg.so +%{_libdir}/pkgconfig/libjpeg.pc + +%files utils +%doc usage.txt wizard.txt +%{_bindir}/cjpeg +%{_bindir}/djpeg +%{_bindir}/jpegtran +%{_bindir}/rdjpgcom +%{_bindir}/wrjpgcom +%{_mandir}/man1/cjpeg.1* +%{_mandir}/man1/djpeg.1* +%{_mandir}/man1/jpegtran.1* +%{_mandir}/man1/rdjpgcom.1* +%{_mandir}/man1/wrjpgcom.1* + +%files -n turbojpeg +%{_libdir}/libturbojpeg.so.0* + +%files -n turbojpeg-devel +%{_includedir}/turbojpeg.h +%{_libdir}/libturbojpeg.so +%{_libdir}/pkgconfig/libturbojpeg.pc + +%changelog +* Wed Jun 30 2021 Nikola Forró - 1.5.3-11 +- Fix CVE-2020-17541 (#1972289) + +* Thu Jun 06 2019 Nikola Forró - 1.5.3-10 +- Fix CVE-2018-14498 (#1687477) + +* Tue Jun 04 2019 Nikola Forró - 1.5.3-9 +- Fix LDFLAGS (#1688397) + +* Thu Mar 21 2019 Nikola Forró - 1.5.3-8 +- Support running with Intel CET (#1688397) + +* Mon Oct 15 2018 Nikola Forró - 1.5.3-7 +- Fix important Covscan defects (#1606984) + +* Mon Oct 01 2018 Nikola Forró - 1.5.3-6 +- Compile NASM sources with debug info, annotate GAS object files (#1630583) + +* Fri Jun 29 2018 Nikola Forró - 1.5.3-5 +- Fix CVE-2018-1152 (#1593557) + +* Fri Jun 15 2018 Nikola Forró - 1.5.3-4 +- Fix CVE-2018-11813 (#1588807) + +* Wed Feb 07 2018 Fedora Release Engineering - 1.5.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Sat Feb 03 2018 Igor Gnatenko - 1.5.3-2 +- Switch to %%ldconfig_scriptlets + +* Tue Dec 19 2017 Nikola Forró - 1.5.3-1 +- New upstream release 1.5.3 (#1468783) + +* Tue Dec 19 2017 Nikola Forró - 1.5.1-5 +- re-enable check on ppc64(le) + +* Thu Aug 03 2017 Fedora Release Engineering - 1.5.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1.5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Thu May 18 2017 Karsten Hopp - 1.5.1-2 +- disable check on ppc64(le) + +* Fri Feb 10 2017 Fedora Release Engineering - 1.5.1-1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Oct 06 2016 Petr Hracek - 1.5.1-1 +- New upstream relelase 1.5.1 (#1377903) + +* Wed Sep 21 2016 Peter Robinson 1.5.0-4 +- Add upstream aarch64 NEON fix, re-enable SIMD on aarch64 + +* Mon Sep 19 2016 Peter Robinson 1.5.0-3 +- Temporarily disable SIMD on aarch64 until upstream #97 is fixed +- Add NEON fix for ARMv7 + +* Tue Sep 13 2016 Peter Robinson 1.5.0-2 +- Add upstream fix to fix SIMD crash on aarch64 (rhbz #1368569) + +* Tue Jun 21 2016 Petr Hracek - 1.5.0-1 +- New upstream release 1.5.0 (#1343786) + +* Thu Mar 10 2016 Petr Hracek - 1.4.90-1 +- New upstream release 1.4.90 (#1313111) + +* Thu Feb 04 2016 Fedora Release Engineering - 1.4.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Oct 07 2015 Petr Hracek - 1.4.2-2 +- Fix problem with multilibs like jconfig.h (#1264675) + +* Wed Oct 07 2015 Petr Hracek - 1.4.2-1 +- New upstream release 1.4.2 (#1265034) + +* Tue Jun 16 2015 Peter Robinson 1.4.1-1 +- new upstream version 1.4.1 +- nasm available on all arches +- run tests with SMP + +* Tue Jan 20 2015 Petr Hracek - 1.4.0-1 +- new upstream version 1.4.0 (#1180442) + +* Wed Nov 26 2014 Petr Hracek - 1.3.90-3 +- libjpeg-turbo no longer defined macros like JPP (#1164815) + +* Wed Nov 19 2014 Petr Hracek - 1.3.90-2 +- Resolves #1161585 Add suport for secondary arches + +* Mon Oct 27 2014 Petr Hracek - 1.3.90-1 +- new upstream version 1.3.90 +Resolves #1135375 + +* Sun Aug 17 2014 Fedora Release Engineering - 1.3.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.3.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Apr 17 2014 Simone Caronni - 1.3.1-2 +- Re-add libjpeg-devel requirements for broken packages since Fedora 13. + +* Wed Apr 16 2014 Petr Hracek - 1.3.1-1 +- New upstream version +- Remove upstreamed patches, add missing jpegint.h +- Clean up SPEC file +- Disable --static subpackage +- Remove libjpeg obsolency, removed in Fedora 13 + +* Thu Dec 19 2013 Petr Hracek - 1.3.0-2 +- Apply fixes CVE-2013-6629, CVE-2013-6630 (#20131737) + +* Thu Jul 25 2013 Petr Hracek - 1.3.0-1 +- new upstream version +- no soname bump change + +* Tue Mar 26 2013 Adam Tkac - 1.2.90-2 +- rebuild for ARM64 support + +* Fri Feb 08 2013 Adam Tkac 1.2.90-1 +- update to 1.2.90 + +* Mon Feb 04 2013 Adam Tkac 1.2.90-0.1.20130204svn922 +- update to 1.2.80 snapshot (#854695) +- run `make test` during build + +* Fri Jan 18 2013 Adam Tkac 1.2.1-6 +- build with jpeg6 API/ABI (jpeg8-ABI feature was dropped) + +* Tue Dec 04 2012 Adam Tkac 1.2.1-5 +- change license to IJG (#877517) + +* Wed Oct 24 2012 Adam Tkac 1.2.1-4 +- build with jpeg8 API/ABI (#854695) + +* Thu Oct 18 2012 Adam Tkac 1.2.1-3 +- minor provides tuning (#863231) + +* Thu Jul 19 2012 Fedora Release Engineering - 1.2.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon Jul 16 2012 Adam Tkac 1.2.1-1 +- update to 1.2.1 + +* Thu Mar 08 2012 Adam Tkac 1.2.0-1 +- update to 1.2.0 + +* Fri Jan 13 2012 Fedora Release Engineering - 1.1.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Nov 21 2011 Orion Poplawski 1.1.1-3 +- Make turobojpeg-devel depend on turbojpeg + +* Fri Oct 7 2011 Orion Poplawski 1.1.1-2 +- Ship the turbojpeg library (#744258) + +* Mon Jul 11 2011 Adam Tkac 1.1.1-1 +- update to 1.1.1 + - ljt11-rh688712.patch merged + +* Tue Mar 22 2011 Adam Tkac 1.1.0-2 +- handle broken JPEGs better (#688712) + +* Tue Mar 01 2011 Adam Tkac 1.1.0-1 +- update to 1.1.0 + +* Tue Feb 08 2011 Fedora Release Engineering - 1.0.90-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Jan 17 2011 Adam Tkac 1.0.90-1 +- update to 1.0.90 +- libjpeg-turbo10-rh639672.patch merged + +* Fri Oct 29 2010 Adam Tkac 1.0.1-3 +- add support for arithmetic coded files into decoder (#639672) + +* Wed Sep 29 2010 jkeating - 1.0.1-2 +- Rebuilt for gcc bug 634757 + +* Mon Sep 13 2010 Adam Tkac 1.0.1-1 +- update to 1.0.1 + - libjpeg-turbo10-rh617469.patch merged +- add -static subpkg (#632859) + +* Wed Aug 04 2010 Adam Tkac 1.0.0-3 +- fix huffman decoder to handle broken JPEGs well (#617469) + +* Fri Jul 02 2010 Adam Tkac 1.0.0-2 +- add libjpeg-devel%%{_isa} provides to -devel subpkg to satisfy imlib-devel + deps + +* Fri Jul 02 2010 Adam Tkac 1.0.0-1 +- update to 1.0.0 +- patches merged + - libjpeg-turbo-programs.patch + - libjpeg-turbo-nosimd.patch +- add libjpeg provides to the main package to workaround problems with broken + java-1.6.0-openjdk package + +* Fri Jul 02 2010 Adam Tkac 0.0.93-13 +- remove libjpeg provides from -utils subpkg + +* Wed Jun 30 2010 Rex Dieter 0.0.93-12 +- move Obsoletes: libjpeg to main pkg + +* Wed Jun 30 2010 Rex Dieter 0.0.93-11 +- -utils: Requires: %%name ... + +* Wed Jun 30 2010 Adam Tkac 0.0.93-10 +- add Provides = libjpeg to -utils subpackage + +* Mon Jun 28 2010 Adam Tkac 0.0.93-9 +- merge review related fixes (#600243) + +* Wed Jun 16 2010 Adam Tkac 0.0.93-8 +- merge review related fixes (#600243) + +* Mon Jun 14 2010 Adam Tkac 0.0.93-7 +- obsolete -static libjpeg subpackage (#600243) + +* Mon Jun 14 2010 Adam Tkac 0.0.93-6 +- improve package description a little (#600243) +- include example.c as %%doc in the -devel subpackage + +* Fri Jun 11 2010 Adam Tkac 0.0.93-5 +- don't use "fc12" disttag in obsoletes/provides (#600243) + +* Thu Jun 10 2010 Adam Tkac 0.0.93-4 +- fix compilation on platforms without MMX/SSE (#600243) + +* Thu Jun 10 2010 Adam Tkac 0.0.93-3 +- package review related fixes (#600243) + +* Wed Jun 09 2010 Adam Tkac 0.0.93-2 +- package review related fixes (#600243) + +* Fri Jun 04 2010 Adam Tkac 0.0.93-1 +- initial package