opencv: fix CVEs

Fix CVEs for opencv 3.3: * CVE-2017-12597 * CVE-2017-12598 * CVE-2017-12599 * CVE-2017-12600 * CVE-2017-12601 * CVE-2017-12602 * CVE-2017-12603 * CVE-2017-12604 * CVE-2017-12605 * CVE-2017-12606 * CVE-2017-12862 * CVE-2017-12863 * CVE-2017-12864 Refs: 1 opencv/opencv#9376 2 https://security-tracker.debian.org/tracker/CVE-2017-12601 Signed-off-by: Kai Kang <[email protected]> Signed-off-by: Martin Jansa <[email protected]>
openembedded · Aug 31, 2017 · 860f01d · 860f01d
1 parent 7504f86
commit 860f01d
Show file tree

Hide file tree

Showing 4 changed files with 972 additions and 0 deletions.
diff --git a/...pes-support/opencv/opencv/0001-build-workaround-GCC-7.1.1-compilation-issue-with-sa.patch b/...pes-support/opencv/opencv/0001-build-workaround-GCC-7.1.1-compilation-issue-with-sa.patch
@@ -0,0 +1,127 @@
+Upstream-Status: Backport [https://github.com/opencv/opencv/pull/9376/commits/0d854db361106dfcb055231fd0112c5b85ef2287]
+
+Fix CVEs for opencv 3.3.
+
+* CVE-2017-12597
+* CVE-2017-12598
+* CVE-2017-12599
+* CVE-2017-12600
+* CVE-2017-12601
+* CVE-2017-12602
+* CVE-2017-12603
+* CVE-2017-12604
+* CVE-2017-12605
+* CVE-2017-12606
+* CVE-2017-12862
+* CVE-2017-12863
+* CVE-2017-12864
+
+Signed-off-by: Kai Kang <[email protected]>
+---
+From 0d854db361106dfcb055231fd0112c5b85ef2287 Mon Sep 17 00:00:00 2001
+From: Alexander Alekhin <[email protected]>
+Date: Tue, 15 Aug 2017 21:45:05 +0000
+Subject: [PATCH 1/3] build: workaround GCC 7.1.1 compilation issue with
+ sanitize flags
+
+Version: gcc (GCC) 7.1.1 20170622 (Red Hat 7.1.1-3)
+Flags: -fsanitize=address,undefined
+---
+ modules/ts/src/cuda_test.cpp | 56 ++++++++++++++++++++++++++------------------
+ 1 file changed, 33 insertions(+), 23 deletions(-)
+
+diff --git a/modules/ts/src/cuda_test.cpp b/modules/ts/src/cuda_test.cpp
+index a48e0a087..eb4cee136 100644
+--- a/modules/ts/src/cuda_test.cpp
++++ b/modules/ts/src/cuda_test.cpp
+@@ -322,16 +322,20 @@ namespace cvtest
+
+         if (m1.size() != m2.size())
+         {
+-            return AssertionFailure() << "Matrices \"" << expr1 << "\" and \"" << expr2 << "\" have different sizes : \""
+-                                      << expr1 << "\" [" << PrintToString(m1.size()) << "] vs \""
+-                                      << expr2 << "\" [" << PrintToString(m2.size()) << "]";
++            std::stringstream msg;
++            msg << "Matrices \"" << expr1 << "\" and \"" << expr2 << "\" have different sizes : \""
++                << expr1 << "\" [" << PrintToString(m1.size()) << "] vs \""
++                << expr2 << "\" [" << PrintToString(m2.size()) << "]";
++            return AssertionFailure() << msg.str();
+         }
+
+         if (m1.type() != m2.type())
+         {
+-            return AssertionFailure() << "Matrices \"" << expr1 << "\" and \"" << expr2 << "\" have different types : \""
+-                                      << expr1 << "\" [" << PrintToString(MatType(m1.type())) << "] vs \""
+-                                      << expr2 << "\" [" << PrintToString(MatType(m2.type())) << "]";
++            std::stringstream msg;
++            msg << "Matrices \"" << expr1 << "\" and \"" << expr2 << "\" have different types : \""
++                << expr1 << "\" [" << PrintToString(MatType(m1.type())) << "] vs \""
++                << expr2 << "\" [" << PrintToString(MatType(m2.type())) << "]";
++             return AssertionFailure() << msg.str();
+         }
+
+         Mat diff;
+@@ -343,12 +347,14 @@ namespace cvtest
+
+         if (maxVal > eps)
+         {
+-            return AssertionFailure() << "The max difference between matrices \"" << expr1 << "\" and \"" << expr2
+-                                      << "\" is " << maxVal << " at (" << maxLoc.y << ", " << maxLoc.x / m1.channels() << ")"
+-                                      << ", which exceeds \"" << eps_expr << "\", where \""
+-                                      << expr1 << "\" at (" << maxLoc.y << ", " << maxLoc.x / m1.channels() << ") evaluates to " << printMatVal(m1, maxLoc) << ", \""
+-                                      << expr2 << "\" at (" << maxLoc.y << ", " << maxLoc.x / m1.channels() << ") evaluates to " << printMatVal(m2, maxLoc) << ", \""
+-                                      << eps_expr << "\" evaluates to " << eps;
++            std::stringstream msg;
++            msg << "The max difference between matrices \"" << expr1 << "\" and \"" << expr2
++                << "\" is " << maxVal << " at (" << maxLoc.y << ", " << maxLoc.x / m1.channels() << ")"
++                << ", which exceeds \"" << eps_expr << "\", where \""
++                << expr1 << "\" at (" << maxLoc.y << ", " << maxLoc.x / m1.channels() << ") evaluates to " << printMatVal(m1, maxLoc) << ", \""
++                << expr2 << "\" at (" << maxLoc.y << ", " << maxLoc.x / m1.channels() << ") evaluates to " << printMatVal(m2, maxLoc) << ", \""
++                << eps_expr << "\" evaluates to " << eps;
++            return AssertionFailure() << msg.str();
+         }
+
+         return AssertionSuccess();
+@@ -469,9 +475,11 @@ namespace cvtest
+     {
+         if (gold.size() != actual.size())
+         {
+-            return testing::AssertionFailure() << "KeyPoints size mistmach\n"
+-                                               << "\"" << gold_expr << "\" : " << gold.size() << "\n"
+-                                               << "\"" << actual_expr << "\" : " << actual.size();
++            std::stringstream msg;
++            msg << "KeyPoints size mistmach\n"
++                << "\"" << gold_expr << "\" : " << gold.size() << "\n"
++                << "\"" << actual_expr << "\" : " << actual.size();
++            return AssertionFailure() << msg.str();
+         }
+
+         std::sort(actual.begin(), actual.end(), KeyPointLess());
+@@ -484,14 +492,16 @@ namespace cvtest
+
+             if (!keyPointsEquals(p1, p2))
+             {
+-                return testing::AssertionFailure() << "KeyPoints differ at " << i << "\n"
+-                                                   << "\"" << gold_expr << "\" vs \"" << actual_expr << "\" : \n"
+-                                                   << "pt : " << testing::PrintToString(p1.pt) << " vs " << testing::PrintToString(p2.pt) << "\n"
+-                                                   << "size : " << p1.size << " vs " << p2.size << "\n"
+-                                                   << "angle : " << p1.angle << " vs " << p2.angle << "\n"
+-                                                   << "response : " << p1.response << " vs " << p2.response << "\n"
+-                                                   << "octave : " << p1.octave << " vs " << p2.octave << "\n"
+-                                                   << "class_id : " << p1.class_id << " vs " << p2.class_id;
++                std::stringstream msg;
++                msg << "KeyPoints differ at " << i << "\n"
++                    << "\"" << gold_expr << "\" vs \"" << actual_expr << "\" : \n"
++                    << "pt : " << testing::PrintToString(p1.pt) << " vs " << testing::PrintToString(p2.pt) << "\n"
++                    << "size : " << p1.size << " vs " << p2.size << "\n"
++                    << "angle : " << p1.angle << " vs " << p2.angle << "\n"
++                    << "response : " << p1.response << " vs " << p2.response << "\n"
++                    << "octave : " << p1.octave << " vs " << p2.octave << "\n"
++                    << "class_id : " << p1.class_id << " vs " << p2.class_id;
++                return AssertionFailure() << msg.str();
+             }
+         }
+
+-- 
+2.14.1
+