[packages/liblas] - new, with patches (build and security fixes) mostly from Fedora)
qboosh
qboosh at pld-linux.org
Sun Dec 13 21:24:03 CET 2020
commit 0e3a392df2ad7b73b47b95a779c22fa75e1af1db
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Sun Dec 13 21:24:28 2020 +0100
- new, with patches (build and security fixes) mostly from Fedora)
liblas-CVE-2018-20536.patch | 15 +++++
liblas-CVE-2018-20537.patch | 20 ++++++
liblas-CVE-2018-20539.patch | 24 +++++++
liblas-CVE-2018-20540.patch | 32 +++++++++
liblas-boost-endian.patch | 39 +++++++++++
liblas-boost1.73.patch | 33 +++++++++
liblas-gdal3.patch | 28 ++++++++
liblas-pkgconfig.patch | 23 +++++++
liblas.spec | 160 ++++++++++++++++++++++++++++++++++++++++++++
9 files changed, 374 insertions(+)
---
diff --git a/liblas.spec b/liblas.spec
new file mode 100644
index 0000000..b40d143
--- /dev/null
+++ b/liblas.spec
@@ -0,0 +1,160 @@
+#
+# Conditional build:
+%bcond_without apidocs # do not build and package API docs
+%bcond_without gdal # GDAL support
+%bcond_without laszip # LASzip support
+#
+Summary: LAS 1.0/1.1/1.2 ASPRS LiDAR data translation toolset
+Summary(pl.UTF-8): Narzędzia do tłumaczenia danych LiDARowych ASPRS LAS 1.0/1.1/1.2
+Name: liblas
+Version: 1.8.1
+Release: 1
+License: BSD with Boost v1.0 and MIT parts
+Group: Libraries
+Source0: http://download.osgeo.org/liblas/libLAS-%{version}.tar.bz2
+# Source0-md5: 2e6a975dafdf57f59a385ccb87eb5919
+# https://github.com/libLAS/libLAS/pull/166.patch
+Patch0: %{name}-boost-endian.patch
+# from Fedora, modified
+Patch1: %{name}-boost1.73.patch
+# https://github.com/libLAS/libLAS/issues/164
+Patch2: %{name}-gdal3.patch
+# https://github.com/libLAS/libLAS/issues/159
+Patch3: %{name}-CVE-2018-20539.patch
+# https://github.com/libLAS/libLAS/issues/161
+Patch4: %{name}-CVE-2018-20536.patch
+# https://github.com/libLAS/libLAS/issues/160
+Patch5: %{name}-CVE-2018-20537.patch
+# https://github.com/libLAS/libLAS/issues/181, modified
+Patch6: %{name}-CVE-2018-20540.patch
+Patch7: %{name}-pkgconfig.patch
+URL: https://liblas.org/
+BuildRequires: boost-devel >= 1.38
+BuildRequires: cmake >= 2.6.0
+%{?with_gdal:BuildRequires: gdal-devel >= 1.7.0}
+%{?with_laszip:BuildRequires: laszip-devel >= 2.0.1}
+BuildRequires: libgeotiff-devel >= 1.3.0
+BuildRequires: libjpeg-devel
+BuildRequires: libstdc++-devel
+BuildRequires: libtiff-devel
+%{?with_gdal:BuildRequires: proj-devel >= 4}
+BuildRequires: zlib-devel
+%if %{with apidocs}
+BuildRequires: doxygen
+BuildRequires: python3-rst2pdf
+BuildRequires: sphinx-pdg-3
+%endif
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+libLAS is a C/C++ library for reading and writing the very common LAS
+LiDAR format. The ASPRS LAS format is a sequential binary file format
+used to store data from LiDAR sensors and by LiDAR processing software
+for data interchange and archival.
+
+%description -l pl.UTF-8
+libLAS to biblioteka C/C++ do odczytu i zapisu popularnego formatu
+danych LiDARowych LAS. Format ASPRS LAS to sekwencyjny format plików
+binarnych używany do zapisu danych z czujników LiDARowych oraz
+oprogoramowania przetwarzającego dane LiDARowe na potrzeby wymiany i
+archiwizacji.
+
+%package devel
+Summary: Header files for libLAS library
+Summary(pl.UTF-8): Pliki nagłówkowe biblioteki libLAS
+Group: Development/Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description devel
+Header files for libLAS library.
+
+%description devel -l pl.UTF-8
+Pliki nagłówkowe biblioteki libLAS.
+
+%package apidocs
+Summary: API documentation for libLAS library
+Summary(pl.UTF-8): Dokumentacja API biblioteki libLAS
+Group: Documentation
+%{?noarchpackage}
+
+%description apidocs
+API documentation for libLAS library.
+
+%description apidocs -l pl.UTF-8
+Dokumentacja API biblioteki libLAS.
+
+%prep
+%setup -q -n libLAS-%{version}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+
+%build
+install -d build
+cd build
+%cmake .. \
+ -DLIBLAS_LIB_SUBDIR=%{_lib} \
+ %{?with_gdal:-DWITH_GDAL=ON} \
+ %{?with_laszip:-DWITH_LASZIP=ON} \
+ -DWITH_PKGCONFIG=ON
+
+%{__make}
+cd ..
+
+%if %{with apidocs}
+cd doc
+LD_LIBRARY_PATH=$(pwd)/../build/bin/PLD sphinx-build-3 -b html . _build/html
+cd api
+doxygen doxygen.conf
+%{__mv} html ../_build/html/api
+%endif
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__make} -C build install \
+ DESTDIR=$RPM_BUILD_ROOT
+
+# packaged as %doc or dummy
+%{__rm} -r $RPM_BUILD_ROOT%{_datadir}/liblas/doc
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post -p /sbin/ldconfig
+%postun -p /sbin/ldconfig
+
+%files
+%defattr(644,root,root,755)
+%doc AUTHORS LICENSE.txt
+%attr(755,root,root) %{_bindir}/las2col
+%attr(755,root,root) %{_bindir}/las2las
+%attr(755,root,root) %{_bindir}/las2pg
+%attr(755,root,root) %{_bindir}/las2txt
+%attr(755,root,root) %{_bindir}/lasblock
+%attr(755,root,root) %{_bindir}/lasinfo
+%attr(755,root,root) %{_bindir}/ts2las
+%attr(755,root,root) %{_bindir}/txt2las
+%attr(755,root,root) %{_libdir}/liblas.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/liblas.so.3
+%attr(755,root,root) %{_libdir}/liblas_c.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/liblas_c.so.3
+
+%files devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/liblas.so
+%attr(755,root,root) %{_libdir}/liblas_c.so
+%{_includedir}/liblas
+%{_pkgconfigdir}/liblas.pc
+%{_datadir}/cmake/libLAS
+
+%if %{with apidocs}
+%files apidocs
+%defattr(644,root,root,755)
+%doc doc/_build/html/{_images,_static,api,development,tutorial,utilities,*.html,*.js}
+%endif
diff --git a/liblas-CVE-2018-20536.patch b/liblas-CVE-2018-20536.patch
new file mode 100644
index 0000000..1da7943
--- /dev/null
+++ b/liblas-CVE-2018-20536.patch
@@ -0,0 +1,15 @@
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/spatialreference.cpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/spatialreference.cpp
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/spatialreference.cpp 2020-06-08 11:37:26.871015429 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/spatialreference.cpp 2020-06-08 11:37:26.873015404 +0200
+@@ -516,8 +516,9 @@ const GTIF* SpatialReference::GetGTIF()
+ // The '+ 1' accounts for the header itself.
+ int count = (header->numKeys + 1) * 4;
+ short *data_s = reinterpret_cast<short *>( &(data[0]));
+-
+- ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
++ if(std::size_t(count) <= data.size() / sizeof(short)) {
++ ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
++ }
+ }
+ }
+
diff --git a/liblas-CVE-2018-20537.patch b/liblas-CVE-2018-20537.patch
new file mode 100644
index 0000000..56ffd1d
--- /dev/null
+++ b/liblas-CVE-2018-20537.patch
@@ -0,0 +1,20 @@
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/spatialreference.cpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/spatialreference.cpp
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/spatialreference.cpp 2020-06-08 11:37:26.837015849 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/spatialreference.cpp 2020-06-08 11:37:26.839015824 +0200
+@@ -522,14 +522,14 @@ const GTIF* SpatialReference::GetGTIF()
+ }
+
+ if (uid == record.GetUserId(true).c_str() &&
+- 34736 == record.GetRecordId())
++ 34736 == record.GetRecordId() && !data.empty())
+ {
+ int count = data.size() / sizeof(double);
+ ST_SetKey(m_tiff, record.GetRecordId(), count, STT_DOUBLE, &(data[0]));
+ }
+
+ if (uid == record.GetUserId(true).c_str() &&
+- 34737 == record.GetRecordId())
++ 34737 == record.GetRecordId() && !data.empty())
+ {
+ int count = data.size()/sizeof(uint8_t);
+ ST_SetKey(m_tiff, record.GetRecordId(), count, STT_ASCII, &(data[0]));
diff --git a/liblas-CVE-2018-20539.patch b/liblas-CVE-2018-20539.patch
new file mode 100644
index 0000000..d8855c4
--- /dev/null
+++ b/liblas-CVE-2018-20539.patch
@@ -0,0 +1,24 @@
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/spatialreference.cpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/spatialreference.cpp
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/spatialreference.cpp 2020-04-05 18:40:29.000000000 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/spatialreference.cpp 2020-06-08 11:37:26.804016256 +0200
+@@ -510,12 +510,15 @@ const GTIF* SpatialReference::GetGTIF()
+ #pragma pack(pop)
+
+ ShortKeyHeader *header = (ShortKeyHeader *)data.data();
+- // Calculate the number of shorts in the VLR data.
+- // The '+ 1' accounts for the header itself.
+- int count = (header->numKeys + 1) * 4;
+- short *data_s = reinterpret_cast<short *>( &(data[0]));
++ if (header)
++ {
++ // Calculate the number of shorts in the VLR data.
++ // The '+ 1' accounts for the header itself.
++ int count = (header->numKeys + 1) * 4;
++ short *data_s = reinterpret_cast<short *>( &(data[0]));
+
+- ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
++ ST_SetKey(m_tiff, record.GetRecordId(), count, STT_SHORT, data_s);
++ }
+ }
+
+ if (uid == record.GetUserId(true).c_str() &&
diff --git a/liblas-CVE-2018-20540.patch b/liblas-CVE-2018-20540.patch
new file mode 100644
index 0000000..d2ba2a5
--- /dev/null
+++ b/liblas-CVE-2018-20540.patch
@@ -0,0 +1,32 @@
+#diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/include/liblas/liblas.hpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/include/liblas/liblas.hpp
+#--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/include/liblas/liblas.hpp 2020-04-05 18:40:29.000000000 +0200
+#+++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/include/liblas/liblas.hpp 2020-06-08 11:37:26.906014997 +0200
+#@@ -137,7 +137,10 @@ inline std::istream* Open(std::string co
+# {
+# ifs = new std::ifstream();
+# ifs->open(filename.c_str(), mode);
+#- if (ifs->is_open() == false) return NULL;
+#+ if (ifs->is_open() == false) {
+#+ delete ifs;
+#+ return NULL;
+#+ }
+# return ifs;
+# }
+# catch (...)
+--- libLAS-1.8.1/include/liblas/liblas.hpp.orig 2020-12-13 15:27:40.633519082 +0100
++++ libLAS-1.8.1/include/liblas/liblas.hpp 2020-12-13 15:30:10.796038915 +0100
+@@ -121,12 +121,12 @@ inline std::istream* Open(std::string co
+ namespace io = boost::iostreams;
+ io::stream<io::file_source>* ifs = new io::stream<io::file_source>();
+ ifs->open(filename.c_str(), mode);
+- if (ifs->is_open() == false) return NULL;
++ if (ifs->is_open() == false) { delete ifs; return NULL; }
+ return ifs;
+ #else
+ std::ifstream* ifs = new std::ifstream();
+ ifs->open(filename.c_str(), mode);
+- if (ifs->is_open() == false) return NULL;
++ if (ifs->is_open() == false) { delete ifs; return NULL; }
+ return ifs;
+ #endif
+ }
diff --git a/liblas-boost-endian.patch b/liblas-boost-endian.patch
new file mode 100644
index 0000000..f89c7aa
--- /dev/null
+++ b/liblas-boost-endian.patch
@@ -0,0 +1,39 @@
+From 1e55aebde99665ab4b562f4337c1623bbba8a931 Mon Sep 17 00:00:00 2001
+From: Piotr Dobrowolski <piotr.dobrowolski at pix4d.com>
+Date: Thu, 25 Apr 2019 10:30:16 +0200
+Subject: [PATCH] Use LIBLAS_BIG_ENDIAN instead of BOOST_BIG_ENDIAN
+
+---
+ include/liblas/detail/binary.hpp | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/include/liblas/detail/binary.hpp b/include/liblas/detail/binary.hpp
+index 3dd8a6fc..8f0b3d47 100644
+--- a/include/liblas/detail/binary.hpp
++++ b/include/liblas/detail/binary.hpp
+@@ -17,6 +17,8 @@
+ #ifndef LIBLAS_DETAIL_BINARY_HPP_INCLUDED
+ #define LIBLAS_DETAIL_BINARY_HPP_INCLUDED
+
++#include <liblas/detail/endian.hpp>
++
+ #include <cassert>
+ #include <climits>
+ #include <cstring>
+@@ -25,7 +27,6 @@
+
+ #include <boost/config.hpp>
+ #include <boost/static_assert.hpp>
+-#include <boost/detail/endian.hpp>
+ #include <boost/type_traits/is_signed.hpp>
+
+ #if CHAR_BIT != 8
+@@ -43,7 +44,7 @@ namespace detail { namespace binary {
+ struct big_endian_tag {};
+ struct little_endian_tag {};
+
+-#ifdef BOOST_BIG_ENDIAN
++#ifdef LIBLAS_BIG_ENDIAN
+ typedef big_endian_tag native_endian_tag;
+ #else
+ typedef little_endian_tag native_endian_tag;
diff --git a/liblas-boost1.73.patch b/liblas-boost1.73.patch
new file mode 100644
index 0000000..bd10fe0
--- /dev/null
+++ b/liblas-boost1.73.patch
@@ -0,0 +1,33 @@
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/c_api.cpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/c_api.cpp
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/c_api.cpp 2020-04-05 18:40:29.000000000 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/c_api.cpp 2020-06-08 11:37:26.973014170 +0200
+@@ -510,7 +510,7 @@ LAS_DLL LASErrorEnum LASReader_SetOutput
+
+ transforms.erase( std::remove_if( transforms.begin(),
+ transforms.end(),
+- boost::bind( &IsReprojectionTransform, _1 ) ),
++ boost::bind( &IsReprojectionTransform, boost::placeholders::_1 ) ),
+ transforms.end());
+
+ liblas::TransformPtr srs_transform = liblas::TransformPtr(new liblas::ReprojectionTransform(in_ref, *out_ref, &h));
+@@ -1852,7 +1852,7 @@ LAS_DLL LASErrorEnum LASWriter_SetOutput
+
+ transforms.erase( std::remove_if( transforms.begin(),
+ transforms.end(),
+- boost::bind( &IsReprojectionTransform, _1 ) ),
++ boost::bind( &IsReprojectionTransform, boost::placeholders::_1 ) ),
+ transforms.end());
+
+ liblas::TransformPtr srs_transform = liblas::TransformPtr(new liblas::ReprojectionTransform(in_ref, *out_ref, &h));
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/header.cpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/header.cpp
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/header.cpp 2020-04-05 18:40:29.000000000 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/header.cpp 2020-06-08 11:37:26.973014170 +0200
+@@ -610,7 +610,7 @@ void Header::DeleteVLRs(std::string cons
+
+ m_vlrs.erase( std::remove_if( m_vlrs.begin(),
+ m_vlrs.end(),
+- boost::bind( &SameVLRs, name, id, _1 ) ),
++ boost::bind( &SameVLRs, name, id, boost::placeholders::_1 ) ),
+ m_vlrs.end());
+
+ m_recordsCount = static_cast<uint32_t>(m_vlrs.size());
diff --git a/liblas-gdal3.patch b/liblas-gdal3.patch
new file mode 100644
index 0000000..8f5917e
--- /dev/null
+++ b/liblas-gdal3.patch
@@ -0,0 +1,28 @@
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/gt_wkt_srs.cpp libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/gt_wkt_srs.cpp
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/src/gt_wkt_srs.cpp 2020-04-05 18:40:29.000000000 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/src/gt_wkt_srs.cpp 2020-06-08 11:37:26.763016762 +0200
+#@@ -299,7 +299,6 @@ char *GTIFGetOGISDefn( GTIF *hGTIF, GTIF
+# oSRS.SetFromUserInput(pszWKT);
+# oSRS.SetExtension( "PROJCS", "PROJ4",
+# "+proj=merc +a=6378137 +b=6378137 +lat_ts=0.0 +lon_0=0.0 +x_0=0.0 +y_0=0 +k=1.0 +units=m +nadgrids=@null +wktext +no_defs" );
+#- oSRS.FixupOrdering();
+# CPLFree(pszWKT);
+# pszWKT = NULL;
+# oSRS.exportToWkt(&pszWKT);
+@@ -505,7 +504,6 @@ char *GTIFGetOGISDefn( GTIF *hGTIF, GTIF
+ {
+ char *pszWKT;
+ oSRS.morphFromESRI();
+- oSRS.FixupOrdering();
+ if( oSRS.exportToWkt( &pszWKT ) == OGRERR_NONE )
+ return pszWKT;
+ }
+@@ -1107,8 +1105,6 @@ char *GTIFGetOGISDefn( GTIF *hGTIF, GTIF
+ /* ==================================================================== */
+ char *pszWKT;
+
+- oSRS.FixupOrdering();
+-
+ if( oSRS.exportToWkt( &pszWKT ) == OGRERR_NONE )
+ return pszWKT;
+ else
diff --git a/liblas-pkgconfig.patch b/liblas-pkgconfig.patch
new file mode 100644
index 0000000..5ee8601
--- /dev/null
+++ b/liblas-pkgconfig.patch
@@ -0,0 +1,23 @@
+diff -rupN --no-dereference libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/apps/CMakeLists.txt libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/apps/CMakeLists.txt
+--- libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8/apps/CMakeLists.txt 2020-04-05 18:40:29.000000000 +0200
++++ libLAS-d76a061f33a69a36ab116cd939c5d444b301efd8-new/apps/CMakeLists.txt 2020-06-08 11:37:26.939014590 +0200
+@@ -195,8 +195,8 @@ if(UNIX)
+ if(WITH_PKGCONFIG)
+
+ set(PKGCFG_PREFIX "${CMAKE_INSTALL_PREFIX}")
+- set(PKGCFG_INC_DIR "${LIBLAS_INCLUDE_SUBDIR}")
+- set(PKGCFG_LIB_DIR "${LIBLAS_LIB_SUBDIR}")
++ set(PKGCFG_INC_DIR "${CMAKE_INSTALL_PREFIX}/${LIBLAS_INCLUDE_SUBDIR}")
++ set(PKGCFG_LIB_DIR "${CMAKE_INSTALL_PREFIX}/${LIBLAS_LIB_SUBDIR}")
+ set(PKGCFG_REQUIRES "")
+ set(PKGCFG_VERSION ${VERSION})
+ set(PKGCFG_LINK_FLAGS "-llas -llas_c")
+@@ -205,7 +205,7 @@ if(UNIX)
+ set(PKGCFG_REQUIRES "${PKGCFG_REQUIRES} libxml-2.0")
+ endif()
+ if(GEOTIFF_FOUND)
+- set(PKGCFG_REQUIRES "${PKGCFG_REQUIRES} geotiff")
++ set(PKGCFG_REQUIRES "${PKGCFG_REQUIRES} libgeotiff")
+ endif()
+ # if(WITH_GDAL)
+ # set(PKGCFG_INC_DIR "${PKGCFG_INC_DIR} ${GDAL_INCLUDE_DIR}")
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/liblas.git/commitdiff/0e3a392df2ad7b73b47b95a779c22fa75e1af1db
More information about the pld-cvs-commit
mailing list