6 changed files with 3 additions and 170 deletions
--- a/0.18.tar.gz
+++ b/0.18.tar.gz
--- a/0.19.tar.gz
+++ b/0.19.tar.gz
--- a/backport-CVE-2023-46361.patch
+++ b/backport-CVE-2023-46361.patch
@ -1,26 +0,0 @@
-From ee53a7e4bc7819d32e8c0b2057885bcc97586bf3 Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Sun, 5 Nov 2023 12:21:52 +0100
-Subject: [PATCH] Bug 705041: jbig2dec: Avoid uninitialized allocator in
- command-line tool.
-
-Reference:https://github.com/ArtifexSoftware/jbig2dec/commit/ee53a7e4bc7819d32e8c0b2057885bcc97586bf3
-Conflict:NA
-
---
- jbig2dec.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/jbig2dec.c b/jbig2dec.c
-index 15d204d..1e1dad8 100644
--- a/jbig2dec.c
-+++ b/jbig2dec.c
-@@ -567,7 +567,7 @@ main(int argc, char **argv)
- {
-     jbig2dec_params_t params;
-     jbig2dec_error_callback_state_t error_callback_state;
-    jbig2dec_allocator_t allocator_;
-+    jbig2dec_allocator_t allocator_ = { 0 };
-     jbig2dec_allocator_t *allocator = &allocator_;
-     Jbig2Ctx *ctx = NULL;
-     FILE *f = NULL, *f_page = NULL;
--- a/backprot-add-casts-to-silence-a-compiler-warning.patch
+++ b/backprot-add-casts-to-silence-a-compiler-warning.patch
@ -1,26 +0,0 @@
-From d8294b25104e9033408c18b68567281ae8e9d5e0 Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Sat, 7 Nov 2020 00:33:46 +0800
-Subject: [PATCH] jbig2dec: Add casts to silence a compiler warning.
-
---
- jbig2_image.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/jbig2_image.c b/jbig2_image.c
-index 2cb1e14..19eef22 100644
--- a/jbig2_image.c
-+++ b/jbig2_image.c
-@@ -347,8 +347,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int
-     if (src == NULL)
-         return 0;
- 
-    if ((UINT32_MAX - src->width  < (x > 0 ? x : -x)) ||
-        (UINT32_MAX - src->height < (y > 0 ? y : -y)))
-+    if ((UINT32_MAX - src->width  < (uint32_t) (x > 0 ? x : -x)) ||
-+        (UINT32_MAX - src->height < (uint32_t) (y > 0 ? y : -y)))
-     {
- #ifdef JBIG2_DEBUG
-         jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, JBIG2_UNKNOWN_SEGMENT_NUMBER, "overflow in compose_image");
--
-2.27.0
--- a/backprot-searching-for-a-marker-in-a-stream.patch
+++ b/backprot-searching-for-a-marker-in-a-stream.patch
@ -1,82 +0,0 @@
-From f93f613aa9873026ccf7b0d625eb86c27b6b42b9 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 1 Oct 2020 15:58:25 +0100
-Subject: [PATCH] Searching for a marker in a stream, honor alignment
-
-When searching for markers in a stream buffer, we were "seeking" to the point
-in the buffer, and casting to either a byte, ushort or a uint to make the
-value comparison. But we cannot do that on SPARC because of the strict
-alignment on that hardware.
-
-So, we have to "unpack" the individual bytes from the stream to do the value
-comparison.
-
-Note: there are slightly confusing comments in the code that mention being
-"on a 16 bit boundary" and "on a 32 bit boundary" - that's referring to the
-offset into the buffer, *not* the actual memory address alignment.
-
-Found in testing on Solaris/SPARC
---
- jbig2_mmr.c | 19 ++++++++++++++++---
- 1 file changed, 16 insertions(+), 3 deletions(-)
-
-diff --git a/jbig2_mmr.c b/jbig2_mmr.c
-index 578754c..5c39903 100644
--- a/jbig2_mmr.c
-+++ b/jbig2_mmr.c
-@@ -744,6 +744,16 @@ const mmr_table_node jbig2_mmr_black_decode[] = {
- 
- #define getbit(buf, x) ( ( buf[x >> 3] >> ( 7 - (x & 7) ) ) & 1 )
- 
-+/* On platforms that enforce aligned memory accesses, we can't just
-+ * cast the byte * to the type of object we are accessing, we have
-+ * unpack the requisite number of bytes, and deal with it that way.
-+ * Note that the comments below about being 16/32 bit boundaries
-+ * is referring to offsets into the byte stream, *not* memory
-+ * addresses.
-+ */
-+#define getword16(b)  ((uint16_t)(b[0] | (b[1] << 8)))
-+#define getword32(b)  ((uint32_t)(getword16(b) | (getword16((b + 2)) << 16)))
-+
- static uint32_t
- jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
- {
-@@ -817,7 +827,7 @@ jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
-         if (w - x < 16) {
-             goto check8;
-         }
-        if ( ((uint16_t*) line)[ x / 16] != all16) {
-+        if ( getword16((line + (x / 8))) != all16) {
-             goto check8_no_eof;
-         }
-         x += 16; /* This will make x a multiple of 32. */
-@@ -835,7 +845,7 @@ jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
-             look at the next uint16, then uint8, then last 8 bits. */
-             goto check16;
-         }
-        if (((uint32_t*) line)[x/32] != all32) {
-+        if ( getword32((line + (x / 8))) != all32) {
-             goto check16_no_eof;
-         }
-         x += 32;
-@@ -849,7 +859,7 @@ jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
-     }
- check16_no_eof:
-     assert(w - x >= 16);
-    if ( ((uint16_t*) line)[x/16] != all16) {
-+    if ( getword16((line + (x / 8))) != all16) {
-         goto check8_no_eof;
-     }
-     x += 16;
-@@ -890,6 +900,9 @@ jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
-     return x;
- }
- 
-+#undef getword16
-+#undef getword32
-+
- static uint32_t
- jbig2_find_changing_element_of_color(const byte *line, uint32_t x, uint32_t w, int color)
- {
--
-2.27.0
--- a/jbig2dec.spec
+++ b/jbig2dec.spec
@ -1,16 +1,12 @@
 Name:           jbig2dec
-Version:        0.19
-Release:        5
+Version:        0.18
+Release:        2
 Summary:        A decoder implementation of the JBIG2 image compression format.

-License:        AGPLv3+
+License:        GPLv2
 URL:            https://jbig2dec.com/
 Source0:        https://github.com/ArtifexSoftware/jbig2dec/archive/%{version}.tar.gz

-Patch0:         backprot-add-casts-to-silence-a-compiler-warning.patch
-Patch1:         backprot-searching-for-a-marker-in-a-stream.patch
-Patch6000:      backport-CVE-2023-46361.patch
-
 BuildRequires:  gcc libtool chrpath
 Provides:       %{name}-libs = %{version}-%{release}
 Obsoletes:      %{name}-libs < %{version}-%{release}
@ -35,10 +31,6 @@ Files for jbig2dec development.
 %configure
 %make_build

-%check
-sed -i '1s/python/python3/' test_jbig2dec.py
-make check
-
 %install
 %make_install
 %delete_la_and_a
@ -47,11 +39,7 @@ make check
 chrpath -d %{buildroot}%{_bindir}/jbig2dec

 mkdir -p %{buildroot}/etc/ld.so.conf.d
-%ifarch sw_64
-echo "/usr/lib" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf
-%else
 echo "/usr/lib64" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf
-%endif

 %ldconfig_scriptlets

@ -74,27 +62,6 @@ echo "/usr/lib64" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf
 %{_mandir}/man1/%{name}.1*

 %changelog
-* Thu Aug 29 2024 zhangpan <zhangpan103@h-partners.com> - 0.19-5
- fix CVE-2023-46361
-
-* Thu Oct 27 2022 wuzx<wuzx1226@qq.com> - 0.19-4
- Type:feature
- CVE:NA
- SUG:NA
- DESC:Add sw64 architecture
-
-* Thu Mar 31 2022 liuyumeng <liuyumeng5@h-partners.com> - 0.19-3
- enable tests
-
-* Sat Mar 27 2021 dowzyx  <zhaoyuxing2@huawei.com> - 0.19-2
- Type:bufix
- ID:NA
- SUG:NA
- DESC:fix fuzz test from open source community
-
-* Thu Jan 28 2021 zhanzhimin <zhanzhimin@huawei.com> - 0.19-1
- update to 0.19
-
 * Tue Sep 8 2020 hanhui <hanhui15@huawei.com> - 0.18-2
 - Type:bugfix
 - ID:NA