[Bf-blender-cvs] [e1afaa0] master: Fix T41974: blender ships vulnerable minilzo version
Kévin Dietrich
noreply at git.blender.org
Sat Sep 27 21:49:05 CEST 2014
Commit: e1afaa02bfa88bc03296ae5a424b1a4274b0fe11
Author: Kévin Dietrich
Date: Sun Sep 28 01:05:36 2014 +0600
Branches: master
https://developer.blender.org/rBe1afaa02bfa88bc03296ae5a424b1a4274b0fe11
Fix T41974: blender ships vulnerable minilzo version
Update lzo library due to security issue
Update lzo to latest version. This fixes a security issue (reported in T41974)
This also fixes some (false-positive) valgrind warnings.
Reviewers: sergey
Differential Revision: https://developer.blender.org/D803
===================================================================
M extern/lzo/minilzo/README.LZO
M extern/lzo/minilzo/lzoconf.h
M extern/lzo/minilzo/lzodefs.h
M extern/lzo/minilzo/minilzo.c
M extern/lzo/minilzo/minilzo.h
M source/blender/blenkernel/intern/pointcache.c
===================================================================
diff --git a/extern/lzo/minilzo/README.LZO b/extern/lzo/minilzo/README.LZO
index 058eace..83e10e3 100644
--- a/extern/lzo/minilzo/README.LZO
+++ b/extern/lzo/minilzo/README.LZO
@@ -6,8 +6,8 @@
Author : Markus Franz Xaver Johannes Oberhumer
<markus at oberhumer.com>
http://www.oberhumer.com/opensource/lzo/
- Version : 2.06
- Date : 12 Aug 2011
+ Version : 2.08
+ Date : 29 Jun 2014
I've created miniLZO for projects where it is inconvenient to
include (or require) the full LZO source code just because you
@@ -110,9 +110,8 @@
Appendix D: Copyright
---------------------
- LZO and miniLZO are Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001,
- 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011
- Markus Franz Xaver Oberhumer <markus at oberhumer.com>.
+ LZO and miniLZO are Copyright (C) 1996-2014 Markus Franz Xaver Oberhumer
+ All Rights Reserved.
LZO and miniLZO are distributed under the terms of the GNU General
Public License (GPL). See the file COPYING.
diff --git a/extern/lzo/minilzo/lzoconf.h b/extern/lzo/minilzo/lzoconf.h
index 23c6ca9..61be29c 100644
--- a/extern/lzo/minilzo/lzoconf.h
+++ b/extern/lzo/minilzo/lzoconf.h
@@ -2,22 +2,7 @@
This file is part of the LZO real-time data compression library.
- Copyright (C) 2011 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2010 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2009 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2008 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2007 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2006 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2005 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2004 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2003 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2002 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2001 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 2000 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
- Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
+ Copyright (C) 1996-2014 Markus Franz Xaver Johannes Oberhumer
All Rights Reserved.
The LZO library is free software; you can redistribute it and/or
@@ -44,9 +29,9 @@
#ifndef __LZOCONF_H_INCLUDED
#define __LZOCONF_H_INCLUDED 1
-#define LZO_VERSION 0x2060
-#define LZO_VERSION_STRING "2.06"
-#define LZO_VERSION_DATE "Aug 12 2011"
+#define LZO_VERSION 0x2080
+#define LZO_VERSION_STRING "2.08"
+#define LZO_VERSION_DATE "Jun 29 2014"
/* internal Autoconf configuration file - only used when building LZO */
#if defined(LZO_HAVE_CONFIG_H)
@@ -63,7 +48,7 @@
#if !defined(CHAR_BIT) || (CHAR_BIT != 8)
# error "invalid CHAR_BIT"
#endif
-#if !defined(UCHAR_MAX) || !defined(UINT_MAX) || !defined(ULONG_MAX)
+#if !defined(UCHAR_MAX) || !defined(USHRT_MAX) || !defined(UINT_MAX) || !defined(ULONG_MAX)
# error "check your compiler installation"
#endif
#if (USHRT_MAX < 1) || (UINT_MAX < 1) || (ULONG_MAX < 1)
@@ -85,14 +70,6 @@ extern "C" {
// some core defines
************************************************************************/
-#if !defined(LZO_UINT32_C)
-# if (UINT_MAX < LZO_0xffffffffL)
-# define LZO_UINT32_C(c) c ## UL
-# else
-# define LZO_UINT32_C(c) ((c) + 0U)
-# endif
-#endif
-
/* memory checkers */
#if !defined(__LZO_CHECKER)
# if defined(__BOUNDS_CHECKING_ON)
@@ -111,28 +88,31 @@ extern "C" {
// integral and pointer types
************************************************************************/
-/* lzo_uint should match size_t */
+/* lzo_uint must match size_t */
#if !defined(LZO_UINT_MAX)
-# if defined(LZO_ABI_LLP64) /* WIN64 */
-# if defined(LZO_OS_WIN64)
+# if (LZO_ABI_LLP64)
+# if (LZO_OS_WIN64)
typedef unsigned __int64 lzo_uint;
typedef __int64 lzo_int;
# else
- typedef unsigned long long lzo_uint;
- typedef long long lzo_int;
+ typedef lzo_ullong_t lzo_uint;
+ typedef lzo_llong_t lzo_int;
# endif
+# define LZO_SIZEOF_LZO_UINT 8
# define LZO_UINT_MAX 0xffffffffffffffffull
# define LZO_INT_MAX 9223372036854775807LL
# define LZO_INT_MIN (-1LL - LZO_INT_MAX)
-# elif defined(LZO_ABI_IP32L64) /* MIPS R5900 */
+# elif (LZO_ABI_IP32L64) /* MIPS R5900 */
typedef unsigned int lzo_uint;
typedef int lzo_int;
+# define LZO_SIZEOF_LZO_UINT LZO_SIZEOF_INT
# define LZO_UINT_MAX UINT_MAX
# define LZO_INT_MAX INT_MAX
# define LZO_INT_MIN INT_MIN
# elif (ULONG_MAX >= LZO_0xffffffffL)
typedef unsigned long lzo_uint;
typedef long lzo_int;
+# define LZO_SIZEOF_LZO_UINT LZO_SIZEOF_LONG
# define LZO_UINT_MAX ULONG_MAX
# define LZO_INT_MAX LONG_MAX
# define LZO_INT_MIN LONG_MIN
@@ -141,63 +121,22 @@ extern "C" {
# endif
#endif
-/* Integral types with 32 bits or more. */
-#if !defined(LZO_UINT32_MAX)
-# if (UINT_MAX >= LZO_0xffffffffL)
- typedef unsigned int lzo_uint32;
- typedef int lzo_int32;
-# define LZO_UINT32_MAX UINT_MAX
-# define LZO_INT32_MAX INT_MAX
-# define LZO_INT32_MIN INT_MIN
-# elif (ULONG_MAX >= LZO_0xffffffffL)
- typedef unsigned long lzo_uint32;
- typedef long lzo_int32;
-# define LZO_UINT32_MAX ULONG_MAX
-# define LZO_INT32_MAX LONG_MAX
-# define LZO_INT32_MIN LONG_MIN
-# else
-# error "lzo_uint32"
-# endif
-#endif
-
-/* Integral types with exactly 64 bits. */
-#if !defined(LZO_UINT64_MAX)
-# if (LZO_UINT_MAX >= LZO_0xffffffffL)
-# if ((((LZO_UINT_MAX) >> 31) >> 31) == 3)
-# define lzo_uint64 lzo_uint
-# define lzo_int64 lzo_int
-# define LZO_UINT64_MAX LZO_UINT_MAX
-# define LZO_INT64_MAX LZO_INT_MAX
-# define LZO_INT64_MIN LZO_INT_MIN
-# endif
-# elif (ULONG_MAX >= LZO_0xffffffffL)
-# if ((((ULONG_MAX) >> 31) >> 31) == 3)
- typedef unsigned long lzo_uint64;
- typedef long lzo_int64;
-# define LZO_UINT64_MAX ULONG_MAX
-# define LZO_INT64_MAX LONG_MAX
-# define LZO_INT64_MIN LONG_MIN
-# endif
-# endif
-#endif
-
-/* The larger type of lzo_uint and lzo_uint32. */
-#if (LZO_UINT_MAX >= LZO_UINT32_MAX)
+/* The larger type of lzo_uint and lzo_uint32_t. */
+#if (LZO_SIZEOF_LZO_UINT >= 4)
# define lzo_xint lzo_uint
#else
-# define lzo_xint lzo_uint32
+# define lzo_xint lzo_uint32_t
#endif
-/* Memory model that allows to access memory at offsets of lzo_uint. */
-#if !defined(__LZO_MMODEL)
-# if (LZO_UINT_MAX <= UINT_MAX)
-# define __LZO_MMODEL /*empty*/
-# elif defined(LZO_HAVE_MM_HUGE_PTR)
-# define __LZO_MMODEL_HUGE 1
-# define __LZO_MMODEL __huge
-# else
-# define __LZO_MMODEL /*empty*/
-# endif
+typedef int lzo_bool;
+
+/* sanity checks */
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_uint) == LZO_SIZEOF_LZO_UINT)
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_xint) >= sizeof(lzo_uint))
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_xint) >= sizeof(lzo_uint32_t))
+
+#ifndef __LZO_MMODEL
+#define __LZO_MMODEL /*empty*/
#endif
/* no typedef here because of const-pointer issues */
@@ -206,21 +145,52 @@ extern "C" {
#define lzo_voidp void __LZO_MMODEL *
#define lzo_shortp short __LZO_MMODEL *
#define lzo_ushortp unsigned short __LZO_MMODEL *
-#define lzo_uint32p lzo_uint32 __LZO_MMODEL *
-#define lzo_int32p lzo_int32 __LZO_MMODEL *
-#if defined(LZO_UINT64_MAX)
-#define lzo_uint64p lzo_uint64 __LZO_MMODEL *
-#define lzo_int64p lzo_int64 __LZO_MMODEL *
-#endif
-#define lzo_uintp lzo_uint __LZO_MMODEL *
#define lzo_intp lzo_int __LZO_MMODEL *
+#define lzo_uintp lzo_uint __LZO_MMODEL *
#define lzo_xintp lzo_xint __LZO_MMODEL *
#define lzo_voidpp lzo_voidp __LZO_MMODEL *
#define lzo_bytepp lzo_bytep __LZO_MMODEL *
-/* deprecated - use 'lzo_bytep' instead of 'lzo_byte *' */
-#define lzo_byte unsigned char __LZO_MMODEL
-typedef int lzo_bool;
+#define lzo_int8_tp lzo_int8_t __LZO_MMODEL *
+#define lzo_uint8_tp lzo_uint8_t __LZO_MMODEL *
+#define lzo_int16_tp lzo_int16_t __LZO_MMODEL *
+#define lzo_uint16_tp lzo_uint16_t __LZO_MMODEL *
+#define lzo_int32_tp lzo_int32_t __LZO_MMODEL *
+#define lzo_uint32_tp lzo_uint32_t __LZO_MMODEL *
+#if defined(lzo_int64_t)
+#define lzo_int64_tp lzo_int64_t __LZO_MMODEL *
+#define lzo_uint64_tp lzo_uint64_t __LZO_MMODEL *
+#endif
+
+/* Older LZO versions used to support ancient systems and memory models
+ * like 16-bit MSDOS with __huge pointers and Cray PVP, but these
+ * obsolete configurations are not supported any longer.
+ */
+#if defined(__LZO_MMODEL_HUGE)
+#error "__LZO_MMODEL_HUGE is unsupported"
+#endif
+#if (LZO_MM_PVP)
+#error "LZO_MM_PVP is unsupported"
+#endif
+#if (LZO_SIZEOF_INT < 4)
+#error "LZO_SIZEOF_INT < 4 is unsupported"
+#endif
+#if (__LZO_UINTPTR_T_IS_POINTER)
+#error "__LZO_UINTPTR_T_IS_POINTER is unsupported"
+#endif
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(int) >= 4)
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_uint) >= 4)
+/* Strange configurations where sizeof(lzo_uint) != sizeof(size_t) should
+ * work but have not received much testing lately, so be strict here.
+ */
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_uint) == sizeof(size_t))
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_uint) == sizeof(ptrdiff_t))
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(lzo_uint) == sizeof(lzo_uintptr_t))
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(void *) == sizeof(lzo_uintptr_t))
+LZO_COMPILE_TIME_ASSERT_HEADER(sizeof(char *) == sizeof(lzo_uintptr_t))
+LZO_COMPILE_
@@ Diff output truncated at 10240 characters. @@
More information about the Bf-blender-cvs
mailing list