PR#13: Apply security patches - rpms/gdcm

rpms / gdcm

#13 Apply security patches

Merged a month ago by gui1ty. Opened a month ago by gui1ty.

rpms/ gui1ty/gdcm talos into rawhide

Apply security patches

Sandro • a month ago

cffae21

TALOS-2024-1924.patch

file added

+63

		`@@ -0,0 +1,63 @@`
		`+ From 21a793095ab3aecb794c56439873e5b181ea9d91 Mon Sep 17 00:00:00 2001`
		`+ From: Mathieu Malaterre <mathieu.malaterre@gmail.com>`
		`+ Date: Wed, 21 Feb 2024 02:00:38 -0800`
		`+ Subject: [PATCH] Remove symptoms of TALOS-2024-1924`
		`+`
		`+`
		`+ diff --git a/Source/DataStructureAndEncodingDefinition/gdcmElement.h b/Source/DataStructureAndEncodingDefinition/gdcmElement.h`
		`+ index b49b093dc..15fb3a117 100644`
		`+ --- a/Source/DataStructureAndEncodingDefinition/gdcmElement.h`
		`+ +++ b/Source/DataStructureAndEncodingDefinition/gdcmElement.h`
		`+ @@ -473,7 +473,7 @@ public:`
		`+ assert( _is ); // Is stream valid ?`
		`+ _is.read( reinterpret_cast<char*>(data+0), type_size);`
		`+ for(unsigned long i=1; i<length; ++i) {`
		`+ - assert( _is );`
		`+ + if( _is )`
		`+ _is.read( reinterpret_cast<char*>(data+i), type_size );`
		`+ }`
		`+ //ByteSwap<T>::SwapRangeFromSwapCodeIntoSystem(data,`
		`+ @@ -489,7 +489,7 @@ public:`
		`+ assert( _is ); // Is stream valid ?`
		`+ _is.read( reinterpret_cast<char*>(data+0), type_size);`
		`+ for(unsigned long i=1; i<length; ++i) {`
		`+ - assert( _is );`
		`+ + if( _is )`
		`+ _is.read( reinterpret_cast<char*>(data+i), type_size );`
		`+ }`
		`+ //ByteSwap<T>::SwapRangeFromSwapCodeIntoSystem(data,`
		`+ diff --git a/Source/MediaStorageAndFileFormat/gdcmLookupTable.cxx b/Source/MediaStorageAndFileFormat/gdcmLookupTable.cxx`
		`+ index 0d5a99c40..2c566923b 100644`
		`+ --- a/Source/MediaStorageAndFileFormat/gdcmLookupTable.cxx`
		`+ +++ b/Source/MediaStorageAndFileFormat/gdcmLookupTable.cxx`
		`+ @@ -130,7 +130,10 @@ void LookupTable::SetLUT(LookupTableType type, const unsigned char *array,`
		`+`
		`+ if( !IncompleteLUT )`
		`+ {`
		`+ - assert( Internal->RGB.size() == 3Internal->Length[type](BitSample/8) );`
		`+ + if( Internal->RGB.size() != 3Internal->Length[type](BitSample/8) ) {`
		`+ + gdcmErrorMacro( "Invalid length for LUT data" );`
		`+ + return;`
		`+ + }`
		`+ }`
		`+ // Too funny: 05115014-mr-siemens-avanto-syngo-with-palette-icone.dcm`
		`+ // There is pseudo PALETTE_COLOR LUT in the Icon, if one look carefully the LUT values`
		`+ diff --git a/Source/MediaStorageAndFileFormat/gdcmPixmapReader.cxx b/Source/MediaStorageAndFileFormat/gdcmPixmapReader.cxx`
		`+ index 9c30ff8b9..258a23c1f 100644`
		`+ --- a/Source/MediaStorageAndFileFormat/gdcmPixmapReader.cxx`
		`+ +++ b/Source/MediaStorageAndFileFormat/gdcmPixmapReader.cxx`
		`+ @@ -306,8 +306,12 @@ static void DoIconImage(const DataSet& rootds, Pixmap& image)`
		`+ unsigned long check =`
		`+ (el_us3.GetValue(0) ? el_us3.GetValue(0) : 65536)`
		`+ * el_us3.GetValue(2) / 8;`
		`+ - assert( check == lut_raw->GetLength() \|\| 2 * check == lut_raw->GetLength()`
		`+ - \|\| check + 1 == lut_raw->GetLength() ); (void)check;`
		`+ + if(!( check == lut_raw->GetLength() \|\| 2 * check == lut_raw->GetLength()`
		`+ + \|\| check + 1 == lut_raw->GetLength() )) {`
		`+ + gdcmErrorMacro( "Icon Sequence is invalid. Giving up" );`
		`+ + pixeldata.Clear();`
		`+ + return;`
		`+ + }`
		`+ }`
		`+ else if( ds.FindDataElement( seglut ) )`
		`+ {`

TALOS-2024-1935.patch

file added

+38

		`@@ -0,0 +1,38 @@`
		`+ From 371c2d937e37b08a46eeb0628c553ce4608a45df Mon Sep 17 00:00:00 2001`
		`+ From: Mathieu Malaterre <mathieu.malaterre@gmail.com>`
		`+ Date: Wed, 21 Feb 2024 02:18:35 -0800`
		`+ Subject: [PATCH] Remove symptoms from TALOS-2024-1935`
		`+`
		`+`
		`+ diff --git a/Source/MediaStorageAndFileFormat/gdcmImageChangeTransferSyntax.cxx b/Source/MediaStorageAndFileFormat/gdcmImageChangeTransferSyntax.cxx`
		`+ index fcb61e611..9457c5e9b 100644`
		`+ --- a/Source/MediaStorageAndFileFormat/gdcmImageChangeTransferSyntax.cxx`
		`+ +++ b/Source/MediaStorageAndFileFormat/gdcmImageChangeTransferSyntax.cxx`
		`+ @@ -421,6 +421,7 @@ bool ImageChangeTransferSyntax::Change()`
		`+ if( !b )`
		`+ {`
		`+ gdcmErrorMacro( "Error in getting buffer from input image." );`
		`+ + delete bv0;`
		`+ return false;`
		`+ }`
		`+ pixeldata.SetValue( *bv0 );`
		`+ diff --git a/Source/MediaStorageAndFileFormat/gdcmJPEG2000Codec.cxx b/Source/MediaStorageAndFileFormat/gdcmJPEG2000Codec.cxx`
		`+ index 10ac23cca..430a24a87 100644`
		`+ --- a/Source/MediaStorageAndFileFormat/gdcmJPEG2000Codec.cxx`
		`+ +++ b/Source/MediaStorageAndFileFormat/gdcmJPEG2000Codec.cxx`
		`+ @@ -826,8 +826,13 @@ std::pair<char , size_t> JPEG2000Codec::DecodeByStreamsCommon(char dummy_buffe`
		`+`
		`+ // ELSCINT1_JP2vsJ2K.dcm`
		`+ // -> prec = 12, bpp = 0, sgnd = 0`
		`+ - //assert( wr == Dimensions[0] );`
		`+ - //assert( hr == Dimensions[1] );`
		`+ + if( wr != Dimensions[0] \|\| hr != Dimensions[1] ) {`
		`+ + gdcmErrorMacro("Invalid dimension");`
		`+ + delete[] raw;`
		`+ + opj_destroy_codec(dinfo);`
		`+ + opj_image_destroy(image);`
		`+ + return std::pair<char*,size_t>(nullptr,0);`
		`+ + }`
		`+ if( comp->sgnd != PF.GetPixelRepresentation() )`
		`+ {`
		`+ PF.SetPixelRepresentation( (uint16_t)comp->sgnd );`

TALOS-2024-1944.patch

file added

+36

		`@@ -0,0 +1,36 @@`
		`+ From dda17aa8d5939e4e255ebba67aacf34b09d88692 Mon Sep 17 00:00:00 2001`
		`+ From: Mathieu Malaterre <mathieu.malaterre@gmail.com>`
		`+ Date: Wed, 21 Feb 2024 02:44:55 -0800`
		`+ Subject: [PATCH] Remove symptoms from TALOS-2024-1944`
		`+`
		`+`
		`+ diff --git a/Source/MediaStorageAndFileFormat/gdcmRAWCodec.cxx b/Source/MediaStorageAndFileFormat/gdcmRAWCodec.cxx`
		`+ index 19f739399..46392461e 100644`
		`+ --- a/Source/MediaStorageAndFileFormat/gdcmRAWCodec.cxx`
		`+ +++ b/Source/MediaStorageAndFileFormat/gdcmRAWCodec.cxx`
		`+ @@ -112,9 +112,7 @@ bool RAWCodec::DecodeBytes(const char* inBytes, size_t inBufferLength,`
		`+ if(!r) return false;`
		`+`
		`+ std::string str = os.str();`
		`+ - //std::string::size_type check = str.size();//unused`
		`+`
		`+ -`
		`+ if( this->GetPixelFormat() == PixelFormat::UINT12 \|\|`
		`+ this->GetPixelFormat() == PixelFormat::INT12 )`
		`+ {`
		`+ @@ -135,7 +133,14 @@ bool RAWCodec::DecodeBytes(const char* inBytes, size_t inBufferLength,`
		`+ // DermaColorLossLess.dcm`
		`+ //assert (check == inOutBufferLength \|\| check == inOutBufferLength + 1);`
		`+ // problem with: SIEMENS_GBS_III-16-ACR_NEMA_1.acr`
		`+ - memcpy(outBytes, str.c_str(), inOutBufferLength);`
		`+ + size_t len = str.size();`
		`+ + if( inOutBufferLength <= len )`
		`+ + memcpy(outBytes, str.c_str(), inOutBufferLength);`
		`+ + else`
		`+ + {`
		`+ + gdcmWarningMacro( "Requesting too much data. Truncating result" );`
		`+ + memcpy(outBytes, str.c_str(), len);`
		`+ + }`
		`+ }`
		`+`
		`+ return r;`

gdcm.spec

file modified

		`@@ -24,6 +24,12 @@`
		`Patch2: 0002-Fix-export-variables.patch`
		`# Python 3.13: Replace deprecated PyEval_CallObject()`
		`Patch3: https://github.com/malaterre/GDCM/pull/171.patch`
		`+ # TALOS-2024-1924: https://bugzilla.redhat.com/show_bug.cgi?id=2277288`
		`+ Patch4: TALOS-2024-1924.patch`
		`+ # TALOS-2024-1935: https://bugzilla.redhat.com/show_bug.cgi?id=2277292`
		`+ Patch5: TALOS-2024-1935.patch`
		`+ # TALOS-2024-1944: https://bugzilla.redhat.com/show_bug.cgi?id=2277296`
		`+ Patch6: TALOS-2024-1944.patch`

		`BuildRequires: CharLS-devel >= 2.2`
		`BuildRequires: cmake`