Hello community, here is the log from the commit of package OpenSceneGraph for openSUSE:Factory checked in at 2017-08-28 15:16:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/OpenSceneGraph (Old) and /work/SRC/openSUSE:Factory/.OpenSceneGraph.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "OpenSceneGraph" Mon Aug 28 15:16:14 2017 rev:3 rq:518702 version:3.4.0 Changes: -------- --- /work/SRC/openSUSE:Factory/OpenSceneGraph/OpenSceneGraph.changes 2017-02-19 01:03:02.382660916 +0100 +++ /work/SRC/openSUSE:Factory/.OpenSceneGraph.new/OpenSceneGraph.changes 2017-08-28 15:17:43.504006085 +0200 @@ -1,0 +2,8 @@ +Sat Aug 19 17:20:07 UTC 2017 - stefan.bruens@rwth-aachen.de + +- Add 8e26ebd23ef9_Fixed_coverity_detected_defect_OOB_read.patch + Fix out-of-bound-read, also required for the next patch to apply +- Add 01c712e85195_Explicit_signed_char_declarations.patch + Fix compilation on architectures where char is unsigned + +------------------------------------------------------------------- New: ---- 01c712e85195_Explicit_signed_char_declarations.patch 8e26ebd23ef9_Fixed_coverity_detected_defect_OOB_read.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ OpenSceneGraph.spec ++++++ --- /var/tmp/diff_new_pack.Gm1Hph/_old 2017-08-28 15:17:44.583854346 +0200 +++ /var/tmp/diff_new_pack.Gm1Hph/_new 2017-08-28 15:17:44.615849850 +0200 @@ -33,6 +33,10 @@ Url: http://openscenegraph.org/projects/osg Source0: http://www.openscenegraph.org/downloads/stable_releases/OpenSceneGraph-%{version}/source/%{name}-%{version}.zip Source99: %{name}-rpmlintrc +# PATCH-FIX-UPSTREAM 8e26ebd23ef9_Fixed_coverity_detected_defect_OOB_read.patch -- Fix out-of-bound-read, also required for the next patch to apply +Patch0: 8e26ebd23ef9_Fixed_coverity_detected_defect_OOB_read.patch +# PATCH-FIX-UPSTREAM 01c712e85195_Explicit_signed_char_declarations.patch -- compilation fix for e.g. ARM, PPC +Patch1: 01c712e85195_Explicit_signed_char_declarations.patch BuildRequires: cmake BuildRequires: curl-devel BuildRequires: fltk-devel @@ -179,6 +183,8 @@ %prep %setup -q +%patch0 -p1 +%patch1 -p1 for file in *.txt ChangeLog; do sed -i "s/\r//g" "$file" done ++++++ 01c712e85195_Explicit_signed_char_declarations.patch ++++++
From 01c712e85195803993acb1d7712796cf494943c6 Mon Sep 17 00:00:00 2001 From: Alberto Luaces <aluaces@udc.es> Date: Sat, 24 Sep 2016 12:33:37 +0200 Subject: [PATCH] Explicit signed char declarations for portability.
Some platforms (ARM, PowerPC, s390x) have "unsigned char" as the default char type, and thus the build fails for certain parts of the code where negative values are assigned to those kind of variables. --- src/osgDB/ConvertBase64.cpp | 2 +- src/osgPlugins/osgjs/Base64 | 2 +- src/osgPlugins/osgjs/Base64.cpp | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/osgDB/ConvertBase64.cpp b/src/osgDB/ConvertBase64.cpp index 8a2f59e5a0..7cffbefbde 100644 --- a/src/osgDB/ConvertBase64.cpp +++ b/src/osgDB/ConvertBase64.cpp @@ -28,7 +28,7 @@ namespace osgDB int base64_decode_value(char value_in) { - static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; + static const signed char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; static const char decoding_size = sizeof(decoding); value_in -= 43; if (value_in < 0 || value_in >= decoding_size) return -1; diff --git a/src/osgPlugins/osgjs/Base64 b/src/osgPlugins/osgjs/Base64 index 6d1becc1c9..acac893fca 100644 --- a/src/osgPlugins/osgjs/Base64 +++ b/src/osgPlugins/osgjs/Base64 @@ -61,7 +61,7 @@ namespace base64 extern const char* to_table; extern const char* to_table_end; - extern const char* from_table; + extern const signed char* from_table; template <class InputIterator, class OutputIterator> diff --git a/src/osgPlugins/osgjs/Base64.cpp b/src/osgPlugins/osgjs/Base64.cpp index 227b6b1a38..73e2e1f5ee 100644 --- a/src/osgPlugins/osgjs/Base64.cpp +++ b/src/osgPlugins/osgjs/Base64.cpp @@ -18,7 +18,7 @@ namespace base64 const char* to_table_end = _to_table + sizeof(_to_table); - const char _from_table[128] = + const signed char _from_table[128] = { -1, -1, -1, -1, -1, -1, -1, -1, // 0 -1, -1, -1, -1, -1, -1, -1, -1, // 8 @@ -37,6 +37,6 @@ namespace base64 41, 42, 43, 44, 45, 46, 47, 48, // 112 49, 50, 51, -1, -1, -1, -1, -1 // 120 }; - const char* from_table = _from_table; + const signed char* from_table = _from_table; } ++++++ 8e26ebd23ef9_Fixed_coverity_detected_defect_OOB_read.patch ++++++
From 8e26ebd23ef9c1184464712cf8559a1854e6cad7 Mon Sep 17 00:00:00 2001 From: Robert Osfield <robert@openscenegraph.com> Date: Fri, 17 Jun 2016 10:57:17 +0100 Subject: [PATCH] =?UTF-8?q?Fixed=20coverity=20detected=20defect:=20Incorre?= =?UTF-8?q?ct=20values=20read=20from=20a=20different=20memory=20region=20w?= =?UTF-8?q?ill=20cause=20incorrect=20computations.=20In=20osgDB::=E2=80=8B?= =?UTF-8?q?base64=5Fdecode=5Fvalue(char):=20Out-of-bounds=20read=20from=20?= =?UTF-8?q?a=20buffer?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
--- src/osgDB/ConvertBase64.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/osgDB/ConvertBase64.cpp b/src/osgDB/ConvertBase64.cpp index 50befdf66d..3f5c1c7e83 100644 --- a/src/osgDB/ConvertBase64.cpp +++ b/src/osgDB/ConvertBase64.cpp @@ -31,7 +31,7 @@ namespace osgDB static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; static const char decoding_size = sizeof(decoding); value_in -= 43; - if (value_in < 0 || value_in > decoding_size) return -1; + if (value_in < 0 || value_in >= decoding_size) return -1; return decoding[(int)value_in]; }