Compare commits
1 Commits
Author | SHA1 | Date |
---|---|---|
Sandro Mani | e9bcab1d2d |
25
liblas.spec
25
liblas.spec
|
@ -1,20 +1,36 @@
|
|||
Name: liblas
|
||||
Version: 1.8.1
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
Summary: Library for reading and writing the very common LAS LiDAR format
|
||||
|
||||
License: BSD and Boost
|
||||
URL: https://www.liblas.org
|
||||
Source0: https://download.osgeo.org/%{name}/libLAS-%{version}.tar.bz2
|
||||
# https://github.com/libLAS/libLAS/issues/140 for both:
|
||||
Patch0001: https://gitweb.gentoo.org/repo/gentoo.git/plain/sci-geosciences/liblas/files/liblas-1.8.1-fix-overload-call.patch
|
||||
Patch0002: https://gitweb.gentoo.org/repo/gentoo.git/plain/sci-geosciences/liblas/files/liblas-1.8.0_remove-std-c++98.patch
|
||||
Patch0001: liblas-1.8.1-fix-overload-call.patch
|
||||
Patch0002: liblas-1.8.0_remove-std-c++98.patch
|
||||
# Fix build against recent gdal3+
|
||||
# https://github.com/libLAS/libLAS/issues/164
|
||||
# From https://github.com/OSGeo/gdal/blob/master/gdal/MIGRATION_GUIDE.TXT:
|
||||
# removal of OSRFixup() and OSRFixupOrdering(): no longer needed since objects constructed are always valid
|
||||
Patch0003: liblas_gdal3.patch
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1652609
|
||||
# https://github.com/libLAS/libLAS/issues/159
|
||||
Patch0004: liblas_CVE-2018-20539.patch
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1652611
|
||||
# https://github.com/libLAS/libLAS/issues/160
|
||||
Patch0005: liblas_CVE-2018-20537.patch
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1652610
|
||||
# https://github.com/libLAS/libLAS/issues/161
|
||||
Patch0006: liblas_CVE-2018-20536.patch
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1652612
|
||||
# https://github.com/libLAS/libLAS/issues/181
|
||||
Patch0007: liblas_CVE-2018-20540.patch
|
||||
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: boost-devel >= 1.53
|
||||
BuildRequires: cmake
|
||||
|
@ -93,6 +109,9 @@ make %{?_smp_mflags}
|
|||
%{_bindir}/*
|
||||
|
||||
%changelog
|
||||
* Tue Apr 14 2020 Sandro Mani <manisandro@gmail.com> - 1.8.1-5
|
||||
- Add patches for CVE-2018-20539, CVE-2018-20537, CVE-2018-20536, CVE-2018-20540
|
||||
|
||||
* Tue Mar 03 2020 Sandro Mani <manisandro@gmail.com> - 1.8.1-4
|
||||
- Rebuild (gdal)
|
||||
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
diff -rupN --no-dereference libLAS-1.8.1/src/spatialreference.cpp libLAS-1.8.1-new/src/spatialreference.cpp
|
||||
--- libLAS-1.8.1/src/spatialreference.cpp 2020-04-14 20:19:49.253097047 +0200
|
||||
+++ libLAS-1.8.1-new/src/spatialreference.cpp 2020-04-14 20:19:49.255097046 +0200
|
||||
@@ -519,8 +519,9 @@ const GTIF* SpatialReference::GetGTIF()
|
||||
// The '+ 1' accounts for the header itself.
|
||||
int count = (header->numKeys + 1) * 4;
|
||||
short *data_s = reinterpret_cast<short *>( &(data[0]));
|
||||
-
|
||||
- ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
|
||||
+ if(std::size_t(count) <= data.size() / sizeof(short)) {
|
||||
+ ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
diff -rupN --no-dereference libLAS-1.8.1/src/spatialreference.cpp libLAS-1.8.1-new/src/spatialreference.cpp
|
||||
--- libLAS-1.8.1/src/spatialreference.cpp 2020-04-14 20:19:49.228097062 +0200
|
||||
+++ libLAS-1.8.1-new/src/spatialreference.cpp 2020-04-14 20:19:49.230097061 +0200
|
||||
@@ -525,14 +525,14 @@ const GTIF* SpatialReference::GetGTIF()
|
||||
}
|
||||
|
||||
if (uid == record.GetUserId(true).c_str() &&
|
||||
- 34736 == record.GetRecordId())
|
||||
+ 34736 == record.GetRecordId() && !data.empty())
|
||||
{
|
||||
int count = data.size() / sizeof(double);
|
||||
ST_SetKey(m_tiff, record.GetRecordId(), count, STT_DOUBLE, &(data[0]));
|
||||
}
|
||||
|
||||
if (uid == record.GetUserId(true).c_str() &&
|
||||
- 34737 == record.GetRecordId())
|
||||
+ 34737 == record.GetRecordId() && !data.empty())
|
||||
{
|
||||
int count = data.size()/sizeof(uint8_t);
|
||||
ST_SetKey(m_tiff, record.GetRecordId(), count, STT_ASCII, &(data[0]));
|
|
@ -0,0 +1,24 @@
|
|||
diff -rupN --no-dereference libLAS-1.8.1/src/spatialreference.cpp libLAS-1.8.1-new/src/spatialreference.cpp
|
||||
--- libLAS-1.8.1/src/spatialreference.cpp 2016-08-22 15:06:34.000000000 +0200
|
||||
+++ libLAS-1.8.1-new/src/spatialreference.cpp 2020-04-14 20:19:49.206097075 +0200
|
||||
@@ -513,12 +513,15 @@ const GTIF* SpatialReference::GetGTIF()
|
||||
#pragma pack(pop)
|
||||
|
||||
ShortKeyHeader *header = (ShortKeyHeader *)data.data();
|
||||
- // Calculate the number of shorts in the VLR data.
|
||||
- // The '+ 1' accounts for the header itself.
|
||||
- int count = (header->numKeys + 1) * 4;
|
||||
- short *data_s = reinterpret_cast<short *>( &(data[0]));
|
||||
+ if (header)
|
||||
+ {
|
||||
+ // Calculate the number of shorts in the VLR data.
|
||||
+ // The '+ 1' accounts for the header itself.
|
||||
+ int count = (header->numKeys + 1) * 4;
|
||||
+ short *data_s = reinterpret_cast<short *>( &(data[0]));
|
||||
|
||||
- ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
|
||||
+ ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
|
||||
+ }
|
||||
}
|
||||
|
||||
if (uid == record.GetUserId(true).c_str() &&
|
|
@ -0,0 +1,24 @@
|
|||
diff -rupN --no-dereference libLAS-1.8.1/include/liblas/liblas.hpp libLAS-1.8.1-new/include/liblas/liblas.hpp
|
||||
--- libLAS-1.8.1/include/liblas/liblas.hpp 2016-08-22 15:06:34.000000000 +0200
|
||||
+++ libLAS-1.8.1-new/include/liblas/liblas.hpp 2020-04-14 20:19:49.281097031 +0200
|
||||
@@ -121,12 +121,18 @@ inline std::istream* Open(std::string co
|
||||
namespace io = boost::iostreams;
|
||||
io::stream<io::file_source>* ifs = new io::stream<io::file_source>();
|
||||
ifs->open(filename.c_str(), mode);
|
||||
- if (ifs->is_open() == false) return NULL;
|
||||
+ if (ifs->is_open() == false) {
|
||||
+ delete ifs;
|
||||
+ return NULL;
|
||||
+ }
|
||||
return ifs;
|
||||
#else
|
||||
std::ifstream* ifs = new std::ifstream();
|
||||
ifs->open(filename.c_str(), mode);
|
||||
- if (ifs->is_open() == false) return NULL;
|
||||
+ if (ifs->is_open() == false) {
|
||||
+ delete ifs;
|
||||
+ return NULL;
|
||||
+ }
|
||||
return ifs;
|
||||
#endif
|
||||
}
|
Loading…
Reference in New Issue