summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch32
-rw-r--r--meta-oe/recipes-support/opencv/opencv_4.5.5.bb1
2 files changed, 33 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch b/meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
new file mode 100644
index 0000000000..4cd3003e3c
--- /dev/null
+++ b/meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
@@ -0,0 +1,32 @@
1From 2b62ff6181163eea029ed1cab11363b4996e9cd6 Mon Sep 17 00:00:00 2001
2From: Nano <nanoapezlk@gmail.com>
3Date: Thu, 27 Apr 2023 17:38:35 +0800
4Subject: [PATCH] fix(wechat_qrcode): fixed memory leaks
5
6CVE: CVE-2023-2618
7
8Upstream-Status: Backport [https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6]
9
10Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
11---
12 .../src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp | 5 ++++-
13 1 file changed, 4 insertions(+), 1 deletion(-)
14
15diff --git a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp
16index b3a0a69c..f02435d5 100644
17--- a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp
18+++ b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp
19@@ -127,7 +127,10 @@ void DecodedBitStreamParser::decodeHanziSegment(Ref<BitSource> bits_, string& re
20 while (count > 0) {
21 // Each 13 bits encodes a 2-byte character
22 int twoBytes = bits.readBits(13, err_handler);
23- if (err_handler.ErrCode()) return;
24+ if (err_handler.ErrCode()) {
25+ delete[] buffer;
26+ return;
27+ }
28 int assembledTwoBytes = ((twoBytes / 0x060) << 8) | (twoBytes % 0x060);
29 if (assembledTwoBytes < 0x003BF) {
30 // In the 0xA1A1 to 0xAAFE range
31--
322.40.0
diff --git a/meta-oe/recipes-support/opencv/opencv_4.5.5.bb b/meta-oe/recipes-support/opencv/opencv_4.5.5.bb
index 3af92ffb23..a7700a3743 100644
--- a/meta-oe/recipes-support/opencv/opencv_4.5.5.bb
+++ b/meta-oe/recipes-support/opencv/opencv_4.5.5.bb
@@ -53,6 +53,7 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol
53 file://0001-Make-ts-module-external.patch \ 53 file://0001-Make-ts-module-external.patch \
54 file://0001-core-vsx-update-vec_absd-workaround-condition.patch \ 54 file://0001-core-vsx-update-vec_absd-workaround-condition.patch \
55 file://CVE-2023-2617.patch;patchdir=../contrib \ 55 file://CVE-2023-2617.patch;patchdir=../contrib \
56 file://CVE-2023-2618.patch;patchdir=../contrib \
56 " 57 "
57SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=../contrib" 58SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=../contrib"
58 59
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-03-20 12:29:07 +0000