PR#9: Backport multiple CVE fixes - rpms/dcmtk

rpms / dcmtk

#9 Backport multiple CVE fixes

Merged 6 months ago by carlwgeorge. Opened 6 months ago by carlwgeorge.

rpms/ carlwgeorge/dcmtk epel8-cves into epel8

fix: use bundled charls v1

Ankur Sinha (Ankur Sinha Gmail) • 6 months ago

2a0186e

Backport multiple CVE fixes

Carl George • 6 months ago

ddc23ab

Clean up patch files

Carl George • 6 months ago

869b32d

0001-Use-system-CharLS-include.patch ~~0001-3.6.4-Use-system-CharLS-include.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 222912a741144c340ab226c9cdf02579c4f10a63 Mon Sep 17 00:00:00 2001`
		`+ From e48506a7da636d281144c5728c2b352391185659 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:22:57 +0100`
		`- Subject: [PATCH 01/16] 3.6.4 Use system CharLS include`
		`+ Subject: [PATCH 01/20] Use system CharLS include`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 2 +-`
		`@@ -49,5 +49,5 @@`
		`/** Helper class for converting between dcmjpls and CharLS error codes`
		`*/`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0002-Add-FindCharLS.patch ~~0002-3.6.4-Add-FindCharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From fc1b268764920d89e595827d1521c65ea5650c14 Mon Sep 17 00:00:00 2001`
		`+ From 86f8c94dde91c84164d20861042365176675a8e7 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:25:08 +0100`
		`- Subject: [PATCH 02/16] 3.6.4 Add FindCharLS`
		`+ Subject: [PATCH 02/20] Add FindCharLS`

		`---`
		`CMake/FindCharLS.cmake \| 35 +++++++++++++++++++++++++++++++++++`
		`@@ -50,5 +50,5 @@`
		`+ )`
		`+`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0003-Find-and-include-CharLS.patch ~~0003-3.6.4-Find-and-include-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 5239b7f0ec2ac171e078dea515b41c624b333e54 Mon Sep 17 00:00:00 2001`
		`+ From af4827f22c7d7720bfb2a508a2a442ad5141224e Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:26:51 +0100`
		`- Subject: [PATCH 03/16] 3.6.4 Find and include CharLS`
		`+ Subject: [PATCH 03/20] Find and include CharLS`

		`---`
		`CMake/3rdparty.cmake \| 15 +++++++++++++++`
		`@@ -34,5 +34,5 @@`

		`if(NOT DEFINED DCMTK_WITH_STDLIBC_ICONV)`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0004-Use-cmake-suggested-locations-for-CharLS.patch ~~0004-3.6.4-Use-cmake-suggested-locations-for-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From b9e805310db67dd83f51d19e2081d73f1d65336d Mon Sep 17 00:00:00 2001`
		`+ From 3439dabaab39bfa08487e5bbd172f846a2706b33 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:28:59 +0100`
		`- Subject: [PATCH 04/16] 3.6.4 Use cmake suggested locations for CharLS`
		`+ Subject: [PATCH 04/20] Use cmake suggested locations for CharLS`

		`---`
		`dcmjpls/apps/CMakeLists.txt \| 2 +-`
		`@@ -30,5 +30,5 @@`
		`-DCMTK_TARGET_LINK_MODULES(dcmjpls ofstd oflog dcmdata dcmimgle dcmimage charls)`
		`+DCMTK_TARGET_LINK_MODULES(dcmjpls ofstd oflog dcmdata dcmimgle dcmimage ${CHARLS_LIBS})`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0005-Correct-CharLS-API-call.patch ~~0005-3.6.4-Correct-CharLS-API-call.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 1461a6c22fba7d5432ae676aecc2599c131abb1a Mon Sep 17 00:00:00 2001`
		`+ From 6c5a60278d4a8c31fdd46492262b24c1573728bb Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:30:46 +0100`
		`- Subject: [PATCH 05/16] 3.6.4 Correct CharLS API call`
		`+ Subject: [PATCH 05/20] Correct CharLS API call`

		`---`
		`dcmjpls/libsrc/djcodece.cc \| 4 ++--`
		`@@ -30,5 +30,5 @@`

		`if (result.good())`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0006-Remove-reference-to-bundled-CharLS.patch ~~0006-3.6.4-Remove-reference-to-bundled-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 0a1f6b7640ee558d6405bc33755ebf0b071878eb Mon Sep 17 00:00:00 2001`
		`+ From 3ab6bd76e18e7f00a561fa40434a3de2afc59f72 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:31:32 +0100`
		`- Subject: [PATCH 06/16] 3.6.4 Remove reference to bundled CharLS`
		`+ Subject: [PATCH 06/20] Remove reference to bundled CharLS`

		`---`
		`dcmjpls/CMakeLists.txt \| 2 +-`
		`@@ -20,5 +20,5 @@`
		`add_subdirectory(${SUBDIR})`
		`endforeach()`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0007-Update-JLS_ERROR-to-jpegls_error-in-CharLS-usage.patch ~~0007-3.6.4-Update-JLS_ERROR-to-jpegls_error-in-CharLS-usa.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 42dbe6a06f87c9223ab7a968eb6140188af81e8d Mon Sep 17 00:00:00 2001`
		`+ From a835c60b056c0f2a813b9878fbfb0808a1f55e69 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 18:58:25 +0100`
		`- Subject: [PATCH 07/16] 3.6.4 Update JLS_ERROR to jpegls_error in CharLS usage`
		`+ Subject: [PATCH 07/20] Update JLS_ERROR to jpegls_error in CharLS usage`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 3 ++-`
		`@@ -74,5 +74,5 @@`
		`switch (error)`
		`{`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0008-Correct-JpegLsReadHeader-arguments.patch ~~0008-3.6.4-correct-JpegLsReadHeader-arguments.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From ee71231260cb6f031ec3ad7401f202df42dd8968 Mon Sep 17 00:00:00 2001`
		`+ From a593548c4c0035b3572be3663ef5105d4e612652 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 19:01:23 +0100`
		`- Subject: [PATCH 08/16] 3.6.4 correct JpegLsReadHeader arguments`
		`+ Subject: [PATCH 08/20] Correct JpegLsReadHeader arguments`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 2 +-`
		`@@ -21,5 +21,5 @@`

		`if (result.good())`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0009-Update-JlsParameters-for-new-CharLS.patch ~~0009-3.6.4-update-JlsParameters-for-new-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From b3c7a934cbd9f1b90a5d1280c46b8cfe2c7863c6 Mon Sep 17 00:00:00 2001`
		`+ From ec9ba1420eda493fa974c769bbc4cf08e0ca7f64 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 19:03:56 +0100`
		`- Subject: [PATCH 09/16] 3.6.4 update JlsParameters for new CharLS`
		`+ Subject: [PATCH 09/20] Update JlsParameters for new CharLS`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 4 ++--`
		`@@ -83,5 +83,5 @@`

		`size_t compressed_buffer_size = buffer_size + 1024;`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0010-Correct-JpegLsDecode-arguments-for-CharLS-2.patch ~~0010-3.6.4-correct-JpegLsDecode-arguments-for-CharLS-2.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From dd0121ad580126742679c691b52549414baef36f Mon Sep 17 00:00:00 2001`
		`+ From 799fd2ebed9c3ca618b1983cdc16489287069f58 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 19:06:44 +0100`
		`- Subject: [PATCH 10/16] 3.6.4 correct JpegLsDecode arguments for CharLS 2`
		`+ Subject: [PATCH 10/20] Correct JpegLsDecode arguments for CharLS 2`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 2 +-`
		`@@ -21,5 +21,5 @@`
		`delete[] jlsData;`

		`--`
		`- 2.21.0`
		`+ 2.39.2`

0011-Update-ilv-for-new-CharLS.patch ~~0011-3.6.4-update-ilv-for-new-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From e31292ddd7f296e88a390566e632e5eab25eabb1 Mon Sep 17 00:00:00 2001`
		`+ From f324a895d473b2c857d8541f1a1b4c62051b1240 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 19:20:49 +0100`
		`- Subject: [PATCH 11/16] 3.6.4 update ilv for new CharLS`
		`+ Subject: [PATCH 11/20] Update ilv for new CharLS`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 4 ++--`
		`@@ -147,5 +147,5 @@`
		`DCMJPLS_DEBUG("Converting image from color-by-pixel to color-by-plane");`

		`--`
		`- 2.21.0`
		`+ 2.39.2`

0012-Correct-extra-include-for-CharLS.patch ~~0012-3.6.4-Correct-extra-include-for-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 7b20ec2b206ac325bb8b18aaad2ef704959abb7e Mon Sep 17 00:00:00 2001`
		`+ From 0144a31f46e56e507985161d2e7a25383d4e6748 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 19:43:48 +0100`
		`- Subject: [PATCH 12/16] 3.6.4 Correct extra include for CharLS`
		`+ Subject: [PATCH 12/20] Correct extra include for CharLS`

		`---`
		`dcmjpls/libsrc/djcodecd.cc \| 2 +-`
		`@@ -48,5 +48,5 @@`
		`/** Helper class for converting between dcmjpls and CharLS error codes`
		`*/`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0013-Update-errors-to-use-enum-class-in-CharLS-2.patch ~~0013-3.6.4-Update-errors-to-use-enum-class-in-CharLS-2.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From f937b086b59f2d882067ffb280243bc286b18a97 Mon Sep 17 00:00:00 2001`
		`+ From 434e004a286598b366ddd1c365492503b8d235cc Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 21:26:28 +0100`
		`- Subject: [PATCH 13/16] 3.6.4 Update errors to use enum class in CharLS 2`
		`+ Subject: [PATCH 13/20] Update errors to use enum class in CharLS 2`

		`---`
		`dcmjpls/libsrc/djerror.h \| 20 ++++++++++----------`
		`@@ -48,5 +48,5 @@`
		`default:`
		`return EC_IllegalParameter;`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0014-Define-BYTE-for-CharLS.patch ~~0014-3.6.4-define-BYTE-for-CharLS.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From 678ec1ddce7370aecaa1e46e9f421cb550edd613 Mon Sep 17 00:00:00 2001`
		`+ From 888f30c747b6ca9c13d954554cbc9ba365c3fce6 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 22:20:51 +0100`
		`- Subject: [PATCH 14/16] 3.6.4 define BYTE for CharLS`
		`+ Subject: [PATCH 14/20] Define BYTE for CharLS`

		`---`
		`dcmjpls/libsrc/djcodece.cc \| 3 +++`
		`@@ -22,5 +22,5 @@`
		`E_TransferSyntax DJLSLosslessEncoder::supportedTransferSyntax() const`
		`{`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0015-Update-colorTransformation-for-CharLS-2.patch ~~0015-3.6.4-Update-colorTransformation-for-CharLS-2.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From a7a973999bbfb30ec7113e6e6a92b2f340654661 Mon Sep 17 00:00:00 2001`
		`+ From e2f109823fe105bd7326f1ec54e33fae2a707cb9 Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 22:44:56 +0100`
		`- Subject: [PATCH 15/16] 3.6.4 Update colorTransformation for CharLS 2`
		`+ Subject: [PATCH 15/20] Update colorTransformation for CharLS 2`

		`---`
		`dcmjpls/libsrc/djcodece.cc \| 4 ++--`
		`@@ -30,5 +30,5 @@`
		`// This was already checked for a sane value above`
		`jls_params.components = samplesPerPixel;`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0016-Update-JpegLsEncode-for-CharLS-2.patch ~~0016-3.6.4-Update-JpegLsEncode-for-CharLS-2.patch~~

file renamed

+3 -3

		`@@ -1,7 +1,7 @@`
		`- From a9c64548cd7e8e2dc8bf6b5759a7a16ddae1169a Mon Sep 17 00:00:00 2001`
		`+ From 5c847011c04a0ef1820dcb375ab77621d6fd963b Mon Sep 17 00:00:00 2001`
		`From: "Ankur Sinha (Ankur Sinha Gmail)" <sanjay.ankur@gmail.com>`
		`Date: Sun, 28 Jul 2019 22:48:27 +0100`
		`- Subject: [PATCH 16/16] 3.6.4 Update JpegLsEncode for CharLS 2`
		`+ Subject: [PATCH 16/20] Update JpegLsEncode for CharLS 2`

		`---`
		`dcmjpls/libsrc/djcodece.cc \| 4 ++--`
		`@@ -30,5 +30,5 @@`

		`if (result.good())`
		`--`
		`- 2.21.0`
		`+ 2.39.2`

0017-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch

file added

+568

		`@@ -0,0 +1,568 @@`
		`+ From 7693a80affe4476655103fe280253582b4fcf6c7 Mon Sep 17 00:00:00 2001`
		`+ From: Michael Onken <onken@open-connections.de>`
		`+ Date: Sat, 2 Oct 2021 00:29:56 +0200`
		`+ Subject: [PATCH 17/20] [CVE-2021-41687, CVE-2021-41688, CVE-2021-41690] Fixed`
		`+ poss. NULL pointer dereference/double free.`
		`+`
		`+ Thanks to Jinsheng Ba <bajinsheng@u.nus.edu> for the report and some patches.`
		`+`
		`+ (cherry picked from commit a9697dfeb672b0b9412c00c7d36d801e27ec85cb)`
		`+ ---`
		`+ .../dcmtk/dcmnet}/dulstruc.h \| 8 ++`
		`+ dcmnet/include/dcmtk/dcmnet/helpers.h \| 38 +++++++`
		`+ dcmnet/libsrc/CMakeLists.txt \| 2 +-`
		`+ dcmnet/libsrc/Makefile.in \| 2 +-`
		`+ dcmnet/libsrc/assoc.cc \| 23 +---`
		`+ dcmnet/libsrc/dcuserid.cc \| 4 +-`
		`+ dcmnet/libsrc/dul.cc \| 2 +-`
		`+ dcmnet/libsrc/dulconst.cc \| 2 +-`
		`+ dcmnet/libsrc/dulextra.cc \| 2 +-`
		`+ dcmnet/libsrc/dulfsm.cc \| 51 +--------`
		`+ dcmnet/libsrc/dulparse.cc \| 100 +++++++++++++-----`
		`+ dcmnet/libsrc/dulpres.cc \| 2 +-`
		`+ dcmnet/libsrc/helpers.cc \| 71 +++++++++++++`
		`+ 13 files changed, 201 insertions(+), 106 deletions(-)`
		`+ rename dcmnet/{libsrc => include/dcmtk/dcmnet}/dulstruc.h (98%)`
		`+ create mode 100644 dcmnet/include/dcmtk/dcmnet/helpers.h`
		`+ create mode 100644 dcmnet/libsrc/helpers.cc`
		`+`
		`+ diff --git a/dcmnet/libsrc/dulstruc.h b/dcmnet/include/dcmtk/dcmnet/dulstruc.h`
		`+ similarity index 98%`
		`+ rename from dcmnet/libsrc/dulstruc.h`
		`+ rename to dcmnet/include/dcmtk/dcmnet/dulstruc.h`
		`+ index 22da6ece1..6ac9a8f5d 100644`
		`+ --- a/dcmnet/libsrc/dulstruc.h`
		`+ +++ b/dcmnet/include/dcmtk/dcmnet/dulstruc.h`
		`+ @@ -71,6 +71,11 @@`
		`+ #include "dcmtk/config/osconfig.h" /* make sure OS specific configuration is included first */`
		`+ #include "dcmtk/dcmnet/extneg.h"`
		`+ #include "dcmtk/dcmnet/dcuserid.h"`
		`+ +#include "dcmtk/dcmnet/dicom.h"`
		`+ +#include "dcmtk/dcmnet/dntypes.h"`
		`+ +#include "dcmtk/dcmnet/dul.h"`
		`+ +#include "dcmtk/dcmnet/lst.h"`
		`+ +`
		`+`
		`+ class DcmTransportConnection;`
		`+ class DcmTransportLayer;`
		`+ @@ -290,6 +295,9 @@ typedef struct dul_datapdu {`
		`+ DUL_PRESENTATIONDATAVALUE presentationDataValue;`
		`+ } DUL_DATAPDU;`
		`+`
		`+ +`
		`+ +`
		`+ +`
		`+ #define DUL_PROTOCOL (unsigned short) 0x01`
		`+`
		`+ #define DUL_TYPEAPPLICATIONCONTEXT (unsigned char)0x10`
		`+ diff --git a/dcmnet/include/dcmtk/dcmnet/helpers.h b/dcmnet/include/dcmtk/dcmnet/helpers.h`
		`+ new file mode 100644`
		`+ index 000000000..7d7e382be`
		`+ --- /dev/null`
		`+ +++ b/dcmnet/include/dcmtk/dcmnet/helpers.h`
		`+ @@ -0,0 +1,38 @@`
		`+ +/*`
		`+ + *`
		`+ + * Copyright (C) 2021, OFFIS e.V.`
		`+ + * All rights reserved. See COPYRIGHT file for details.`
		`+ + *`
		`+ + * This software and supporting documentation were partly developed by`
		`+ + *`
		`+ + * OFFIS e.V.`
		`+ + * R&D Division Health`
		`+ + * Escherweg 2`
		`+ + * D-26121 Oldenburg, Germany`
		`+ + *`
		`+ + *`
		`+ + * Module: dcmnet`
		`+ + *`
		`+ + * Author: Michael Onken`
		`+ + *`
		`+ + * Purpose: Collection of helper functions`
		`+ + *`
		`+ + */`
		`+ +`
		`+ +#ifndef DCMHET_HELPERS_H`
		`+ +#define DCMHET_HELPERS_H`
		`+ +`
		`+ +#include "dcmtk/ofstd/ofcond.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ +`
		`+ +struct T_ASC_Parameters;`
		`+ +class LST_HEAD;`
		`+ +`
		`+ +`
		`+ +void`
		`+ +destroyPresentationContextList(LST_HEAD ** l);`
		`+ +`
		`+ +void`
		`+ +destroyUserInformationLists(DUL_USERINFO * userInfo);`
		`+ +`
		`+ +#endif`
		`+ diff --git a/dcmnet/libsrc/CMakeLists.txt b/dcmnet/libsrc/CMakeLists.txt`
		`+ index ed902ddc1..ee39d0f14 100644`
		`+ --- a/dcmnet/libsrc/CMakeLists.txt`
		`+ +++ b/dcmnet/libsrc/CMakeLists.txt`
		`+ @@ -1,5 +1,5 @@`
		`+ # create library from source files`
		`+ -DCMTK_ADD_LIBRARY(dcmnet assoc cond dcasccff dcasccfg dccfenmp dccfpcmp dccfprmp dccfrsmp dccftsmp dccfuidh dcmlayer dcmtrans dcompat dimcancl dimcmd dimdump dimecho dimfind dimget dimmove dimse dimstore diutil dul dulconst dulextra dulfsm dulparse dulpres extneg lst dfindscu dstorscp dstorscu dcuserid scu scp scpthrd scpcfg scppool dwrap)`
		`+ +DCMTK_ADD_LIBRARY(dcmnet assoc cond dcasccff dcasccfg dccfenmp dccfpcmp dccfprmp dccfrsmp dccftsmp dccfuidh dcmlayer dcmtrans dcompat dimcancl dimcmd dimdump dimecho dimfind dimget dimmove dimse dimstore diutil dul dulconst dulextra dulfsm dulparse dulpres extneg helpers lst dfindscu dstorscp dstorscu dcuserid scu scp scpthrd scpcfg scppool dwrap)`
		`+`
		`+ DCMTK_TARGET_LINK_MODULES(dcmnet ofstd oflog dcmdata)`
		`+ DCMTK_TARGET_LINK_LIBRARIES(dcmnet ${WRAP_LIBS})`
		`+ diff --git a/dcmnet/libsrc/Makefile.in b/dcmnet/libsrc/Makefile.in`
		`+ index 66d8c527b..d767bea35 100644`
		`+ --- a/dcmnet/libsrc/Makefile.in`
		`+ +++ b/dcmnet/libsrc/Makefile.in`
		`+ @@ -25,7 +25,7 @@ objs = assoc.o cond.o dcompat.o dimcancl.o dimcmd.o dimdump.o dimecho.o \`
		`+ dulfsm.o dulparse.o dulpres.o dul.o lst.o extneg.o dimget.o dcmlayer.o \`
		`+ dcmtrans.o dcasccfg.o dcasccff.o dccfuidh.o dccftsmp.o dccfpcmp.o \`
		`+ dccfrsmp.o dccfenmp.o dccfprmp.o dfindscu.o dstorscp.o dstorscu.o \`
		`+ - dcuserid.o scu.o scp.o scpcfg.o scpthrd.o scppool.o dwrap.o`
		`+ + dcuserid.o helper.o scu.o scp.o scpcfg.o scpthrd.o scppool.o dwrap.o`
		`+`
		`+ library = libdcmnet.$(LIBEXT)`
		`+`
		`+ diff --git a/dcmnet/libsrc/assoc.cc b/dcmnet/libsrc/assoc.cc`
		`+ index d5741a691..437efe78f 100644`
		`+ --- a/dcmnet/libsrc/assoc.cc`
		`+ +++ b/dcmnet/libsrc/assoc.cc`
		`+ @@ -125,6 +125,7 @@`
		`+ #include "dcmtk/ofstd/ofconsol.h"`
		`+ #include "dcmtk/ofstd/ofstd.h"`
		`+ #include "dcmtk/dcmnet/dcmtrans.h"`
		`+ +#include "dcmtk/dcmnet/helpers.h"`
		`+`
		`+ /*`
		`+ ** Constant Definitions`
		`+ @@ -343,25 +344,6 @@ ASC_createAssociationParameters(T_ASC_Parameters ** params,`
		`+ return EC_Normal;`
		`+ }`
		`+`
		`+ -static void`
		`+ -destroyPresentationContextList(LST_HEAD ** lst)`
		`+ -{`
		`+ - DUL_PRESENTATIONCONTEXT *pc;`
		`+ - DUL_TRANSFERSYNTAX *ts;`
		`+ -`
		`+ - if ((lst == NULL) \|\| (*lst == NULL))`
		`+ - return;`
		`+ - while ((pc = (DUL_PRESENTATIONCONTEXT*) LST_Dequeue(lst)) != NULL) {`
		`+ - if (pc->proposedTransferSyntax != NULL) {`
		`+ - while ((ts = (DUL_TRANSFERSYNTAX*) LST_Dequeue(&pc->proposedTransferSyntax)) != NULL) {`
		`+ - free(ts);`
		`+ - }`
		`+ - LST_Destroy(&pc->proposedTransferSyntax);`
		`+ - }`
		`+ - free(pc);`
		`+ - }`
		`+ - LST_Destroy(lst);`
		`+ -}`
		`+`
		`+ OFCondition`
		`+ ASC_destroyAssociationParameters(T_ASC_Parameters ** params)`
		`+ @@ -1706,8 +1688,7 @@ ASC_destroyAssociation(T_ASC_Association ** association)`
		`+ }`
		`+`
		`+ if ((*association)->params != NULL) {`
		`+ - cond = ASC_destroyAssociationParameters(&(*association)->params);`
		`+ - if (cond.bad()) return cond;`
		`+ + ASC_destroyAssociationParameters(&(*association)->params);`
		`+ }`
		`+`
		`+ if ((*association)->sendPDVBuffer != NULL)`
		`+ diff --git a/dcmnet/libsrc/dcuserid.cc b/dcmnet/libsrc/dcuserid.cc`
		`+ index 6a2d72a20..f1530fe79 100644`
		`+ --- a/dcmnet/libsrc/dcuserid.cc`
		`+ +++ b/dcmnet/libsrc/dcuserid.cc`
		`+ @@ -1,6 +1,6 @@`
		`+ /*`
		`+ *`
		`+ - * Copyright (C) 1997-2018, OFFIS e.V.`
		`+ + * Copyright (C) 1997-2021, OFFIS e.V.`
		`+ * All rights reserved. See COPYRIGHT file for details.`
		`+ *`
		`+ * This software and supporting documentation were developed by`
		`+ @@ -23,7 +23,7 @@`
		`+ #include "dcmtk/config/osconfig.h" /* make sure OS specific configuration is included first */`
		`+ #include "dcmtk/dcmnet/dcuserid.h"`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+`
		`+ /* ************************************************************************* */`
		`+ /* Implementation of class UserIdentityNegotiationSubItem */`
		`+ diff --git a/dcmnet/libsrc/dul.cc b/dcmnet/libsrc/dul.cc`
		`+ index 51d034e72..eff00a26b 100644`
		`+ --- a/dcmnet/libsrc/dul.cc`
		`+ +++ b/dcmnet/libsrc/dul.cc`
		`+ @@ -145,7 +145,7 @@ END_EXTERN_C`
		`+ #include "dcmtk/ofstd/ofstd.h"`
		`+`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ #include "dulpriv.h"`
		`+ #include "dulfsm.h"`
		`+ #include "dcmtk/dcmnet/dcmtrans.h"`
		`+ diff --git a/dcmnet/libsrc/dulconst.cc b/dcmnet/libsrc/dulconst.cc`
		`+ index c0643c2bc..13738e8ea 100644`
		`+ --- a/dcmnet/libsrc/dulconst.cc`
		`+ +++ b/dcmnet/libsrc/dulconst.cc`
		`+ @@ -77,7 +77,7 @@`
		`+ #include "dcmtk/dcmnet/diutil.h"`
		`+ #include "dcmtk/dcmnet/lst.h"`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ #include "dulpriv.h"`
		`+ #include "dcmtk/ofstd/ofconsol.h"`
		`+`
		`+ diff --git a/dcmnet/libsrc/dulextra.cc b/dcmnet/libsrc/dulextra.cc`
		`+ index 9845f3e4c..bec14fc2b 100644`
		`+ --- a/dcmnet/libsrc/dulextra.cc`
		`+ +++ b/dcmnet/libsrc/dulextra.cc`
		`+ @@ -102,7 +102,7 @@`
		`+ #include "dcmtk/dcmnet/lst.h"`
		`+ #include "dcmtk/dcmnet/cond.h"`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ #include "dulpriv.h"`
		`+ #include "dcmtk/dcmnet/dcmtrans.h"`
		`+ #include "dcmtk/dcmnet/diutil.h"`
		`+ diff --git a/dcmnet/libsrc/dulfsm.cc b/dcmnet/libsrc/dulfsm.cc`
		`+ index e3facda64..22ded0efc 100644`
		`+ --- a/dcmnet/libsrc/dulfsm.cc`
		`+ +++ b/dcmnet/libsrc/dulfsm.cc`
		`+ @@ -113,7 +113,7 @@ END_EXTERN_C`
		`+ #include "dcmtk/dcmnet/lst.h"`
		`+ #include "dcmtk/dcmnet/cond.h"`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ #include "dulpriv.h"`
		`+ #include "dulfsm.h"`
		`+ #include "dcmtk/ofstd/ofbmanip.h"`
		`+ @@ -122,6 +122,7 @@ END_EXTERN_C`
		`+ #include "dcmtk/dcmnet/dcmtrans.h"`
		`+ #include "dcmtk/dcmnet/dcmlayer.h"`
		`+ #include "dcmtk/dcmnet/diutil.h"`
		`+ +#include "dcmtk/dcmnet/helpers.h"`
		`+ #include "dcmtk/ofstd/ofsockad.h" /* for class OFSockAddr */`
		`+`
		`+ /* At least Solaris doesn't define this */`
		`+ @@ -310,9 +311,6 @@ findPresentationCtx(LST_HEAD ** lst, DUL_PRESENTATIONCONTEXTID contextID);`
		`+ PRV_SCUSCPROLE *`
		`+ findSCUSCPRole(LST_HEAD ** lst, char *abstractSyntax);`
		`+`
		`+ -void destroyPresentationContextList(LST_HEAD ** l);`
		`+ -void destroyUserInformationLists(DUL_USERINFO * userInfo);`
		`+ -`
		`+ static FSM_Event_Description Event_Table[] = {`
		`+ {A_ASSOCIATE_REQ_LOCAL_USER, "A-ASSOCIATE request (local user)"},`
		`+ {TRANS_CONN_CONFIRM_LOCAL_USER, "Transport conn confirmation (local)"},`
		`+ @@ -3988,48 +3986,3 @@ findSCUSCPRole(LST_HEAD ** lst, char *abstractSyntax)`
		`+ }`
		`+ return NULL;`
		`+ }`
		`+ -`
		`+ -void`
		`+ -destroyPresentationContextList(LST_HEAD ** l)`
		`+ -{`
		`+ - PRV_PRESENTATIONCONTEXTITEM`
		`+ - * prvCtx;`
		`+ - DUL_SUBITEM`
		`+ - * subItem;`
		`+ -`
		`+ - if (*l == NULL)`
		`+ - return;`
		`+ -`
		`+ - prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l);`
		`+ - while (prvCtx != NULL) {`
		`+ - subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList);`
		`+ - while (subItem != NULL) {`
		`+ - free(subItem);`
		`+ - subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList);`
		`+ - }`
		`+ - LST_Destroy(&prvCtx->transferSyntaxList);`
		`+ - free(prvCtx);`
		`+ - prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l);`
		`+ - }`
		`+ - LST_Destroy(l);`
		`+ -}`
		`+ -`
		`+ -void`
		`+ -destroyUserInformationLists(DUL_USERINFO * userInfo)`
		`+ -{`
		`+ - PRV_SCUSCPROLE`
		`+ - * role;`
		`+ -`
		`+ - role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList);`
		`+ - while (role != NULL) {`
		`+ - free(role);`
		`+ - role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList);`
		`+ - }`
		`+ - LST_Destroy(&userInfo->SCUSCPRoleList);`
		`+ -`
		`+ - /* extended negotiation */`
		`+ - delete userInfo->extNegList; userInfo->extNegList = NULL;`
		`+ -`
		`+ - /* user identity negotiation */`
		`+ - delete userInfo->usrIdent; userInfo->usrIdent = NULL;`
		`+ -}`
		`+ diff --git a/dcmnet/libsrc/dulparse.cc b/dcmnet/libsrc/dulparse.cc`
		`+ index 73185ad4f..ab5ba0ebd 100644`
		`+ --- a/dcmnet/libsrc/dulparse.cc`
		`+ +++ b/dcmnet/libsrc/dulparse.cc`
		`+ @@ -75,7 +75,8 @@`
		`+ #include "dcmtk/dcmnet/lst.h"`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ #include "dcmtk/dcmnet/diutil.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/helpers.h"`
		`+ #include "dulpriv.h"`
		`+ #include "dcmtk/ofstd/ofconsol.h"`
		`+`
		`+ @@ -147,9 +148,6 @@ parseAssociate(unsigned char *buf, unsigned long pduLength,`
		`+ * context;`
		`+`
		`+ (void) memset(assoc, 0, sizeof(*assoc));`
		`+ - if ((assoc->presentationContextList = LST_Create()) == NULL) return EC_MemoryExhausted;`
		`+ - if ((assoc->userInfo.SCUSCPRoleList = LST_Create()) == NULL) return EC_MemoryExhausted;`
		`+ -`
		`+ // Check if the PDU actually is long enough for the fields we read`
		`+ if (pduLength < 2 + 2 + 16 + 16 + 32)`
		`+ return makeLengthError("associate PDU", pduLength, 2 + 2 + 16 + 16 + 32);`
		`+ @@ -210,6 +208,8 @@ parseAssociate(unsigned char *buf, unsigned long pduLength,`
		`+ << "Called AP Title: " << assoc->calledAPTitle << OFendl`
		`+ << "Calling AP Title: " << assoc->callingAPTitle);`
		`+ }`
		`+ + if ((assoc->presentationContextList = LST_Create()) == NULL) return EC_MemoryExhausted;`
		`+ + if ((assoc->userInfo.SCUSCPRoleList = LST_Create()) == NULL) return EC_MemoryExhausted;`
		`+ while ((cond.good()) && (pduLength > 0))`
		`+ {`
		`+ type = *buf;`
		`+ @@ -224,44 +224,80 @@ parseAssociate(unsigned char *buf, unsigned long pduLength,`
		`+ {`
		`+ buf += itemLength;`
		`+ if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ - return makeUnderflowError("Application Context item", pduLength, itemLength);`
		`+ - DCMNET_TRACE("Successfully parsed Application Context");`
		`+ + {`
		`+ + cond = makeUnderflowError("Application Context item", pduLength, itemLength);`
		`+ + }`
		`+ + else`
		`+ + {`
		`+ + DCMNET_TRACE("Successfully parsed Application Context");`
		`+ + }`
		`+ }`
		`+ break;`
		`+ case DUL_TYPEPRESENTATIONCONTEXTRQ:`
		`+ case DUL_TYPEPRESENTATIONCONTEXTAC:`
		`+ context = (PRV_PRESENTATIONCONTEXTITEM*)malloc(sizeof(PRV_PRESENTATIONCONTEXTITEM));`
		`+ - if (context == NULL) return EC_MemoryExhausted;`
		`+ - (void) memset(context, 0, sizeof(*context));`
		`+ - cond = parsePresentationContext(type, context, buf, &itemLength, pduLength);`
		`+ - if (cond.bad()) return cond;`
		`+ - buf += itemLength;`
		`+ - if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ - return makeUnderflowError("Presentation Context item", pduLength, itemLength);`
		`+ - LST_Enqueue(&assoc->presentationContextList, (LST_NODE*)context);`
		`+ - DCMNET_TRACE("Successfully parsed Presentation Context");`
		`+ + if (context != NULL)`
		`+ + {`
		`+ + (void) memset(context, 0, sizeof(*context));`
		`+ + cond = parsePresentationContext(type, context, buf, &itemLength, pduLength);`
		`+ + if (cond.bad())`
		`+ + {`
		`+ + free(context);`
		`+ + }`
		`+ + else`
		`+ + {`
		`+ + buf += itemLength;`
		`+ + if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ + {`
		`+ + cond = makeUnderflowError("Presentation Context item", pduLength, itemLength);`
		`+ + }`
		`+ + else`
		`+ + {`
		`+ + LST_Enqueue(&assoc->presentationContextList, (LST_NODE*)context);`
		`+ + DCMNET_TRACE("Successfully parsed Presentation Context");`
		`+ + }`
		`+ + }`
		`+ + }`
		`+ + else`
		`+ + {`
		`+ + cond = EC_MemoryExhausted;`
		`+ + }`
		`+ break;`
		`+ case DUL_TYPEUSERINFO:`
		`+ // parse user info, which can contain several sub-items like User`
		`+ // Identity Negotiation or SOP Class Extended Negotiation`
		`+ cond = parseUserInfo(&assoc->userInfo, buf, &itemLength, assoc->type, pduLength);`
		`+ - if (cond.bad())`
		`+ - return cond;`
		`+ - buf += itemLength;`
		`+ - if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ - return makeUnderflowError("User Information item", pduLength, itemLength);`
		`+ - DCMNET_TRACE("Successfully parsed User Information");`
		`+ + if (cond.good())`
		`+ + {`
		`+ + buf += itemLength;`
		`+ + if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ + {`
		`+ + cond = makeUnderflowError("User Information item", pduLength, itemLength);`
		`+ + }`
		`+ + else`
		`+ + {`
		`+ + DCMNET_TRACE("Successfully parsed User Information");`
		`+ + }`
		`+ + }`
		`+ break;`
		`+ default:`
		`+ cond = parseDummy(buf, &itemLength, pduLength);`
		`+ - if (cond.bad())`
		`+ - return cond;`
		`+ - buf += itemLength;`
		`+ - if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ - return makeUnderflowError("unknown item type", pduLength, itemLength);`
		`+ + if (cond.good())`
		`+ + {`
		`+ + buf += itemLength;`
		`+ + if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength))`
		`+ + {`
		`+ + cond = makeUnderflowError("unknown item type", pduLength, itemLength);`
		`+ + }`
		`+ + }`
		`+ break;`
		`+ }`
		`+ }`
		`+ + if (cond.bad())`
		`+ + {`
		`+ + destroyPresentationContextList(&assoc->presentationContextList);`
		`+ + destroyUserInformationLists(&assoc->userInfo);`
		`+ + }`
		`+ return cond;`
		`+ }`
		`+`
		`+ @@ -409,7 +445,11 @@ parsePresentationContext(unsigned char type,`
		`+ subItem = (DUL_SUBITEM*)malloc(sizeof(DUL_SUBITEM));`
		`+ if (subItem == NULL) return EC_MemoryExhausted;`
		`+ cond = parseSubItem(subItem, buf, &length, presentationLength);`
		`+ - if (cond.bad()) return cond;`
		`+ + if (cond.bad())`
		`+ + {`
		`+ + free(subItem);`
		`+ + return cond;`
		`+ + }`
		`+ LST_Enqueue(&context->transferSyntaxList, (LST_NODE*)subItem);`
		`+ buf += length;`
		`+ if (!OFStandard::safeSubtract(presentationLength, length, presentationLength))`
		`+ @@ -530,7 +570,11 @@ parseUserInfo(DUL_USERINFO * userInfo,`
		`+ role = (PRV_SCUSCPROLE*)malloc(sizeof(PRV_SCUSCPROLE));`
		`+ if (role == NULL) return EC_MemoryExhausted;`
		`+ cond = parseSCUSCPRole(role, buf, &length, userLength);`
		`+ - if (cond.bad()) return cond;`
		`+ + if (cond.bad())`
		`+ + {`
		`+ + free(role);`
		`+ + return cond;`
		`+ + }`
		`+ LST_Enqueue(&userInfo->SCUSCPRoleList, (LST_NODE*)role);`
		`+ buf += length;`
		`+ if (!OFStandard::safeSubtract(userLength, OFstatic_cast(short unsigned int, length), userLength))`
		`+ diff --git a/dcmnet/libsrc/dulpres.cc b/dcmnet/libsrc/dulpres.cc`
		`+ index f586942e5..2ce0ed2d2 100644`
		`+ --- a/dcmnet/libsrc/dulpres.cc`
		`+ +++ b/dcmnet/libsrc/dulpres.cc`
		`+ @@ -73,7 +73,7 @@`
		`+ #include "dcmtk/dcmnet/cond.h"`
		`+ #include "dcmtk/dcmnet/lst.h"`
		`+ #include "dcmtk/dcmnet/dul.h"`
		`+ -#include "dulstruc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ #include "dulpriv.h"`
		`+ #include "dulfsm.h"`
		`+`
		`+ diff --git a/dcmnet/libsrc/helpers.cc b/dcmnet/libsrc/helpers.cc`
		`+ new file mode 100644`
		`+ index 000000000..9cd20cefc`
		`+ --- /dev/null`
		`+ +++ b/dcmnet/libsrc/helpers.cc`
		`+ @@ -0,0 +1,71 @@`
		`+ +/*`
		`+ + *`
		`+ + * Copyright (C) 2021, OFFIS e.V.`
		`+ + * All rights reserved. See COPYRIGHT file for details.`
		`+ + *`
		`+ + * This software and supporting documentation were partly developed by`
		`+ + *`
		`+ + * OFFIS e.V.`
		`+ + * R&D Division Health`
		`+ + * Escherweg 2`
		`+ + * D-26121 Oldenburg, Germany`
		`+ + *`
		`+ + *`
		`+ + * Module: dcmnet`
		`+ + *`
		`+ + * Author: Michael Onken`
		`+ + *`
		`+ + * Purpose: Collection of helper functions`
		`+ + *`
		`+ + */`
		`+ +`
		`+ +#include "dcmtk/dcmnet/helpers.h"`
		`+ +#include "dcmtk/dcmnet/lst.h"`
		`+ +#include "dcmtk/dcmnet/assoc.h"`
		`+ +#include "dcmtk/dcmnet/dulstruc.h"`
		`+ +`
		`+ +`
		`+ +void`
		`+ +destroyPresentationContextList(LST_HEAD ** l)`
		`+ +{`
		`+ + PRV_PRESENTATIONCONTEXTITEM`
		`+ + * prvCtx;`
		`+ + DUL_SUBITEM`
		`+ + * subItem;`
		`+ +`
		`+ + if (*l == NULL)`
		`+ + return;`
		`+ +`
		`+ + prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l);`
		`+ + while (prvCtx != NULL) {`
		`+ + subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList);`
		`+ + while (subItem != NULL) {`
		`+ + free(subItem);`
		`+ + subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList);`
		`+ + }`
		`+ + LST_Destroy(&prvCtx->transferSyntaxList);`
		`+ + free(prvCtx);`
		`+ + prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l);`
		`+ + }`
		`+ + LST_Destroy(l);`
		`+ +}`
		`+ +`
		`+ +void`
		`+ +destroyUserInformationLists(DUL_USERINFO * userInfo)`
		`+ +{`
		`+ + PRV_SCUSCPROLE`
		`+ + * role;`
		`+ +`
		`+ + role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList);`
		`+ + while (role != NULL) {`
		`+ + free(role);`
		`+ + role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList);`
		`+ + }`
		`+ + LST_Destroy(&userInfo->SCUSCPRoleList);`
		`+ +`
		`+ + /* extended negotiation */`
		`+ + delete userInfo->extNegList; userInfo->extNegList = NULL;`
		`+ +`
		`+ + /* user identity negotiation */`
		`+ + delete userInfo->usrIdent; userInfo->usrIdent = NULL;`
		`+ +}`
		`+ --`
		`+ 2.39.2`
		`+`

0018-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch

file added

+30

		`@@ -0,0 +1,30 @@`
		`+ From a9b26a59decc4eed13753f3e9ddd3b4ec831fc03 Mon Sep 17 00:00:00 2001`
		`+ From: Michael Onken <onken@open-connections.de>`
		`+ Date: Wed, 15 Sep 2021 09:04:12 +0200`
		`+ Subject: [PATCH 18/20] [CVE-2021-41689] Fixed possible NULL pointer`
		`+ dereference.`
		`+`
		`+ Thanks to Jinsheng Ba <bajinsheng@u.nus.edu> for the report and patch.`
		`+`
		`+ (cherry picked from commit 5c14bf53fb42ceca12bbcc0016e8704b1580920d)`
		`+ ---`
		`+ dcmnet/libsrc/diutil.cc \| 3 ++-`
		`+ 1 file changed, 2 insertions(+), 1 deletion(-)`
		`+`
		`+ diff --git a/dcmnet/libsrc/diutil.cc b/dcmnet/libsrc/diutil.cc`
		`+ index cd8152dd6..d203f5959 100644`
		`+ --- a/dcmnet/libsrc/diutil.cc`
		`+ +++ b/dcmnet/libsrc/diutil.cc`
		`+ @@ -177,7 +177,8 @@ DU_getStringDOElement(DcmItem obj, DcmTagKey t, char s, size_t bufsize)`
		`+ s[0] = '\0';`
		`+ } else {`
		`+ ec = elem->getString(aString);`
		`+ - OFStandard::strlcpy(s, aString, bufsize);`
		`+ + if (ec == EC_Normal)`
		`+ + OFStandard::strlcpy(s, aString, bufsize);`
		`+ }`
		`+ }`
		`+ return (ec == EC_Normal);`
		`+ --`
		`+ 2.39.2`
		`+`

0019-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch

file added

+53

		`@@ -0,0 +1,53 @@`
		`+ From e4a5baa6d7b20c21e4c124d462e23e8099d9e5d7 Mon Sep 17 00:00:00 2001`
		`+ From: Marco Eichelberg <dicom@offis.de>`
		`+ Date: Wed, 30 Mar 2022 18:46:02 +0200`
		`+ Subject: [PATCH 19/20] [CVE-2022-2119, CVE-2022-2120, CVE-2022-2121] Fixed`
		`+ possible NULL pointer dereference.`
		`+`
		`+ Fixed a possible NULL pointer dereference that could occur when reading an`
		`+ invalid DICOM file from stdin. Loading a file from the file system`
		`+ and receiving data over a network connection were not affected by this bug.`
		`+`
		`+ Thanks to Sharon Brizinov and Noam Moshe from Claroty Research for the`
		`+ bug report and sample file.`
		`+`
		`+ (cherry picked from commit 3e996a2749a9355c9b680fa464ecfd9ab9ff567f)`
		`+ ---`
		`+ dcmdata/libsrc/dcfilefo.cc \| 3 +++`
		`+ dcmdata/libsrc/dcitem.cc \| 6 +++++-`
		`+ 2 files changed, 8 insertions(+), 1 deletion(-)`
		`+`
		`+ diff --git a/dcmdata/libsrc/dcfilefo.cc b/dcmdata/libsrc/dcfilefo.cc`
		`+ index c1f39d670..349edf459 100644`
		`+ --- a/dcmdata/libsrc/dcfilefo.cc`
		`+ +++ b/dcmdata/libsrc/dcfilefo.cc`
		`+ @@ -733,6 +733,9 @@ OFCondition DcmFileFormat::readUntilTag(DcmInputStream &inStream,`
		`+ errorFlag = metaInfo->read(inStream, EXS_Unknown, glenc, maxReadLength);`
		`+ }`
		`+`
		`+ + // bail out if the meta-header is still incomplete or an error occured`
		`+ + if (errorFlag.bad()) return errorFlag;`
		`+ +`
		`+ // determine xfer from tag (0002,0010) in the meta header`
		`+ newxfer = lookForXfer(metaInfo);`
		`+ if ((FileReadMode == ERM_fileOnly) \|\| (FileReadMode == ERM_metaOnly))`
		`+ diff --git a/dcmdata/libsrc/dcitem.cc b/dcmdata/libsrc/dcitem.cc`
		`+ index 49b385c92..9832488f7 100644`
		`+ --- a/dcmdata/libsrc/dcitem.cc`
		`+ +++ b/dcmdata/libsrc/dcitem.cc`
		`+ @@ -1418,7 +1418,11 @@ OFCondition DcmItem::readUntilTag(DcmInputStream & inStream,`
		`+ /* tag and length (and possibly VR) information as well as maybe some data */`
		`+ /* data value information. We need to continue reading the data value */`
		`+ /* information for this particular element. */`
		`+ - errorFlag = elementList->get()->read(inStream, xfer, glenc, maxReadLength);`
		`+ + DcmObject *dO = elementList->get();`
		`+ + if (dO)`
		`+ + errorFlag = dO->read(inStream, xfer, glenc, maxReadLength);`
		`+ + else errorFlag = EC_InternalError; // should never happen`
		`+ +`
		`+ /* if reading was successful, we read the entire information */`
		`+ /* for this element; hence lastElementComplete is true */`
		`+ if (errorFlag.good())`
		`+ --`
		`+ 2.39.2`
		`+`

0020-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch

file added

+53

		`@@ -0,0 +1,53 @@`
		`+ From cbac0907d33a9cc7e7e7df0189814971f2e039bc Mon Sep 17 00:00:00 2001`
		`+ From: Marco Eichelberg <dicom@offis.de>`
		`+ Date: Thu, 9 Jun 2022 10:03:38 +0200`
		`+ Subject: [PATCH 20/20] [CVE-2022-43272] Fixed memory leak in single process`
		`+ mode.`
		`+`
		`+ Fixed a memory leak in dcmqrscp's single process mode.`
		`+`
		`+ Thanks to <songxiangpu@mail.sdu.edu.cn> for the bug report and test data.`
		`+`
		`+ (cherry picked from commit c34f4e46e672ad21accf04da0dc085e43be6f5e1)`
		`+ ---`
		`+ dcmqrdb/libsrc/dcmqrsrv.cc \| 22 +++++++++-------------`
		`+ 1 file changed, 9 insertions(+), 13 deletions(-)`
		`+`
		`+ diff --git a/dcmqrdb/libsrc/dcmqrsrv.cc b/dcmqrdb/libsrc/dcmqrsrv.cc`
		`+ index 7f01409c5..1702fa460 100644`
		`+ --- a/dcmqrdb/libsrc/dcmqrsrv.cc`
		`+ +++ b/dcmqrdb/libsrc/dcmqrsrv.cc`
		`+ @@ -1112,21 +1112,17 @@ OFCondition DcmQueryRetrieveSCP::waitForAssociation(T_ASC_Network * theNet)`
		`+ #endif`
		`+ }`
		`+`
		`+ - // cleanup code`
		`+ + // clean-up association`
		`+ OFCondition oldcond = cond; /* store condition flag for later use */`
		`+ - if (!options_.singleProcess_ && (cond != ASC_SHUTDOWNAPPLICATION))`
		`+ + cond = ASC_dropAssociation(assoc);`
		`+ + if (cond.bad())`
		`+ {`
		`+ - /* the child will handle the association, we can drop it */`
		`+ - cond = ASC_dropAssociation(assoc);`
		`+ - if (cond.bad())`
		`+ - {`
		`+ - DCMQRDB_ERROR("Cannot Drop Association: " << DimseCondition::dump(temp_str, cond));`
		`+ - }`
		`+ - cond = ASC_destroyAssociation(&assoc);`
		`+ - if (cond.bad())`
		`+ - {`
		`+ - DCMQRDB_ERROR("Cannot Destroy Association: " << DimseCondition::dump(temp_str, cond));`
		`+ - }`
		`+ + DCMQRDB_ERROR("Cannot Drop Association: " << DimseCondition::dump(temp_str, cond));`
		`+ + }`
		`+ + cond = ASC_destroyAssociation(&assoc);`
		`+ + if (cond.bad())`
		`+ + {`
		`+ + DCMQRDB_ERROR("Cannot Destroy Association: " << DimseCondition::dump(temp_str, cond));`
		`+ }`
		`+`
		`+ if (oldcond == ASC_SHUTDOWNAPPLICATION) cond = oldcond; /* abort flag is reported to top-level wait loop */`
		`+ --`
		`+ 2.39.2`
		`+`

dcmtk.spec

file modified

+47 -18

		`@@ -1,28 +1,44 @@`
		`+ %bcond_with charls2`
		`+`
		`Name: dcmtk`
		`Summary: Offis DICOM Toolkit (DCMTK)`
		`Version: 3.6.4`
		`- Release: 10%{?dist}`
		`+ Release: 11%{?dist}`
		`License: BSD`
		`Source0: ftp://dicom.offis.de/pub/dicom/offis/software/dcmtk/dcmtk364/dcmtk-3.6.4.tar.gz`
		`URL: http://dicom.offis.de/dcmtk.php.en`

		`- Patch0: 0001-3.6.4-Use-system-CharLS-include.patch`
		`- Patch1: 0002-3.6.4-Add-FindCharLS.patch`
		`- Patch2: 0003-3.6.4-Find-and-include-CharLS.patch`
		`- Patch3: 0004-3.6.4-Use-cmake-suggested-locations-for-CharLS.patch`
		`- Patch4: 0005-3.6.4-Correct-CharLS-API-call.patch`
		`- Patch5: 0006-3.6.4-Remove-reference-to-bundled-CharLS.patch`
		`- Patch6: 0007-3.6.4-Update-JLS_ERROR-to-jpegls_error-in-CharLS-usa.patch`
		`- Patch7: 0008-3.6.4-correct-JpegLsReadHeader-arguments.patch`
		`- Patch8: 0009-3.6.4-update-JlsParameters-for-new-CharLS.patch`
		`- Patch9: 0010-3.6.4-correct-JpegLsDecode-arguments-for-CharLS-2.patch`
		`- Patch10: 0011-3.6.4-update-ilv-for-new-CharLS.patch`
		`- Patch11: 0012-3.6.4-Correct-extra-include-for-CharLS.patch`
		`- Patch12: 0013-3.6.4-Update-errors-to-use-enum-class-in-CharLS-2.patch`
		`- Patch13: 0014-3.6.4-define-BYTE-for-CharLS.patch`
		`- Patch14: 0015-3.6.4-Update-colorTransformation-for-CharLS-2.patch`
		`- Patch15: 0016-3.6.4-Update-JpegLsEncode-for-CharLS-2.patch`
		`-`
		`+ # Downstream fixes`
		`+ # Use bundled charls version and wait until upstream ports to new charls version`
		`+ # charls version 2 includes a regression: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923433`
		`+ %if %{with charls2}`
		`+ Patch0: 0001-Use-system-CharLS-include.patch`
		`+ Patch1: 0002-Add-FindCharLS.patch`
		`+ Patch2: 0003-Find-and-include-CharLS.patch`
		`+ Patch3: 0004-Use-cmake-suggested-locations-for-CharLS.patch`
		`+ Patch4: 0005-Correct-CharLS-API-call.patch`
		`+ Patch5: 0006-Remove-reference-to-bundled-CharLS.patch`
		`+ Patch6: 0007-Update-JLS_ERROR-to-jpegls_error-in-CharLS-usage.patch`
		`+ Patch7: 0008-Correct-JpegLsReadHeader-arguments.patch`
		`+ Patch8: 0009-Update-JlsParameters-for-new-CharLS.patch`
		`+ Patch9: 0010-Correct-JpegLsDecode-arguments-for-CharLS-2.patch`
		`+ Patch10: 0011-Update-ilv-for-new-CharLS.patch`
		`+ Patch11: 0012-Correct-extra-include-for-CharLS.patch`
		`+ Patch12: 0013-Update-errors-to-use-enum-class-in-CharLS-2.patch`
		`+ Patch13: 0014-Define-BYTE-for-CharLS.patch`
		`+ Patch14: 0015-Update-colorTransformation-for-CharLS-2.patch`
		`+ Patch15: 0016-Update-JpegLsEncode-for-CharLS-2.patch`
		`+ %endif`
		`+`
		`+ # Upstream fixes`
		`+ # https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb`
		`+ Patch16: 0017-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch`
		`+ # https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d`
		`+ Patch17: 0018-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch`
		`+ # https://github.com/DCMTK/dcmtk/commit/3e996a2749a9355c9b680fa464ecfd9ab9ff567f`
		`+ Patch18: 0019-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch`
		`+ # https://github.com/DCMTK/dcmtk/commit/c34f4e46e672ad21accf04da0dc085e43be6f5e1`
		`+ Patch19: 0020-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch`

		`BuildRequires: gcc`
		`BuildRequires: gcc-c++`
		`@@ -34,7 +50,9 @@`
		`BuildRequires: libxml2-devel`
		`BuildRequires: openssl-devel >= 1.0.1`
		`BuildRequires: zlib-devel`
		`+ %if %{with charls2}`
		`BuildRequires: CharLS-devel >= 2.0.0`
		`+ %endif`
		`BuildRequires: doxygen`

		`%description`
		`@@ -52,7 +70,9 @@`
		`%package devel`
		`Summary: Development Libraries and Headers for dcmtk`
		`Requires: %{name}%{?_isa} = %{version}-%{release}`
		`+ %if %{with charls2}`
		`Requires: CharLS-devel%{?_isa}`
		`+ %endif`
		`Requires: libpng-devel%{?_isa}`
		`Requires: libtiff-devel%{?_isa}`

		`@@ -63,8 +83,10 @@`
		`%prep`
		`%autosetup -n %{name}-%{version} -p1 -S git`

		`+ %if %{with charls2}`
		`# Remove bundled libraries`
		`rm -rf dcmjpls/libcharls/`
		`+ %endif`

		`# Fix permissions`
		`find . -type f -name "*.h" -exec chmod 0644 '{}' \;`
		`@@ -129,6 +151,13 @@`
		`%{_libdir}/cmake/%{name}/`

		`%changelog`
		`+ * Thu Mar 02 2023 Carl George <carl@george.computer> - 3.6.4-11`
		`+ - Backport fix for CVE-2021-41687/CVE-2021-41688/CVE-2021-41690, resolves rhbz#2106336/rhbz#2106315/rhbz#2106332`
		`+ - Backport fix for CVE-2021-41689, resolves rhbz#2106340`
		`+ - Backport fix for CVE-2022-2119/CVE-2022-2120/CVE-2022-2121, resolves rhbz#2173039/rhbz#2173042/rhbz#2173045`
		`+ - Backport fix for CVE-2022-43272, resolves rhbz#2150931`
		`+ - Use bundled charls (Ankur Sinha)`
		`+`
		`* Mon Apr 12 2021 Benjamin A. Beasley <code@musicinmybrain.net> - 3.6.4-10`
		`- Fix RHBZ#1827255 (Manual pages installed at the wrong path)`

carlwgeorge commented 6 months ago

This PR is mainly to backport multiple CVE fixes, but has a few additional commits. The first commit cleans up existing patch files to work as a series with the new patches. The next commit has CVE fixes backported from upstream. Finally the last commit is a change brought in from Fedora to use the bundled charls v1.

Resolves CVE-2021-41687/CVE-2021-41688/CVE-2021-41690, rhbz#2106336/rhbz#2106315/rhbz#2106332
Resolves CVE-2021-41689, rhbz#2106340
Resolves CVE-2022-2119/CVE-2022-2120/CVE-2022-2121, rhbz#2173039/rhbz#2173042/rhbz#2173045
Resolves CVE-2022-43272, rhbz#2150931

ankursinha commented 6 months ago

I think I inherited the epel branches when I took over the package after it was orphaned, but I don't usually look after EL (since I don't use it and don't have any machines to test on). Would you like to maintain the EL branches @carlwgeorge , if you use them?

carlwgeorge commented 6 months ago

I don't actually use this software myself. I was reviewing open CVE bugs for EPEL (see https://tdawson.fedorapeople.org/epel/willit/epel8/status-bugz-cve.html) and noticed this package had multiple high/critical CVEs open. I'm not looking to become a maintainer of the package directly, I just wanted to help resolve these CVEs to improve EPEL's overall security posture. While researching the EPEL fixes I realized I could also help with that one fix for the Fedora branches.

If you need help with the EPEL branches, you could add the epel-packagers-sig group as a collaborator on epel* branches (or just a regular committer). The members are folks like me that are happy to help with EPEL related things, especially branching packages for new EPEL releases and backporting CVE fixes.

ankursinha commented 6 months ago

Thanks, I've added the epel-packagers-sig as a collaborator now. I'll see if we can get some idea of whether this package is really being used in epel etc. later.

Pull-Request has been merged by carlwgeorge

6 months ago