Openembedded Core Discussions
 help / color / mirror / Atom feed
* [PATCH 02/12] xserver-xorg: Upgrade 1.18.4 -> 1.19.0
From: Jussi Kukkonen @ 2016-12-12 10:11 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1481536730.git.jussi.kukkonen@intel.com>

* xserver depends on xfont2 now.
* xwayland support requires wayland-scanner: Add patch to find
  wayland-scanner and protocol files while cross-compiling.
* patch MONOTONIC_CLOCK check so it works when cross-compiling
  (otherwise we always end with no monotonic clock and xwayland
  compile fails)

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
---
 .../recipes-graphics/xorg-xserver/xserver-xorg.inc |  5 +-
 ...onfigure.ac-Fix-check-for-CLOCK_MONOTONIC.patch | 61 ++++++++++++++++++++++
 ...c-Fix-wayland-scanner-and-protocols-locat.patch | 38 ++++++++++++++
 ...erver-xorg_1.18.4.bb => xserver-xorg_1.19.0.bb} |  9 ++--
 4 files changed, 108 insertions(+), 5 deletions(-)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_1.18.4.bb => xserver-xorg_1.19.0.bb} (70%)

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 269fa63..400502f 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -27,7 +27,7 @@ inherit distro_features_check
 REQUIRED_DISTRO_FEATURES = "x11"
 
 PROTO_DEPS = "randrproto renderproto fixesproto damageproto xextproto xproto xf86dgaproto xf86miscproto xf86vidmodeproto compositeproto recordproto resourceproto videoproto scrnsaverproto  xineramaproto fontsproto kbproto inputproto bigreqsproto xcmiscproto presentproto"
-LIB_DEPS = "pixman libxfont xtrans libxau libxext libxdmcp libdrm libxkbfile libpciaccess"
+LIB_DEPS = "pixman libxfont2 xtrans libxau libxext libxdmcp libdrm libxkbfile libpciaccess"
 DEPENDS = "${PROTO_DEPS} ${LIB_DEPS} font-util"
 
 # Split out some modules and extensions from the main package
@@ -117,6 +117,7 @@ EXTRA_OECONF += "--with-fop=no \
                  --sysconfdir=/etc/X11 \
                  --localstatedir=/var \
                  --with-xkb-output=/var/lib/xkb \
+                 WAYLAND_PROTOCOLS_SYSROOT_DIR=${STAGING_DIR}/${MACHINE} \
 "
 
 PACKAGECONFIG ??= "dri2 udev ${XORG_CRYPTO} \
@@ -138,7 +139,7 @@ PACKAGECONFIG[xmlto] = "--with-xmlto, --without-xmlto, xmlto-native docbook-xml-
 PACKAGECONFIG[systemd-logind] = "--enable-systemd-logind=yes,--enable-systemd-logind=no,dbus,"
 PACKAGECONFIG[systemd] = "--with-systemd-daemon,--without-systemd-daemon,systemd"
 PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,xineramaproto"
-PACKAGECONFIG[xwayland] = "--enable-xwayland,--disable-xwayland,wayland libepoxy"
+PACKAGECONFIG[xwayland] = "--enable-xwayland,--disable-xwayland,wayland wayland-native wayland-protocols libepoxy"
 
 # Xorg requires a SHA1 implementation, pick one
 XORG_CRYPTO ??= "openssl"
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch
new file mode 100644
index 0000000..16ec3ed
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch
@@ -0,0 +1,61 @@
+Discover monotonic clock using compile-time check
+
+monotonic clock check does not work when cross-compiling.
+
+Upstream-Status: Denied [Does not work on OpenBSD]
+Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
+
+
+
+Original patch follows:
+
+When xorg-xserver is being cross-compiled, there is currently no way
+for us to detect whether the monotonic clock is available on the
+target system, because we aren't able to run a test program on the host
+system. Currently, in this situation, we default to not use the
+monotonic clock. One problem with this situation is that the user will
+be treated as idle when the date is updated.
+
+To fix this situation, we now use a compile-time check to detect whether the
+monotonic clock is available. This check can run just fine when we are
+cross-compiling.
+
+Signed-off-by: David James <davidjames at google.com>
+---
+ configure.ac | 17 +++++++----------
+ 1 file changed, 7 insertions(+), 10 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index f7ab48c..26e85cd 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1048,19 +1048,16 @@ if ! test "x$have_clock_gettime" = xno; then
+         CPPFLAGS="$CPPFLAGS -D_POSIX_C_SOURCE=200112L"
+     fi
+ 
+-    AC_RUN_IFELSE([AC_LANG_SOURCE([
++    AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
+ #include <time.h>
+-
+-int main(int argc, char *argv[[]]) {
+-    struct timespec tp;
+-
+-    if (clock_gettime(CLOCK_MONOTONIC, &tp) == 0)
++#include <unistd.h>
++int main() {
++#if !(defined(_POSIX_MONOTONIC_CLOCK) && _POSIX_MONOTONIC_CLOCK >= 0 && defined(CLOCK_MONOTONIC))
++        #error No monotonic clock
++#endif
+         return 0;
+-    else
+-        return 1;
+ }
+-    ])], [MONOTONIC_CLOCK=yes], [MONOTONIC_CLOCK=no],
+-       [MONOTONIC_CLOCK="cross compiling"])
++]])],[MONOTONIC_CLOCK=yes], [MONOTONIC_CLOCK=no])
+ 
+     LIBS="$LIBS_SAVE"
+     CPPFLAGS="$CPPFLAGS_SAVE"
+-- 
+2.1.4
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch
new file mode 100644
index 0000000..eafd07a
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch
@@ -0,0 +1,38 @@
+From 963428f914c42270d3312d4f0c0840565521534e Mon Sep 17 00:00:00 2001
+From: Jussi Kukkonen <jussi.kukkonen@intel.com>
+Date: Wed, 16 Nov 2016 00:41:51 +0200
+Subject: [PATCH 2/2] configure.ac: Fix wayland-scanner and protocols locations
+
+We want to use the wayland-scanner in path (native sysroot)
+instead of using pkg-config which gives us target paths.
+
+The protocols paths on the other hand need to be prefixed with the
+(allarch) sysroot because, again, pkg-config gives us target paths.
+
+Upstream-Status: Inappropriate [embedded specific]
+Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
+---
+ configure.ac | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 58f1567..383a7df 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -2525,11 +2525,9 @@ if test "x$XWAYLAND" = xyes; then
+ 		AC_MSG_ERROR([Xwayland requires CLOCK_MONOTONIC support.])
+ 	fi
+ 
+-	WAYLAND_PREFIX=`$PKG_CONFIG --variable=prefix wayland-client`
+-	AC_PATH_PROG([WAYLAND_SCANNER], [wayland-scanner],,
+-		     [${WAYLAND_PREFIX}/bin$PATH_SEPARATOR$PATH])
++	AC_PATH_PROG([WAYLAND_SCANNER], [wayland-scanner])
+ 
+-	AC_SUBST(WAYLAND_PROTOCOLS_DATADIR, `$PKG_CONFIG --variable=pkgdatadir wayland-protocols`)
++	AC_SUBST(WAYLAND_PROTOCOLS_DATADIR, ${WAYLAND_PROTOCOLS_SYSROOT_DIR}`$PKG_CONFIG --variable=pkgdatadir wayland-protocols`)
+ fi
+ 
+ 
+-- 
+2.1.4
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.18.4.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.0.bb
similarity index 70%
rename from meta/recipes-graphics/xorg-xserver/xserver-xorg_1.18.4.bb
rename to meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.0.bb
index 6700565..8725382 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.18.4.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.19.0.bb
@@ -1,8 +1,11 @@
 require xserver-xorg.inc
 
-SRC_URI += "file://musl-arm-inb-outb.patch"
-SRC_URI[md5sum] = "d4842dfe3bd9a9d062f2fa1df9104a46"
-SRC_URI[sha256sum] = "278459b2c31d61a15655d95a72fb79930c480a6bb8cf9226e48a07df8b1d31c8"
+SRC_URI += "file://musl-arm-inb-outb.patch \
+            file://0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch \
+            file://0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch \
+            "
+SRC_URI[md5sum] = "6a4d01e4e5047ab8f556960424ba1fa9"
+SRC_URI[sha256sum] = "149a708b50befc2d5a40b98d45ddd2ebe0beec018e6d0c663c43bad6210e4da3"
 
 # These extensions are now integrated into the server, so declare the migration
 # path for in-place upgrades.
-- 
2.1.4



^ permalink raw reply related

* [PATCH 00/12] Xorg 1.19 and related driver updates
From: Jussi Kukkonen @ 2016-12-12 10:11 UTC (permalink / raw)
  To: openembedded-core

Fairly large xorg release (it's been more than a year since 1.18), with
input and video ABI breaks.

xfont2 is what xfont is now called: it's got a new API and it is
parallel installable with the old one.

Almost all of the driver updates are required because of the ABI
changes. I've removed some git xorg driver recipes that haven't been
touched in ages.


Thanks,
  Jussi



The following changes since commit 36e178a62f04e7f2611b26964efe46b9af97189a:

  linux-yocto: Update genericx86* SRCREVs for linux-yocto 4.8 (2016-12-09 08:54:07 +0000)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib jku/xorg19
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=jku/xorg19

Jussi Kukkonen (12):
  libxfont2: Add recipe
  xserver-xorg: Upgrade 1.18.4 -> 1.19.0
  xf86-input-evdev: Upgrade 2.10.3 -> 2.10.4
  xf86-input-keyboard: Upgrade 1.8.1 -> 1.9.0
  xf86-input-keyboard: Remove git recipe
  xf86-input-mouse: Upgrade 1.9.1 -> 1.9.2
  xf86-input-mouse: Remove git recipe
  xf86-input-synaptics: Upgrade 1.8.3 -> 1.9.0
  xf86-input-synaptics: Remove git recipe
  xf86-video-omap: Upgrade 0.4.4 -> 0.4.5
  xf86-video-vmware: Upgrade 13.1.0 -> 13.2.1
  xf86-input-libinput: Upgrade 0.22 -> 0.23

 ...-evdev_2.10.3.bb => xf86-input-evdev_2.10.4.bb} |  4 +-
 ...board_1.8.1.bb => xf86-input-keyboard_1.9.0.bb} |  4 +-
 .../xorg-driver/xf86-input-keyboard_git.bb         | 16 ------
 ...put_0.22.0.bb => xf86-input-libinput_0.23.0.bb} |  4 +-
 ...ut-mouse_1.9.1.bb => xf86-input-mouse_1.9.2.bb} |  5 +-
 .../xorg-driver/xf86-input-mouse_git.bb            | 18 -------
 ...tics_1.8.3.bb => xf86-input-synaptics_1.9.0.bb} |  4 +-
 .../xorg-driver/xf86-input-synaptics_git.bb        | 18 -------
 ...ideo-omap_0.4.4.bb => xf86-video-omap_0.4.5.bb} |  4 +-
 .../0002-add-option-for-vmwgfx.patch               | 37 +++++++------
 ...mware_13.1.0.bb => xf86-video-vmware_13.2.1.bb} |  4 +-
 meta/recipes-graphics/xorg-lib/libxfont2_2.0.1.bb  | 22 ++++++++
 .../recipes-graphics/xorg-xserver/xserver-xorg.inc |  5 +-
 ...onfigure.ac-Fix-check-for-CLOCK_MONOTONIC.patch | 61 ++++++++++++++++++++++
 ...c-Fix-wayland-scanner-and-protocols-locat.patch | 38 ++++++++++++++
 ...erver-xorg_1.18.4.bb => xserver-xorg_1.19.0.bb} |  9 ++--
 16 files changed, 165 insertions(+), 88 deletions(-)
 rename meta/recipes-graphics/xorg-driver/{xf86-input-evdev_2.10.3.bb => xf86-input-evdev_2.10.4.bb} (83%)
 rename meta/recipes-graphics/xorg-driver/{xf86-input-keyboard_1.8.1.bb => xf86-input-keyboard_1.9.0.bb} (73%)
 delete mode 100644 meta/recipes-graphics/xorg-driver/xf86-input-keyboard_git.bb
 rename meta/recipes-graphics/xorg-driver/{xf86-input-libinput_0.22.0.bb => xf86-input-libinput_0.23.0.bb} (63%)
 rename meta/recipes-graphics/xorg-driver/{xf86-input-mouse_1.9.1.bb => xf86-input-mouse_1.9.2.bb} (76%)
 delete mode 100644 meta/recipes-graphics/xorg-driver/xf86-input-mouse_git.bb
 rename meta/recipes-graphics/xorg-driver/{xf86-input-synaptics_1.8.3.bb => xf86-input-synaptics_1.9.0.bb} (79%)
 delete mode 100644 meta/recipes-graphics/xorg-driver/xf86-input-synaptics_git.bb
 rename meta/recipes-graphics/xorg-driver/{xf86-video-omap_0.4.4.bb => xf86-video-omap_0.4.5.bb} (89%)
 rename meta/recipes-graphics/xorg-driver/{xf86-video-vmware_13.1.0.bb => xf86-video-vmware_13.2.1.bb} (78%)
 create mode 100644 meta/recipes-graphics/xorg-lib/libxfont2_2.0.1.bb
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-configure.ac-Fix-check-for-CLOCK_MONOTONIC.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0002-configure.ac-Fix-wayland-scanner-and-protocols-locat.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_1.18.4.bb => xserver-xorg_1.19.0.bb} (70%)

-- 
2.1.4



^ permalink raw reply

* Re: [PATCH] glibc: add -fno-builtin-strlen when not using -O2
From: Andre McCurdy @ 2016-12-12  9:54 UTC (permalink / raw)
  To: Huang, Jie (Jackie); +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <1B858668EC6A94408DCA5225FDFA85AA013DE49043@ALA-MBA.corp.ad.wrs.com>

On Sun, Dec 11, 2016 at 11:41 PM, Huang, Jie (Jackie)
<Jackie.Huang@windriver.com> wrote:
>> -----Original Message-----
>> From: Khem Raj [mailto:raj.khem@gmail.com]
>> Sent: Monday, December 12, 2016 2:37 PM
>> To: Huang, Jie (Jackie)
>> Cc: Patches and discussions about the oe-core layer
>> Subject: Re: [OE-core] [PATCH] glibc: add -fno-builtin-strlen when not using -O2
>>
>> On Sun, Dec 11, 2016 at 9:42 PM,  <jackie.huang@windriver.com> wrote:
>> > From: Jackie Huang <jackie.huang@windriver.com>
>> >
>> > The strlen will be inlined when compile with -O, -O1 or -Os,
>> > so there is no symbol for strlen in ld-linux-x86-64.so.2,
>> > causing a fatal error in valgrind:
>> >
>> > valgrind: Fatal error at startup: a function redirection
>> > valgrind: which is mandatory for this platform-tool combination
>> > valgrind: cannot be set up. Details of the redirection are:
>> > valgrind:
>> > valgrind: A must-be-redirected function
>> > valgrind: whose name matches the pattern: strlen
>> > valgrind: in an object with soname matching: ld-linux-x86-64.so.2
>> >
>> > so add -fno-builtin-strlen when compile with -O, -O1 or -Os.
>>
>> This is a bug in valgrind, I read the same on forums. KDE has proposed a fix
>> https://bugsfiles.kde.org/attachment.cgi?id=82043
>> can you check if this fixes the issue
>
> Thanks, I will check that and change to patch for valgrind if it works.

For reference, here's the patch I've been using. It's a slightly more
generic fix than the one in the KDE bug report.

diff --git a/coregrind/m_redir.c b/coregrind/m_redir.c
index 7e4df8d..640a346 100644
--- a/coregrind/m_redir.c
+++ b/coregrind/m_redir.c
@@ -1220,7 +1220,18 @@ static void add_hardwired_spec (const  HChar*
sopatt, const HChar* fnpatt,
    spec->from_fnpatt = CONST_CAST(HChar *,fnpatt);
    spec->to_addr     = to_addr;
    spec->isWrap      = False;
-   spec->mandatory   = mandatory;
+
+   /* Hack: Depending on how glibc was compiled (e.g. optimised for size or
+      built with _FORTIFY_SOURCE enabled) the strlen symbol might not be found.
+      Therefore although we should still try to intercept it, don't make it
+      mandatory to do so. We over-ride "mandatory" here to avoid the need to
+      patch the many different architecture specific callers to
+      add_hardwired_spec(). */
+   if (0==VG_(strcmp)("strlen", fnpatt))
+      spec->mandatory = NULL;
+   else
+      spec->mandatory = mandatory;
+
    /* VARIABLE PARTS */
    spec->mark        = False; /* not significant */
    spec->done        = False; /* not significant */


^ permalink raw reply related

* Re: [PATCH 3/4] initscripts: support persistent /var/log
From: Patrick Ohly @ 2016-12-12  8:05 UTC (permalink / raw)
  To: Chen Qi; +Cc: openembedded-core
In-Reply-To: <4d5b1453815a0fe2389ced2a0a152249b3a97e62.1479809328.git.Qi.Chen@windriver.com>

On Tue, 2016-11-22 at 18:10 +0800, Chen Qi wrote:
> ${WORKDIR}/volatiles         ${D}${sysconfdir}/default/volatiles/00_core
> +       if [ "${VOLATILE_LOG_DIR}" = "log" ]; then
> +               echo "l root root 0755 /var/log /var/volatile/log" >>
> ${D}${sysconfdir}/default/volatiles/00_core
> +       fi

Why are you checking for "log" here? I thought VOLATILE_LOG_DIR was
supposed to be a boolean?

Using oe.types.boolean in shell code is a bit awkward, but would be
necessary for the sake of consistency when allowing VOLATILE_LOG_DIR to
have more than just yes/no. Untested (relies on bool->str conversion):

if [ ${@ oe.types.boolean('${VOLATILE_LOG_DIR}') } = True ]; then

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.





^ permalink raw reply

* Re: [PATCH 2/4] base-files: respect VOLATILE_LOG_DIR
From: Patrick Ohly @ 2016-12-12  8:01 UTC (permalink / raw)
  To: Chen Qi; +Cc: openembedded-core
In-Reply-To: <ab38ee33f9231e77d0ce97eb56809c4e3eac4855.1479809328.git.Qi.Chen@windriver.com>

On Tue, 2016-11-22 at 18:10 +0800, Chen Qi wrote:
> -           ${localstatedir}/volatile/log \
> +           ${localstatedir}/${@['',
> 'volatile/'][d.getVar('VOLATILE_LOG_DIR', True) == 'yes']}log \

I find the "if/else" expression easier to read, there's no need for an
explicit d.getVar(), and there's an utility method for variables which
are meant to be booleans:
   ${@ 'volatile/' if oe.types.boolean('${VOLATILE_LOG_DIR'}) else '' }

Using the utility function ensures that typos are caught and allows
several other values besides yes/no.

The change itself of course works either way. Just my 2 cents ;-}

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.





^ permalink raw reply

* Re: [PATCH 1/1] Use weak assignment for SERIAL_CONSOLES in qemu configuration files
From: ChenQi @ 2016-12-12  7:56 UTC (permalink / raw)
  To: Robert P. J. Day; +Cc: openembedded-core
In-Reply-To: <alpine.LFD.2.20.1612090255100.13215@localhost.localdomain>

On 12/09/2016 03:55 PM, Robert P. J. Day wrote:
> On Fri, 9 Dec 2016, Chen Qi wrote:
>
>> Use weak assignment for SERIAL_CONSOLES in qemu configuration files so that
>> the value could serve as a default value and could be easily overridden in
>> configuration files like local.conf.
>>
>> When using the default value for SERAIL_CONSOLES in qemux86-64,we would have
>                                     ^^^^^^
>
>
> rday
>
Thanks for spotting this.

I've fixed the typo and updated the remote repo.

   git://git.openembedded.org/openembedded-core-contrib ChenQi/qemu-console
   http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=ChenQi/qemu-console

Best Regards,

Chen Qi



^ permalink raw reply

* Re: [PATCH] glibc: add -fno-builtin-strlen when not using -O2
From: Huang, Jie (Jackie) @ 2016-12-12  7:41 UTC (permalink / raw)
  To: Khem Raj; +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <CAMKF1sqm-YotzrkeqvvLr5MQsPNoiN6W2y_UhfYkx-dJWR66Fw@mail.gmail.com>



> -----Original Message-----
> From: Khem Raj [mailto:raj.khem@gmail.com]
> Sent: Monday, December 12, 2016 2:37 PM
> To: Huang, Jie (Jackie)
> Cc: Patches and discussions about the oe-core layer
> Subject: Re: [OE-core] [PATCH] glibc: add -fno-builtin-strlen when not using -O2
> 
> On Sun, Dec 11, 2016 at 9:42 PM,  <jackie.huang@windriver.com> wrote:
> > From: Jackie Huang <jackie.huang@windriver.com>
> >
> > The strlen will be inlined when compile with -O, -O1 or -Os,
> > so there is no symbol for strlen in ld-linux-x86-64.so.2,
> > causing a fatal error in valgrind:
> >
> > valgrind: Fatal error at startup: a function redirection
> > valgrind: which is mandatory for this platform-tool combination
> > valgrind: cannot be set up. Details of the redirection are:
> > valgrind:
> > valgrind: A must-be-redirected function
> > valgrind: whose name matches the pattern: strlen
> > valgrind: in an object with soname matching: ld-linux-x86-64.so.2
> >
> > so add -fno-builtin-strlen when compile with -O, -O1 or -Os.
> 
> This is a bug in valgrind, I read the same on forums. KDE has proposed a fix
> https://bugsfiles.kde.org/attachment.cgi?id=82043
> can you check if this fixes the issue

Thanks, I will check that and change to patch for valgrind if it works.

Thanks,
Jackie

> 
> >
> > Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
> > ---
> >  meta/recipes-core/glibc/glibc.inc | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/meta/recipes-core/glibc/glibc.inc b/meta/recipes-core/glibc/glibc.inc
> > index e85c704..7f3e0f6 100644
> > --- a/meta/recipes-core/glibc/glibc.inc
> > +++ b/meta/recipes-core/glibc/glibc.inc
> > @@ -16,8 +16,8 @@ python () {
> >      if opt_effective == "-O0":
> >          bb.fatal("%s can't be built with %s, try -O1 instead" % (d.getVar('PN', True), opt_effective))
> >      if opt_effective in ("-O", "-O1", "-Os"):
> > -        bb.note("%s doesn't build cleanly with %s, adding -Wno-error to SELECTED_OPTIMIZATION" %
> (d.getVar('PN', True), opt_effective))
> > -        d.appendVar("SELECTED_OPTIMIZATION", " -Wno-error")
> > +        bb.note("%s doesn't build cleanly with %s, adding -Wno-error and -fno-builtin-strlen to
> SELECTED_OPTIMIZATION" % (d.getVar('PN', True), opt_effective))
> > +        d.appendVar("SELECTED_OPTIMIZATION", " -Wno-error -fno-builtin-strlen")
> >  }
> >
> >  # siteconfig.bbclass runs configure which needs a working compiler
> > --
> > 2.8.3
> >
> > --
> > _______________________________________________
> > Openembedded-core mailing list
> > Openembedded-core@lists.openembedded.org
> > http://lists.openembedded.org/mailman/listinfo/openembedded-core

^ permalink raw reply

* Re: [PATCH] xkeyboard-config: 2.18 -> 2.19
From: Khem Raj @ 2016-12-12  7:35 UTC (permalink / raw)
  To: Jussi Kukkonen; +Cc: OE-core
In-Reply-To: <CAHiDW_F_o8X6B6y4JuLBMKUnLmhXqREnD1tJObDZCUPTedyE5w@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 5975 bytes --]


> On Dec 7, 2016, at 3:20 AM, Jussi Kukkonen <jussi.kukkonen@intel.com> wrote:
> 
> Since you're already resending: please set "diff.renames" in your git configuration to get smaller diffs.
> Example from my ~/.gitconfig:
> 
> [diff]
>         renames = true

if you want to do this, then its better to set renames = copies
since many a times we rename recipes when upgrading this comes quite handy


> 
> 
> Thanks,
>   Jussi
> 
> 
> On 7 December 2016 at 13:05, Burton, Ross <ross.burton@intel.com <mailto:ross.burton@intel.com>> wrote:
> Can you resend with a proper From: address please not just root?
> 
> Ross
> 
> On 7 December 2016 at 10:33, root <zhengrq.fnst@cn.fujitsu.com <mailto:zhengrq.fnst@cn.fujitsu.com>> wrote:
> Upgrade xkeyboard-config from 2.18 to 2.19
> 
> Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com <mailto:zhengrq.fnst@cn.fujitsu.com>>
> ---
>  .../xorg-lib/xkeyboard-config_2.18.bb <http://xkeyboard-config_2.18.bb/>              | 31 ----------------------
>  .../xorg-lib/xkeyboard-config_2.19.bb <http://xkeyboard-config_2.19.bb/>              | 31 ++++++++++++++++++++++
>  2 files changed, 31 insertions(+), 31 deletions(-)
>  delete mode 100644 meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb <http://xkeyboard-config_2.18.bb/>
>  create mode 100644 meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb <http://xkeyboard-config_2.19.bb/>
> 
> diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb <http://xkeyboard-config_2.18.bb/> b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb <http://xkeyboard-config_2.18.bb/>
> deleted file mode 100644
> index 79fcbd8..0000000
> --- a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb <http://xkeyboard-config_2.18.bb/>
> +++ /dev/null
> @@ -1,31 +0,0 @@
> -SUMMARY = "Keyboard configuration database for X Window"
> -
> -DESCRIPTION = "The non-arch keyboard configuration database for X \
> -Window.  The goal is to provide the consistent, well-structured, \
> -frequently released open source of X keyboard configuration data for X \
> -Window System implementations.  The project is targeted to XKB-based \
> -systems."
> -
> -HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig <http://freedesktop.org/wiki/Software/XKeyboardConfig>"
> -BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=xkeyboard-config <https://bugs.freedesktop.org/enter_bug.cgi?product=xkeyboard-config>"
> -
> -LICENSE = "MIT & MIT-style"
> -LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
> -
> -SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-${PV}.tar.bz2"
> -SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
> -SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a6ada824fdd1e9684b52dd48c9530617ddd0"
> -
> -SECTION = "x11/libs"
> -DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
> -
> -EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
> -
> -FILES_${PN} += "${datadir}/X11/xkb"
> -
> -inherit autotools pkgconfig gettext
> -
> -do_install_append () {
> -    install -d ${D}${datadir}/X11/xkb/compiled
> -    cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
> -}
> diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb <http://xkeyboard-config_2.19.bb/> b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb <http://xkeyboard-config_2.19.bb/>
> new file mode 100644
> index 0000000..79fcbd8
> --- /dev/null
> +++ b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb <http://xkeyboard-config_2.19.bb/>
> @@ -0,0 +1,31 @@
> +SUMMARY = "Keyboard configuration database for X Window"
> +
> +DESCRIPTION = "The non-arch keyboard configuration database for X \
> +Window.  The goal is to provide the consistent, well-structured, \
> +frequently released open source of X keyboard configuration data for X \
> +Window System implementations.  The project is targeted to XKB-based \
> +systems."
> +
> +HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig <http://freedesktop.org/wiki/Software/XKeyboardConfig>"
> +BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=xkeyboard-config <https://bugs.freedesktop.org/enter_bug.cgi?product=xkeyboard-config>"
> +
> +LICENSE = "MIT & MIT-style"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
> +
> +SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-${PV}.tar.bz2"
> +SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
> +SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a6ada824fdd1e9684b52dd48c9530617ddd0"
> +
> +SECTION = "x11/libs"
> +DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
> +
> +EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
> +
> +FILES_${PN} += "${datadir}/X11/xkb"
> +
> +inherit autotools pkgconfig gettext
> +
> +do_install_append () {
> +    install -d ${D}${datadir}/X11/xkb/compiled
> +    cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
> +}
> --
> 2.7.4
> 
> 
> 
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org <mailto:Openembedded-core@lists.openembedded.org>
> http://lists.openembedded.org/mailman/listinfo/openembedded-core <http://lists.openembedded.org/mailman/listinfo/openembedded-core>
> 
> 
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org <mailto:Openembedded-core@lists.openembedded.org>
> http://lists.openembedded.org/mailman/listinfo/openembedded-core <http://lists.openembedded.org/mailman/listinfo/openembedded-core>
> 
> 
> -- 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core


[-- Attachment #2: Type: text/html, Size: 10807 bytes --]

^ permalink raw reply

* Re: [PATCH] libpcap: Disable exposed bits of WinPCAP remote capture support
From: Lei, Maohui @ 2016-12-12  6:55 UTC (permalink / raw)
  To: openembedded-core@lists.openembedded.org
In-Reply-To: <1479838559-24993-1-git-send-email-fabio.berton@ossystems.com.br>

Hi all

I met the same issue when I build wireshark comes from meta-oe.
Why this patch hasn't been merged yet?

Best regards
Lei


> -----Original Message-----
> From: openembedded-core-bounces@lists.openembedded.org [mailto:openembedded-
> core-bounces@lists.openembedded.org] On Behalf Of Fabio Berton
> Sent: Wednesday, November 23, 2016 2:16 AM
> To: openembedded-core@lists.openembedded.org
> Subject: [OE-core] [PATCH] libpcap: Disable exposed bits of WinPCAP remote
> capture support
> 
> Disable bits of remote capture support inherited from the WinPCAP merge which
> cause applications to fails to build if they define HAVE_REMOTE.
> 
> Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
> ---
>  .../libpcap/libpcap/disable-remote.patch           | 36 ++++++++++++++++++++++
>  meta/recipes-connectivity/libpcap/libpcap_1.8.1.bb |  1 +
>  2 files changed, 37 insertions(+)
>  create mode 100644 meta/recipes-connectivity/libpcap/libpcap/disable-
> remote.patch
> 
> diff --git a/meta/recipes-connectivity/libpcap/libpcap/disable-remote.patch
> b/meta/recipes-connectivity/libpcap/libpcap/disable-remote.patch
> new file mode 100644
> index 0000000..7e1eea6
> --- /dev/null
> +++ b/meta/recipes-connectivity/libpcap/libpcap/disable-remote.patch
> @@ -0,0 +1,36 @@
> +Disable bits of remote capture support inherited from the WinPCAP merge
> +which cause applications to FTBFS if they define HAVE_REMOTE.
> +
> +Patch from:
> +https://anonscm.debian.org/cgit/users/rfrancoise/libpcap.git/commit/?
> +id=f35949969269dfdcc3549b12fade604755e1e326
> +
> +Upstream-Status: Pending
> +
> +--- a/pcap/pcap.h
> ++++ b/pcap/pcap.h
> +@@ -506,6 +506,11 @@
> +   #define MODE_STAT 1
> +   #define MODE_MON 2
> +
> ++#ifdef HAVE_REMOTE
> ++  /* Includes most of the public stuff that is needed for the remote
> ++capture */
> ++  #include <remote-ext.h>
> ++#endif	 /* HAVE_REMOTE */
> ++
> + #elif defined(MSDOS)
> +
> +   /*
> +@@ -526,11 +531,6 @@
> +
> + #endif /* _WIN32/MSDOS/UN*X */
> +
> +-#ifdef HAVE_REMOTE
> +-  /* Includes most of the public stuff that is needed for the remote
> +capture */
> +-  #include <remote-ext.h>
> +-#endif	 /* HAVE_REMOTE */
> +-
> + #ifdef __cplusplus
> + }
> + #endif
> +
> diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.8.1.bb b/meta/recipes-
> connectivity/libpcap/libpcap_1.8.1.bb
> index 9072fe0..8ce18e5 100644
> --- a/meta/recipes-connectivity/libpcap/libpcap_1.8.1.bb
> +++ b/meta/recipes-connectivity/libpcap/libpcap_1.8.1.bb
> @@ -2,6 +2,7 @@ require libpcap.inc
> 
>  SRC_URI += " \
>      file://libpcap-pkgconfig-support.patch \
> +    file://disable-remote.patch \
>  "
> 
>  SRC_URI[md5sum] = "3d48f9cd171ff12b0efd9134b52f1447"
> --
> 2.1.4
> 
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
> 




^ permalink raw reply

* Re: [PATCH] glibc: add -fno-builtin-strlen when not using -O2
From: Khem Raj @ 2016-12-12  6:37 UTC (permalink / raw)
  To: jhuang0; +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <20161212054215.20513-1-jackie.huang@windriver.com>

On Sun, Dec 11, 2016 at 9:42 PM,  <jackie.huang@windriver.com> wrote:
> From: Jackie Huang <jackie.huang@windriver.com>
>
> The strlen will be inlined when compile with -O, -O1 or -Os,
> so there is no symbol for strlen in ld-linux-x86-64.so.2,
> causing a fatal error in valgrind:
>
> valgrind: Fatal error at startup: a function redirection
> valgrind: which is mandatory for this platform-tool combination
> valgrind: cannot be set up. Details of the redirection are:
> valgrind:
> valgrind: A must-be-redirected function
> valgrind: whose name matches the pattern: strlen
> valgrind: in an object with soname matching: ld-linux-x86-64.so.2
>
> so add -fno-builtin-strlen when compile with -O, -O1 or -Os.

This is a bug in valgrind, I read the same on forums. KDE has proposed a fix
https://bugsfiles.kde.org/attachment.cgi?id=82043
can you check if this fixes the issue

>
> Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
> ---
>  meta/recipes-core/glibc/glibc.inc | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-core/glibc/glibc.inc b/meta/recipes-core/glibc/glibc.inc
> index e85c704..7f3e0f6 100644
> --- a/meta/recipes-core/glibc/glibc.inc
> +++ b/meta/recipes-core/glibc/glibc.inc
> @@ -16,8 +16,8 @@ python () {
>      if opt_effective == "-O0":
>          bb.fatal("%s can't be built with %s, try -O1 instead" % (d.getVar('PN', True), opt_effective))
>      if opt_effective in ("-O", "-O1", "-Os"):
> -        bb.note("%s doesn't build cleanly with %s, adding -Wno-error to SELECTED_OPTIMIZATION" % (d.getVar('PN', True), opt_effective))
> -        d.appendVar("SELECTED_OPTIMIZATION", " -Wno-error")
> +        bb.note("%s doesn't build cleanly with %s, adding -Wno-error and -fno-builtin-strlen to SELECTED_OPTIMIZATION" % (d.getVar('PN', True), opt_effective))
> +        d.appendVar("SELECTED_OPTIMIZATION", " -Wno-error -fno-builtin-strlen")
>  }
>
>  # siteconfig.bbclass runs configure which needs a working compiler
> --
> 2.8.3
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core


^ permalink raw reply

* [PATCH 2/2] ltp/posix: replace CWD with PWD
From: jackie.huang @ 2016-12-12  5:59 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1481522082.git.jackie.huang@windriver.com>

From: Jackie Huang <jackie.huang@windriver.com>

Backport a patch to replace CWD with PWD to avoid
error messages in test results:

basename: missing operand
Try 'basename --help' for more information.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
 ...ix-option-group-test-replace-CWD-qith-PWD.patch | 44 ++++++++++++++++++++++
 meta/recipes-extended/ltp/ltp_20160126.bb          |  1 +
 2 files changed, 45 insertions(+)
 create mode 100644 meta/recipes-extended/ltp/ltp/0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch

diff --git a/meta/recipes-extended/ltp/ltp/0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch b/meta/recipes-extended/ltp/ltp/0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch
new file mode 100644
index 0000000..8034152
--- /dev/null
+++ b/meta/recipes-extended/ltp/ltp/0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch
@@ -0,0 +1,44 @@
+From f356775c400f40e3803d80a7bd295b4265959c45 Mon Sep 17 00:00:00 2001
+From: Vineet Gupta <Vineet.Gupta1@synopsys.com>
+Date: Mon, 29 Feb 2016 14:34:40 +0530
+Subject: [PATCH] run-posix-option-group-test: replace CWD qith PWD
+
+When running LTP Open Posix Testsuite there is lot of messages as:
+
+| Usage: basename FILE [SUFFIX]
+|
+| Strip directory path and .SUFFIX from FILE
+|
+| *******************
+| Testing
+| *******************
+
+This is because there is no $CWD defined in shell and it looks like $PWD
+was intended instead.
+
+Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
+Signed-off-by: Cyril Hrubis <chrubis@suse.cz>
+
+Upstream-Status: Backport
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ testcases/open_posix_testsuite/bin/run-tests.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/testcases/open_posix_testsuite/bin/run-tests.sh b/testcases/open_posix_testsuite/bin/run-tests.sh
+index d4bd988..5ee5687 100755
+--- a/testcases/open_posix_testsuite/bin/run-tests.sh
++++ b/testcases/open_posix_testsuite/bin/run-tests.sh
+@@ -29,7 +29,7 @@ run_test_loop() {
+ 
+ 	cat <<EOF
+ *******************
+-Testing $(basename $CWD)
++Testing $(basename $PWD)
+ *******************
+ $(printf "PASS\t\t%3d" $NUM_PASS)
+ $(printf "FAIL\t\t%3d" $NUM_FAIL)
+-- 
+2.7.4
+
diff --git a/meta/recipes-extended/ltp/ltp_20160126.bb b/meta/recipes-extended/ltp/ltp_20160126.bb
index 841302b..6e2ceac 100644
--- a/meta/recipes-extended/ltp/ltp_20160126.bb
+++ b/meta/recipes-extended/ltp/ltp_20160126.bb
@@ -64,6 +64,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
            file://0035-fix-test_proc_kill-hang.patch \
            file://0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch \
            file://0037-containers-netns_netlink-Avoid-segmentation-fault.patch \
+           file://0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch \
            "
 
 S = "${WORKDIR}/git"
-- 
2.8.3



^ permalink raw reply related

* [PATCH 1/2] ltp: avoid segmentation fault in netns tests
From: jackie.huang @ 2016-12-12  5:59 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1481522082.git.jackie.huang@windriver.com>

From: Jackie Huang <jackie.huang@windriver.com>

* backport a patch to avoid segmentation
  fault in netns tests.

* rename previous patch to have ordered
  prefix number.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
 ...twork-nfsv4-acl-acl1.c-Security-fix-on-s.patch} |  0
 ...rs-netns_netlink-Avoid-segmentation-fault.patch | 50 ++++++++++++++++++++++
 meta/recipes-extended/ltp/ltp_20160126.bb          |  3 +-
 3 files changed, 52 insertions(+), 1 deletion(-)
 rename meta/recipes-extended/ltp/ltp/{0001-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch => 0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch} (100%)
 create mode 100644 meta/recipes-extended/ltp/ltp/0037-containers-netns_netlink-Avoid-segmentation-fault.patch

diff --git a/meta/recipes-extended/ltp/ltp/0001-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch b/meta/recipes-extended/ltp/ltp/0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch
similarity index 100%
rename from meta/recipes-extended/ltp/ltp/0001-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch
rename to meta/recipes-extended/ltp/ltp/0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch
diff --git a/meta/recipes-extended/ltp/ltp/0037-containers-netns_netlink-Avoid-segmentation-fault.patch b/meta/recipes-extended/ltp/ltp/0037-containers-netns_netlink-Avoid-segmentation-fault.patch
new file mode 100644
index 0000000..18d1f72
--- /dev/null
+++ b/meta/recipes-extended/ltp/ltp/0037-containers-netns_netlink-Avoid-segmentation-fault.patch
@@ -0,0 +1,50 @@
+From 193ce739b2a5174269a958b00c3a5590de944e0d Mon Sep 17 00:00:00 2001
+From: Huacai Chen <chenhc@lemote.com>
+Date: Thu, 27 Oct 2016 14:45:52 +0800
+Subject: [PATCH] containers/netns_netlink: Avoid segmentation fault
+
+In order to avoid segmentation fault (use NULL as a function pointer),
+this patch modify check_netns() by passing a dummy function pointer to
+do_clone_unshare_test().
+
+Signed-off-by: Huacai Chen <chenhc@lemote.com>
+Signed-off-by: Cyril Hrubis <chrubis@suse.cz>
+
+Upstream-Status: Backport
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ testcases/kernel/containers/netns/netns_helper.h | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/testcases/kernel/containers/netns/netns_helper.h b/testcases/kernel/containers/netns/netns_helper.h
+index 2a331ae..7df6dcb 100644
+--- a/testcases/kernel/containers/netns/netns_helper.h
++++ b/testcases/kernel/containers/netns/netns_helper.h
+@@ -56,6 +56,12 @@ static void check_iproute(unsigned int spe_ipver)
+ 	pclose(ipf);
+ }
+ 
++static int dummy(void *arg)
++{
++	(void) arg;
++	return 0;
++}
++
+ static void check_netns(void)
+ {
+ 	int pid, status;
+@@ -64,8 +70,8 @@ static void check_netns(void)
+ 		tst_brkm(TCONF | TERRNO, NULL, "CLONE_NEWNS (%d) not supported",
+ 			 CLONE_NEWNS);
+ 
+-	pid = do_clone_unshare_test(T_UNSHARE, CLONE_NEWNET | CLONE_NEWNS, NULL,
+-			NULL);
++	pid = do_clone_unshare_test(T_UNSHARE, CLONE_NEWNET | CLONE_NEWNS,
++	                            dummy, NULL);
+ 	if (pid == -1)
+ 		tst_brkm(TCONF | TERRNO, NULL,
+ 				"unshare syscall smoke test failed");
+-- 
+2.7.4
+
diff --git a/meta/recipes-extended/ltp/ltp_20160126.bb b/meta/recipes-extended/ltp/ltp_20160126.bb
index 7ee84e3..841302b 100644
--- a/meta/recipes-extended/ltp/ltp_20160126.bb
+++ b/meta/recipes-extended/ltp/ltp_20160126.bb
@@ -62,7 +62,8 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
            file://0033-shmat1-Cover-GNU-specific-code-under-__USE_GNU.patch \
            file://0034-periodic_output.patch \
            file://0035-fix-test_proc_kill-hang.patch \
-           file://0001-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch \
+           file://0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch \
+           file://0037-containers-netns_netlink-Avoid-segmentation-fault.patch \
            "
 
 S = "${WORKDIR}/git"
-- 
2.8.3



^ permalink raw reply related

* [PATCH 0/2] ltp/posix: backport two patches to fix some tests
From: jackie.huang @ 2016-12-12  5:59 UTC (permalink / raw)
  To: openembedded-core

From: Jackie Huang <jackie.huang@windriver.com>

--
The following changes since commit dae00fbb913c24b6bab00d5b99bd61f3455b4728:

  sdk-manual: Added note about nullpointer error for launch eclipse (2016-12-08 16:36:40 +0000)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib.git jhuang0/d_ltp_161212-0
  http://git.pokylinux.org/cgit.cgi//log/?h=jhuang0/d_ltp_161212-0

Jackie Huang (2):
  ltp: avoid segmentation fault in netns tests
  ltp/posix: replace CWD with PWD

 ...twork-nfsv4-acl-acl1.c-Security-fix-on-s.patch} |  0
 ...rs-netns_netlink-Avoid-segmentation-fault.patch | 50 ++++++++++++++++++++++
 ...ix-option-group-test-replace-CWD-qith-PWD.patch | 44 +++++++++++++++++++
 meta/recipes-extended/ltp/ltp_20160126.bb          |  4 +-
 4 files changed, 97 insertions(+), 1 deletion(-)
 rename meta/recipes-extended/ltp/ltp/{0001-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch => 0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch} (100%)
 create mode 100644 meta/recipes-extended/ltp/ltp/0037-containers-netns_netlink-Avoid-segmentation-fault.patch
 create mode 100644 meta/recipes-extended/ltp/ltp/0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch

-- 
2.8.3



^ permalink raw reply

* [PATCH] glibc: add -fno-builtin-strlen when not using -O2
From: jackie.huang @ 2016-12-12  5:42 UTC (permalink / raw)
  To: openembedded-core

From: Jackie Huang <jackie.huang@windriver.com>

The strlen will be inlined when compile with -O, -O1 or -Os,
so there is no symbol for strlen in ld-linux-x86-64.so.2,
causing a fatal error in valgrind:

valgrind: Fatal error at startup: a function redirection
valgrind: which is mandatory for this platform-tool combination
valgrind: cannot be set up. Details of the redirection are:
valgrind:
valgrind: A must-be-redirected function
valgrind: whose name matches the pattern: strlen
valgrind: in an object with soname matching: ld-linux-x86-64.so.2

so add -fno-builtin-strlen when compile with -O, -O1 or -Os.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
 meta/recipes-core/glibc/glibc.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/glibc/glibc.inc b/meta/recipes-core/glibc/glibc.inc
index e85c704..7f3e0f6 100644
--- a/meta/recipes-core/glibc/glibc.inc
+++ b/meta/recipes-core/glibc/glibc.inc
@@ -16,8 +16,8 @@ python () {
     if opt_effective == "-O0":
         bb.fatal("%s can't be built with %s, try -O1 instead" % (d.getVar('PN', True), opt_effective))
     if opt_effective in ("-O", "-O1", "-Os"):
-        bb.note("%s doesn't build cleanly with %s, adding -Wno-error to SELECTED_OPTIMIZATION" % (d.getVar('PN', True), opt_effective))
-        d.appendVar("SELECTED_OPTIMIZATION", " -Wno-error")
+        bb.note("%s doesn't build cleanly with %s, adding -Wno-error and -fno-builtin-strlen to SELECTED_OPTIMIZATION" % (d.getVar('PN', True), opt_effective))
+        d.appendVar("SELECTED_OPTIMIZATION", " -Wno-error -fno-builtin-strlen")
 }
 
 # siteconfig.bbclass runs configure which needs a working compiler
-- 
2.8.3



^ permalink raw reply related

* [PATCH v2] gcr: add missing dependencies for vapi
From: jackie.huang @ 2016-12-12  5:22 UTC (permalink / raw)
  To: openembedded-core

From: Jackie Huang <jackie.huang@windriver.com>

According to the vapi_DEPS definition:
gcr-3.vapi depends on gck-1.vapi,
gcr-ui-3.vapi depends on gck-1.vapi and gcr-3.vapi

But these dependencies are missing for the make targets,
so it will fail when build in parallel:
error: Package `gck-1' not found in specified Vala API directories or GObject-Introspection GIR directories
error: Package `gcr-3' not found in specified Vala API directories or GObject-Introspection GIR directories

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
 .../gcr-add-missing-dependencies-for-vapi.patch    | 51 ++++++++++++++++++++++
 meta/recipes-gnome/gcr/gcr_3.20.0.bb               |  2 +
 2 files changed, 53 insertions(+)
 create mode 100644 meta/recipes-gnome/gcr/files/gcr-add-missing-dependencies-for-vapi.patch

diff --git a/meta/recipes-gnome/gcr/files/gcr-add-missing-dependencies-for-vapi.patch b/meta/recipes-gnome/gcr/files/gcr-add-missing-dependencies-for-vapi.patch
new file mode 100644
index 0000000..a205429
--- /dev/null
+++ b/meta/recipes-gnome/gcr/files/gcr-add-missing-dependencies-for-vapi.patch
@@ -0,0 +1,51 @@
+From e7e0c56ca82031121f192f7f711b78418b154c9f Mon Sep 17 00:00:00 2001
+From: Jackie Huang <jackie.huang@windriver.com>
+Date: Mon, 28 Nov 2016 10:17:34 +0800
+Subject: [PATCH] gcr: add missing dependencies for vapi
+
+According to the vapi_DEPS definition:
+gcr-3.vapi depends on gck-1.vapi,
+gcr-ui-3.vapi depends on gck-1.vapi and gcr-3.vapi
+
+But these dependencies are missing for the make targets,
+so it will fail when build in parallel:
+error: Package `gck-1' not found in specified Vala API directories or GObject-Introspection GIR directories
+error: Package `gcr-3' not found in specified Vala API directories or GObject-Introspection GIR directories
+
+Upstream-Status: Submitted [https://bug775966.bugzilla-attachments.gnome.org/attachment.cgi?id=341791]
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ gcr/Makefile.am | 2 +-
+ ui/Makefile.am  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcr/Makefile.am b/gcr/Makefile.am
+index eda302f..6e78dba 100644
+--- a/gcr/Makefile.am
++++ b/gcr/Makefile.am
+@@ -221,7 +221,7 @@ gir_DATA += Gcr-@GCR_MAJOR@.gir
+ 
+ if ENABLE_VAPIGEN
+ 
+-gcr-@GCR_MAJOR@.vapi: Gcr-@GCR_MAJOR@.gir gcr/Gcr-@GCR_MAJOR@.metadata gcr-@GCR_MAJOR@.deps
++gcr-@GCR_MAJOR@.vapi: Gcr-@GCR_MAJOR@.gir gcr/Gcr-@GCR_MAJOR@.metadata gcr-@GCR_MAJOR@.deps gck-@GCK_MAJOR@.vapi
+ 
+ VAPIGEN_VAPIS += gcr-@GCR_MAJOR@.vapi
+ 
+diff --git a/ui/Makefile.am b/ui/Makefile.am
+index aa52476..6612f0d 100644
+--- a/ui/Makefile.am
++++ b/ui/Makefile.am
+@@ -160,7 +160,7 @@ gir_DATA += GcrUi-@GCR_MAJOR@.gir
+ 
+ if ENABLE_VAPIGEN
+ 
+-gcr-ui-@GCR_MAJOR@.vapi: GcrUi-@GCR_MAJOR@.gir ui/GcrUi-@GCR_MAJOR@.metadata gcr-ui-@GCR_MAJOR@.deps
++gcr-ui-@GCR_MAJOR@.vapi: GcrUi-@GCR_MAJOR@.gir ui/GcrUi-@GCR_MAJOR@.metadata gcr-ui-@GCR_MAJOR@.deps gck-@GCK_MAJOR@.vapi gcr-@GCR_MAJOR@.vapi
+ 
+ VAPIGEN_VAPIS += gcr-ui-@GCR_MAJOR@.vapi
+ 
+-- 
+2.8.3
+
diff --git a/meta/recipes-gnome/gcr/gcr_3.20.0.bb b/meta/recipes-gnome/gcr/gcr_3.20.0.bb
index b32a455..2088902 100644
--- a/meta/recipes-gnome/gcr/gcr_3.20.0.bb
+++ b/meta/recipes-gnome/gcr/gcr_3.20.0.bb
@@ -11,6 +11,8 @@ inherit autotools gnomebase gtk-icon-cache gtk-doc distro_features_check upstrea
 # depends on gtk+3, but also x11 through gtk+-x11
 REQUIRED_DISTRO_FEATURES = "x11"
 
+SRC_URI += "file://gcr-add-missing-dependencies-for-vapi.patch"
+
 SRC_URI[archive.md5sum] = "4314bf89eac293dd0a9d806593ff1b35"
 SRC_URI[archive.sha256sum] = "90572c626d8a708225560c42b4421f7941315247fa1679d4ef569bde7f4bb379"
 
-- 
2.8.3



^ permalink raw reply related

* Re: [PATCH V2 5/6] runqemu: fixes for slirp, network device and hostfwd
From: Robert Yang @ 2016-12-12  3:31 UTC (permalink / raw)
  To: Randy Witt, openembedded-core
In-Reply-To: <4f79b40c-e1a8-3e62-0cbb-ea4c9d4176e4@linux.intel.com>



On 12/08/2016 01:58 AM, Randy Witt wrote:
>
>>      def setup_slirp(self):
>>          """Setup user networking"""
>>
>>          if self.fstype == 'nfs':
>>              self.setup_nfs()
>>          self.kernel_cmdline_script += ' ip=dhcp'
>> -        self.set('NETWORK_CMD', self.get('QB_SLIRP_OPT'))
>> +        # Port mapping
>> +        hostfwd = ",hostfwd=tcp::2222-:22,hostfwd=tcp::2323-:23"
>> +        qb_slirp_opt_default = "-netdev user,id=net0%s" % hostfwd
>> +        qb_slirp_opt = self.get('QB_SLIRP_OPT') or qb_slirp_opt_default
>> +        # Figure out the port
>> +        ports = re.findall('hostfwd=[^-]*:([0-9]+)-[^,-]*', qb_slirp_opt)
>> +        ports = [int(i) for i in ports]
>> +        mac = 2
>> +        # Find a free port to avoid conflicts
>> +        for p in ports[:]:
>> +            p_new = p
>> +            while not check_free_port('localhost', p_new):
>> +                p_new += 1
>> +                mac += 1
>> +                while p_new in ports:
>> +                        p_new += 1
>> +                        mac += 1
>> +            if p != p_new:
>> +                ports.append(p_new)
>> +                qb_slirp_opt = re.sub(':%s-' % p, ':%s-' % p_new, qb_slirp_opt)
>> +                logger.info("Port forward changed: %s -> %s" % (p, p_new))
> Regardless if the port is changed or not, so that things like tests have an
> easier time of figuring out the port mappings, would it be good add a flag that
> prints out the entire list of ports used, or always do it? i.e. "Port forwarding
> 2222:22 2333:23.... It's not necessary of course, you can  always look at the

Thansk, make sense, I added the following lines:

+        # Print out port foward
+        hostfwd = re.findall('(hostfwd=[^,]*)', qb_slirp_opt)
+        if hostfwd:
+            logger.info('Port forward: %s' % ' '.join(hostfwd))

Now print:
runqemu - INFO - Port forward: hostfwd=tcp::2222-:22 hostfwd=tcp::2323-:23


Updated in the repo:
   git://git.openembedded.org/openembedded-core-contrib rbt/runqemu
 
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=rbt/runqemu

Robert Yang (6):
   scripts/runqemu: fix checking for <file>.cpio.gz
   qemuboot.bbclass: use IMGDEPLOYDIR
   runqemu-export-rootfs: fix inconsistent var names
   runqemu: support mutiple qemus running when nfs
   runqemu: fixes for slirp, network device and hostfwd
   qemuboot.bbclass: add blank lines in comments


// Robert

> command line and then check to see if anything is remapped. But that's a bit
> more work.
>
>> +        mac = "%s%02x" % (self.mac_slirp, mac)
>> +        self.set('NETWORK_CMD', '%s %s' %
>> (self.network_device.replace('@MAC@', mac), qb_slirp_opt))
>
>


^ permalink raw reply

* Re: [PATCH] gcr: add missing dependencies for vapi
From: Huang, Jie (Jackie) @ 2016-12-12  0:58 UTC (permalink / raw)
  To: BURTON, ROSS; +Cc: OE-core
In-Reply-To: <CAJTo0LaXmKPSRG1VgLXdOERkxuFSaqFX-D-7Oo9MTKY_ydcq1w@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 513 bytes --]

Yes, I will re-send the patch.

Thanks,
Jackie

From: Burton, Ross [mailto:ross.burton@intel.com]
Sent: Saturday, December 10, 2016 6:43 PM
To: Huang, Jie (Jackie)
Cc: OE-core
Subject: Re: [OE-core] [PATCH] gcr: add missing dependencies for vapi


On 10 December 2016 at 02:56, <jackie.huang@windriver.com<mailto:jackie.huang@windriver.com>> wrote:
+Upstream-Status: Submitted [https://github.com/GNOME/gcr/pull/4]

Did you get the message that GNOME doesn't take pull requests at github?

Ross

[-- Attachment #2: Type: text/html, Size: 3999 bytes --]

^ permalink raw reply

* [PATCH] fontconfig: Fix namespace conflicts with glibc
From: Khem Raj @ 2016-12-11 23:07 UTC (permalink / raw)
  To: openembedded-core

glibc 2.25 will come with TS 18661-1 macro definitions in limits.h which ends with following errors

| ../../fontconfig-2.12.1/src/fcmatch.c:324:63: error: 'PRI_CHAR_WIDTH_STRONG' undeclared here (not in a function)
|  #define FC_OBJECT(NAME, Type, Cmp) { FC_##NAME##_OBJECT, Cmp, PRI_##NAME##_STRONG, PRI_##NAME##_WEAK },
|                                                                ^
| ../../fontconfig-2.12.1/src/fcobjs.h:54:1: note: in expansion of macro 'FC_OBJECT'
|  FC_OBJECT (CHAR_WIDTH,  FcTypeInteger, NULL)
|  ^~~~~~~~~
| ../../fontconfig-2.12.1/src/fcmatch.c:324:84: error: 'PRI_CHAR_WIDTH_WEAK' undeclared here (not in a function)
|  #define FC_OBJECT(NAME, Type, Cmp) { FC_##NAME##_OBJECT, Cmp, PRI_##NAME##_STRONG, PRI_##NAME##_WEAK },
|                                                                                     ^
| ../../fontconfig-2.12.1/src/fcobjs.h:54:1: note: in expansion of macro 'FC_OBJECT'
|  FC_OBJECT (CHAR_WIDTH,  FcTypeInteger, NULL)
|  ^~~~~~~~~
| make[3]: *** [Makefile:632: fcmatch.lo] Error 1

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 ...icts-with-integer-width-macros-from-TS-18.patch | 74 ++++++++++++++++++++++
 .../fontconfig/fontconfig_2.12.1.bb                |  1 +
 2 files changed, 75 insertions(+)
 create mode 100644 meta/recipes-graphics/fontconfig/fontconfig/0001-Avoid-conflicts-with-integer-width-macros-from-TS-18.patch

diff --git a/meta/recipes-graphics/fontconfig/fontconfig/0001-Avoid-conflicts-with-integer-width-macros-from-TS-18.patch b/meta/recipes-graphics/fontconfig/fontconfig/0001-Avoid-conflicts-with-integer-width-macros-from-TS-18.patch
new file mode 100644
index 0000000..326ff3c
--- /dev/null
+++ b/meta/recipes-graphics/fontconfig/fontconfig/0001-Avoid-conflicts-with-integer-width-macros-from-TS-18.patch
@@ -0,0 +1,74 @@
+From 20cddc824c6501c2082cac41b162c34cd5fcc530 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sun, 11 Dec 2016 14:32:00 -0800
+Subject: [PATCH] Avoid conflicts with integer width macros from TS
+ 18661-1:2014
+
+glibc 2.25+ has now defined these macros in <limits.h>
+https://sourceware.org/git/?p=glibc.git;a=commit;h=5b17fd0da62bf923cb61d1bb7b08cf2e1f1f9c1a
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+Upstream-Status: Submitted
+
+ fontconfig/fontconfig.h | 2 +-
+ src/fcobjs.h            | 2 +-
+ src/fcobjshash.gperf    | 2 +-
+ src/fcobjshash.h        | 2 +-
+ 4 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/fontconfig/fontconfig.h b/fontconfig/fontconfig.h
+index 5c72b22..843c532 100644
+--- a/fontconfig/fontconfig.h
++++ b/fontconfig/fontconfig.h
+@@ -128,7 +128,7 @@ typedef int		FcBool;
+ #define FC_USER_CACHE_FILE	    ".fonts.cache-" FC_CACHE_VERSION
+ 
+ /* Adjust outline rasterizer */
+-#define FC_CHAR_WIDTH	    "charwidth"	/* Int */
++#define FC_CHARWIDTH	    "charwidth"	/* Int */
+ #define FC_CHAR_HEIGHT	    "charheight"/* Int */
+ #define FC_MATRIX	    "matrix"    /* FcMatrix */
+ 
+diff --git a/src/fcobjs.h b/src/fcobjs.h
+index 1fc4f65..d27864b 100644
+--- a/src/fcobjs.h
++++ b/src/fcobjs.h
+@@ -51,7 +51,7 @@ FC_OBJECT (DPI,			FcTypeDouble,	NULL)
+ FC_OBJECT (RGBA,		FcTypeInteger,	NULL)
+ FC_OBJECT (SCALE,		FcTypeDouble,	NULL)
+ FC_OBJECT (MINSPACE,		FcTypeBool,	NULL)
+-FC_OBJECT (CHAR_WIDTH,		FcTypeInteger,	NULL)
++FC_OBJECT (CHARWIDTH,		FcTypeInteger,	NULL)
+ FC_OBJECT (CHAR_HEIGHT,		FcTypeInteger,	NULL)
+ FC_OBJECT (MATRIX,		FcTypeMatrix,	NULL)
+ FC_OBJECT (CHARSET,		FcTypeCharSet,	FcCompareCharSet)
+diff --git a/src/fcobjshash.gperf b/src/fcobjshash.gperf
+index 80a0237..eb4ad84 100644
+--- a/src/fcobjshash.gperf
++++ b/src/fcobjshash.gperf
+@@ -44,7 +44,7 @@ int id;
+ "rgba",FC_RGBA_OBJECT
+ "scale",FC_SCALE_OBJECT
+ "minspace",FC_MINSPACE_OBJECT
+-"charwidth",FC_CHAR_WIDTH_OBJECT
++"charwidth",FC_CHARWIDTH_OBJECT
+ "charheight",FC_CHAR_HEIGHT_OBJECT
+ "matrix",FC_MATRIX_OBJECT
+ "charset",FC_CHARSET_OBJECT
+diff --git a/src/fcobjshash.h b/src/fcobjshash.h
+index 5a4d1ea..4e66bb0 100644
+--- a/src/fcobjshash.h
++++ b/src/fcobjshash.h
+@@ -284,7 +284,7 @@ FcObjectTypeLookup (register const char *str, register unsigned int len)
+       {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str43,FC_CHARSET_OBJECT},
+       {-1},
+ #line 47 "fcobjshash.gperf"
+-      {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str45,FC_CHAR_WIDTH_OBJECT},
++      {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str45,FC_CHARWIDTH_OBJECT},
+ #line 48 "fcobjshash.gperf"
+       {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str46,FC_CHAR_HEIGHT_OBJECT},
+ #line 55 "fcobjshash.gperf"
+-- 
+2.10.2
+
diff --git a/meta/recipes-graphics/fontconfig/fontconfig_2.12.1.bb b/meta/recipes-graphics/fontconfig/fontconfig_2.12.1.bb
index 115f558..8616154 100644
--- a/meta/recipes-graphics/fontconfig/fontconfig_2.12.1.bb
+++ b/meta/recipes-graphics/fontconfig/fontconfig_2.12.1.bb
@@ -22,6 +22,7 @@ DEPENDS = "expat freetype zlib"
 
 SRC_URI = "http://fontconfig.org/release/fontconfig-${PV}.tar.gz \
            file://revert-static-pkgconfig.patch \
+           file://0001-Avoid-conflicts-with-integer-width-macros-from-TS-18.patch \
            "
 SRC_URI[md5sum] = "ce55e525c37147eee14cc2de6cc09f6c"
 SRC_URI[sha256sum] = "a9f42d03949f948a3a4f762287dbc16e53a927c91a07ee64207ebd90a9e5e292"
-- 
2.10.2



^ permalink raw reply related

* [PATCH 1/1] multilib.bbclass: fix faulty redefinition of STAGING_KERNEL_DIR
From: Petter Mabäcker @ 2016-12-11  9:07 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1481411836.git.petter@technux.se>

Due to the problem fixed in
'56c677a multilib: Move redefinition of STAGING_DIR_KERNEL'
STAGING_KERNEL_DIR must be redefined for lib32 in multilib.bbclass.
However this redefinition expanded STAGING_KERNEL_DIR to an absolute
path. This unconsciously added the TMPDIR path in the sstate object,
causing packages depended on STAGING_KERNEL_DIR being rebuild if the
TMPDIR was changed.

Solve this by forcing the unexpanded TMPDIR variable to remain in the
beginning of STAGING_DIR_KERNEL (as default). Since TMPDIR is included in
BB_HASHBASE_WHITELIST, the sstate object will not be depended on the
expanded path anymore.

Signed-off-by: Petter Mabäcker <petter@technux.se>
---
 meta/classes/multilib.bbclass | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/classes/multilib.bbclass b/meta/classes/multilib.bbclass
index d5a3128..eba666d 100644
--- a/meta/classes/multilib.bbclass
+++ b/meta/classes/multilib.bbclass
@@ -4,7 +4,9 @@ python multilib_virtclass_handler () {
     if cls != "multilib" or not variant:
         return
 
-    e.data.setVar('STAGING_KERNEL_DIR', e.data.getVar('STAGING_KERNEL_DIR', True))
+    localdata = bb.data.createCopy(e.data)
+    localdata.delVar('TMPDIR')
+    e.data.setVar('STAGING_KERNEL_DIR', localdata.getVar('STAGING_KERNEL_DIR', True))
 
     # There should only be one kernel in multilib configs
     # We also skip multilib setup for module packages.
-- 
1.9.1



^ permalink raw reply related

* [PATCH 0/1] multilib.bbclass: fix faulty redefinition of STAGING_KERNEL_DIR
From: Petter Mabäcker @ 2016-12-11  9:07 UTC (permalink / raw)
  To: openembedded-core

The following changes since commit 36e178a62f04e7f2611b26964efe46b9af97189a:

  linux-yocto: Update genericx86* SRCREVs for linux-yocto 4.8 (2016-12-09 08:54:07 +0000)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib petmab/staging_dir_kernel_fix
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=petmab/staging_dir_kernel_fix

Petter Mabäcker (1):
  multilib.bbclass: fix faulty redefinition of STAGING_KERNEL_DIR

 meta/classes/multilib.bbclass | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

-- 
1.9.1



^ permalink raw reply

* Re: [PATCH] edgerouter.conf: enable generation of wic.bmap
From: Christopher Larson @ 2016-12-11  0:40 UTC (permalink / raw)
  To: Khem Raj; +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <CAMKF1sqeW4cxaj1yK_TbpyyZriuL3z3N4QY=nrpy4JV=tNRPCQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1714 bytes --]

On Sat, Dec 10, 2016 at 1:57 PM, Khem Raj <raj.khem@gmail.com> wrote:

> On Sat, Dec 10, 2016 at 10:40 AM, Christopher Larson
> <clarson@kergoth.com> wrote:
> >
> > On Fri, Dec 9, 2016 at 10:46 AM, Ed Bartosh <ed.bartosh@linux.intel.com>
> > wrote:
> >>
> >> Enabled generation of block map(bmap) files for wic images
> >> built for edgerouter machine. This should simplify flashing
> >> images with bmaptool.
> >>
> >> [YOCTO #10621]
> >>
> >> Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
> >
> >
> > I think this is more of a distro decision than machine, whether they
> want to
> > support use of bmaptool for their users/customers. It’d be nice if it was
> > easier to control compression from the distro, too. For example, if we
> want
> > to distribute wic.bz2+wic.bmap in our installers, it’d be nice to be
> able to
> > switch to that for all machines that use wic. I’m not sure how best to
> pull
> > that off, however. Something to think about for the future.
>
> I think thats a good point, however, distro should be able to define
> something like
> if machine is capable of supporting feature X then lets enable it. I
> dont think we
> should add machine knowledge into distros either.


Agreed. We do that already with features variables, but there’s no
equivalent for IMAGE_FSTYPES, of course. Presumably IMAGE_FSTYPES_append =
“ ${@‘wic.bmap’ if ‘${USING_WIC}’ else ‘’}” or so would get part of the way
there. Replacing wic with wic.bz2 or vice versa would be slightly more
complex.
-- 
Christopher Larson
clarson at kergoth dot com
Founder - BitBake, OpenEmbedded, OpenZaurus
Senior Software Engineer, Mentor Graphics

[-- Attachment #2: Type: text/html, Size: 2372 bytes --]

^ permalink raw reply

* Re: can "IMAGE_INSTALL ?= ..." not be written in a more obvious way?
From: Khem Raj @ 2016-12-10 21:15 UTC (permalink / raw)
  To: Robert P. J. Day; +Cc: OE Core mailing list
In-Reply-To: <alpine.LFD.2.20.1612100630310.23762@localhost.localdomain>

On Sat, Dec 10, 2016 at 3:40 AM, Robert P. J. Day <rpjday@crashcourse.ca> wrote:
>
>   i've nattered about this before but not sure i ever got an answer --
> here's the last bit of core-image.bbclass:
>
>   CORE_IMAGE_BASE_INSTALL = '\
>     packagegroup-core-boot \
>     packagegroup-base-extended \
>     \
>     ${CORE_IMAGE_EXTRA_INSTALL} \
>     '
>
>   CORE_IMAGE_EXTRA_INSTALL ?= ""
>
>   IMAGE_INSTALL ?= "${CORE_IMAGE_BASE_INSTALL}"
>
> the first time i saw that (long ago), it took me a few looks to figure
> out what was happening. can this not be written in a more obvious way:
>
>   CORE_IMAGE_BASE_INSTALL = '\
>     packagegroup-core-boot \
>     packagegroup-base-extended \
>     '
>
>   CORE_IMAGE_EXTRA_INSTALL ?= ""
>
>   IMAGE_INSTALL ?= " \
>     ${CORE_IMAGE_BASE_INSTALL} \
>     ${CORE_IMAGE_EXTRA_INSTALL} \
>     "
>
> is that not equivalent, or am i missing something? it's certainly
> clearer as to what's happening if people are perusing the code.

They are same AFAICT, dont feel strongly  about readability but feel
free to send a patch


^ permalink raw reply

* Re: [PATCH] edgerouter.conf: enable generation of wic.bmap
From: Khem Raj @ 2016-12-10 20:57 UTC (permalink / raw)
  To: Christopher Larson; +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <CABcZANk5QnzFAWwAjbaHAQvCw=XXViOnh5jg=cvRiD_B=mEpKA@mail.gmail.com>

On Sat, Dec 10, 2016 at 10:40 AM, Christopher Larson
<clarson@kergoth.com> wrote:
>
> On Fri, Dec 9, 2016 at 10:46 AM, Ed Bartosh <ed.bartosh@linux.intel.com>
> wrote:
>>
>> Enabled generation of block map(bmap) files for wic images
>> built for edgerouter machine. This should simplify flashing
>> images with bmaptool.
>>
>> [YOCTO #10621]
>>
>> Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
>
>
> I think this is more of a distro decision than machine, whether they want to
> support use of bmaptool for their users/customers. It’d be nice if it was
> easier to control compression from the distro, too. For example, if we want
> to distribute wic.bz2+wic.bmap in our installers, it’d be nice to be able to
> switch to that for all machines that use wic. I’m not sure how best to pull
> that off, however. Something to think about for the future.

I think thats a good point, however, distro should be able to define
something like
if machine is capable of supporting feature X then lets enable it. I
dont think we
should add machine knowledge into distros either.

> --
> Christopher Larson
> clarson at kergoth dot com
> Founder - BitBake, OpenEmbedded, OpenZaurus
> Maintainer - Tslib
> Senior Software Engineer, Mentor Graphics
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>


^ permalink raw reply

* Re: [PATCH] edgerouter.conf: enable generation of wic.bmap
From: Christopher Larson @ 2016-12-10 18:40 UTC (permalink / raw)
  To: Ed Bartosh; +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <1481305586-11873-1-git-send-email-ed.bartosh@linux.intel.com>

[-- Attachment #1: Type: text/plain, Size: 934 bytes --]

On Fri, Dec 9, 2016 at 10:46 AM, Ed Bartosh <ed.bartosh@linux.intel.com>
wrote:

> Enabled generation of block map(bmap) files for wic images
> built for edgerouter machine. This should simplify flashing
> images with bmaptool.
>
> [YOCTO #10621]
>
> Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
>

I think this is more of a distro decision than machine, whether they want
to support use of bmaptool for their users/customers. It’d be nice if it
was easier to control compression from the distro, too. For example, if we
want to distribute wic.bz2+wic.bmap in our installers, it’d be nice to be
able to switch to that for all machines that use wic. I’m not sure how best
to pull that off, however. Something to think about for the future.
-- 
Christopher Larson
clarson at kergoth dot com
Founder - BitBake, OpenEmbedded, OpenZaurus
Maintainer - Tslib
Senior Software Engineer, Mentor Graphics

[-- Attachment #2: Type: text/html, Size: 1424 bytes --]

^ permalink raw reply

* [PATCH]] libtiff: Update to 4.0.7
From: Armin Kuster @ 2016-12-10 17:38 UTC (permalink / raw)
  To: akuster808, openembedded-core

Major changes:
The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution, used for demos.

CVEs fixed:
CVE-2016-9297
CVE-2016-9448
CVE-2016-9273
CVE-2014-8127
CVE-2016-3658
CVE-2016-5875
CVE-2016-5652
CVE-2016-3632

plus more that are not identified in the changelog.

removed patches integrated into update.
more info: http://libtiff.maptools.org/v4.0.7.html

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../libtiff/files/CVE-2015-8665_8683.patch         | 137 -------
 .../libtiff/files/CVE-2015-8781.patch              | 195 ----------
 .../libtiff/files/CVE-2015-8784.patch              |  73 ----
 .../libtiff/files/CVE-2016-3186.patch              |  24 --
 .../libtiff/files/CVE-2016-3622.patch              | 129 -------
 .../libtiff/files/CVE-2016-3623.patch              |  52 ---
 .../libtiff/files/CVE-2016-3632.patch              |  34 --
 .../libtiff/files/CVE-2016-3658.patch              | 111 ------
 .../libtiff/files/CVE-2016-3945.patch              | 118 ------
 .../libtiff/files/CVE-2016-3990.patch              |  66 ----
 .../libtiff/files/CVE-2016-3991.patch              | 147 -------
 .../libtiff/files/CVE-2016-5321.patch              |  49 ---
 .../libtiff/files/CVE-2016-5323.patch              | 107 ------
 .../libtiff/files/CVE-2016-9535-1.patch            | 423 ---------------------
 .../libtiff/files/CVE-2016-9535-2.patch            |  67 ----
 .../libtiff/files/CVE-2016-9538.patch              |  67 ----
 .../libtiff/files/CVE-2016-9539.patch              |  60 ---
 .../libtiff/files/CVE-2016-9540.patch              |  60 ---
 .../libtiff/files/Fix_several_CVE_issues.patch     | 281 --------------
 .../libtiff/{tiff_4.0.6.bb => tiff_4.0.7.bb}       |  23 +-
 20 files changed, 2 insertions(+), 2221 deletions(-)
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2015-8665_8683.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2015-8781.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2015-8784.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3186.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3622.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3623.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3632.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3658.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3945.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3990.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3991.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-5321.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9539.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9540.patch
 delete mode 100644 meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch
 rename meta/recipes-multimedia/libtiff/{tiff_4.0.6.bb => tiff_4.0.7.bb} (65%)

diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2015-8665_8683.patch b/meta/recipes-multimedia/libtiff/files/CVE-2015-8665_8683.patch
deleted file mode 100644
index 39c5059..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2015-8665_8683.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-From f94a29a822f5528d2334592760fbb7938f15eb55 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sat, 26 Dec 2015 17:32:03 +0000
-Subject: [PATCH] * libtiff/tif_getimage.c: fix out-of-bound reads in
- TIFFRGBAImage interface in case of unsupported values of
- SamplesPerPixel/ExtraSamples for LogLUV / CIELab. Add explicit call to
- TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by
- limingxing and CVE-2015-8683 reported by zzf of Alibaba.
-
-Upstream-Status: Backport
-CVE: CVE-2015-8665
-CVE: CVE-2015-8683
-https://github.com/vadz/libtiff/commit/f94a29a822f5528d2334592760fbb7938f15eb55
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- ChangeLog              |  8 ++++++++
- libtiff/tif_getimage.c | 35 ++++++++++++++++++++++-------------
- 2 files changed, 30 insertions(+), 13 deletions(-)
-
-Index: tiff-4.0.6/libtiff/tif_getimage.c
-===================================================================
---- tiff-4.0.6.orig/libtiff/tif_getimage.c
-+++ tiff-4.0.6/libtiff/tif_getimage.c
-@@ -182,20 +182,22 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[102
- 				    "Planarconfiguration", td->td_planarconfig);
- 				return (0);
- 			}
--			if( td->td_samplesperpixel != 3 )
-+			if( td->td_samplesperpixel != 3 || colorchannels != 3 )
-             {
-                 sprintf(emsg,
--                        "Sorry, can not handle image with %s=%d",
--                        "Samples/pixel", td->td_samplesperpixel);
-+                        "Sorry, can not handle image with %s=%d, %s=%d",
-+                        "Samples/pixel", td->td_samplesperpixel,
-+                        "colorchannels", colorchannels);
-                 return 0;
-             }
- 			break;
- 		case PHOTOMETRIC_CIELAB:
--            if( td->td_samplesperpixel != 3 || td->td_bitspersample != 8 )
-+            if( td->td_samplesperpixel != 3 || colorchannels != 3 || td->td_bitspersample != 8 )
-             {
-                 sprintf(emsg,
--                        "Sorry, can not handle image with %s=%d and %s=%d",
-+                        "Sorry, can not handle image with %s=%d, %s=%d and %s=%d",
-                         "Samples/pixel", td->td_samplesperpixel,
-+                        "colorchannels", colorchannels,
-                         "Bits/sample", td->td_bitspersample);
-                 return 0;
-             }
-@@ -255,6 +257,9 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, T
- 	int colorchannels;
- 	uint16 *red_orig, *green_orig, *blue_orig;
- 	int n_color;
-+	
-+	if( !TIFFRGBAImageOK(tif, emsg) )
-+		return 0;
- 
- 	/* Initialize to normal values */
- 	img->row_offset = 0;
-@@ -2508,29 +2513,33 @@ PickContigCase(TIFFRGBAImage* img)
- 		case PHOTOMETRIC_RGB:
- 			switch (img->bitspersample) {
- 				case 8:
--					if (img->alpha == EXTRASAMPLE_ASSOCALPHA)
-+					if (img->alpha == EXTRASAMPLE_ASSOCALPHA &&
-+						img->samplesperpixel >= 4)
- 						img->put.contig = putRGBAAcontig8bittile;
--					else if (img->alpha == EXTRASAMPLE_UNASSALPHA)
-+					else if (img->alpha == EXTRASAMPLE_UNASSALPHA &&
-+							 img->samplesperpixel >= 4)
- 					{
- 						if (BuildMapUaToAa(img))
- 							img->put.contig = putRGBUAcontig8bittile;
- 					}
--					else
-+					else if( img->samplesperpixel >= 3 )
- 						img->put.contig = putRGBcontig8bittile;
- 					break;
- 				case 16:
--					if (img->alpha == EXTRASAMPLE_ASSOCALPHA)
-+					if (img->alpha == EXTRASAMPLE_ASSOCALPHA &&
-+						img->samplesperpixel >=4 )
- 					{
- 						if (BuildMapBitdepth16To8(img))
- 							img->put.contig = putRGBAAcontig16bittile;
- 					}
--					else if (img->alpha == EXTRASAMPLE_UNASSALPHA)
-+					else if (img->alpha == EXTRASAMPLE_UNASSALPHA &&
-+							 img->samplesperpixel >=4 )
- 					{
- 						if (BuildMapBitdepth16To8(img) &&
- 						    BuildMapUaToAa(img))
- 							img->put.contig = putRGBUAcontig16bittile;
- 					}
--					else
-+					else if( img->samplesperpixel >=3 )
- 					{
- 						if (BuildMapBitdepth16To8(img))
- 							img->put.contig = putRGBcontig16bittile;
-@@ -2539,7 +2548,7 @@ PickContigCase(TIFFRGBAImage* img)
- 			}
- 			break;
- 		case PHOTOMETRIC_SEPARATED:
--			if (buildMap(img)) {
-+			if (img->samplesperpixel >=4 && buildMap(img)) {
- 				if (img->bitspersample == 8) {
- 					if (!img->Map)
- 						img->put.contig = putRGBcontig8bitCMYKtile;
-@@ -2635,7 +2644,7 @@ PickContigCase(TIFFRGBAImage* img)
- 			}
- 			break;
- 		case PHOTOMETRIC_CIELAB:
--			if (buildMap(img)) {
-+			if (img->samplesperpixel == 3 && buildMap(img)) {
- 				if (img->bitspersample == 8)
- 					img->put.contig = initCIELabConversion(img);
- 				break;
-Index: tiff-4.0.6/ChangeLog
-===================================================================
---- tiff-4.0.6.orig/ChangeLog
-+++ tiff-4.0.6/ChangeLog
-@@ -1,3 +1,11 @@
-+2015-12-26  Even Rouault <even.rouault at spatialys.com>
-+
-+   * libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage
-+   interface in case of unsupported values of SamplesPerPixel/ExtraSamples
-+   for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in
-+   TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and
-+   CVE-2015-8683 reported by zzf of Alibaba.
-+
- 2015-09-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>
- 
- 	* libtiff 4.0.6 released.
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2015-8781.patch b/meta/recipes-multimedia/libtiff/files/CVE-2015-8781.patch
deleted file mode 100644
index 0846f0f..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2015-8781.patch
+++ /dev/null
@@ -1,195 +0,0 @@
-From aaab5c3c9d2a2c6984f23ccbc79702610439bc65 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sun, 27 Dec 2015 16:25:11 +0000
-Subject: [PATCH] * libtiff/tif_luv.c: fix potential out-of-bound writes in
- decode functions in non debug builds by replacing assert()s by regular if
- checks (bugzilla #2522). Fix potential out-of-bound reads in case of short
- input data.
-
-Upstream-Status: Backport
-
-https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
-hand applied Changelog changes
-
-CVE: CVE-2015-8781
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
----
- ChangeLog         |  7 +++++++
- libtiff/tif_luv.c | 55 ++++++++++++++++++++++++++++++++++++++++++++-----------
- 2 files changed, 51 insertions(+), 11 deletions(-)
-
-Index: tiff-4.0.4/ChangeLog
-===================================================================
---- tiff-4.0.4.orig/ChangeLog
-+++ tiff-4.0.4/ChangeLog
-@@ -1,3 +1,10 @@
-+2015-12-27  Even Rouault <even.rouault at spatialys.com>
-+
-+	* libtiff/tif_luv.c: fix potential out-of-bound writes in decode
-+	functions in non debug builds by replacing assert()s by regular if
-+	checks (bugzilla #2522).
-+	Fix potential out-of-bound reads in case of short input data.
-+
- 2015-12-26  Even Rouault <even.rouault at spatialys.com>
- 
- 	* libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage
-Index: tiff-4.0.4/libtiff/tif_luv.c
-===================================================================
---- tiff-4.0.4.orig/libtiff/tif_luv.c
-+++ tiff-4.0.4/libtiff/tif_luv.c
-@@ -202,7 +202,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsiz
- 	if (sp->user_datafmt == SGILOGDATAFMT_16BIT)
- 		tp = (int16*) op;
- 	else {
--		assert(sp->tbuflen >= npixels);
-+		if(sp->tbuflen < npixels) {
-+			TIFFErrorExt(tif->tif_clientdata, module,
-+						 "Translation buffer too short");
-+			return (0);
-+		}
- 		tp = (int16*) sp->tbuf;
- 	}
- 	_TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0]));
-@@ -211,9 +215,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsiz
- 	cc = tif->tif_rawcc;
- 	/* get each byte string */
- 	for (shft = 2*8; (shft -= 8) >= 0; ) {
--		for (i = 0; i < npixels && cc > 0; )
-+		for (i = 0; i < npixels && cc > 0; ) {
- 			if (*bp >= 128) {		/* run */
--				rc = *bp++ + (2-128);   /* TODO: potential input buffer overrun when decoding corrupt or truncated data */
-+				if( cc < 2 )
-+					break;
-+				rc = *bp++ + (2-128);
- 				b = (int16)(*bp++ << shft);
- 				cc -= 2;
- 				while (rc-- && i < npixels)
-@@ -223,6 +229,7 @@ LogL16Decode(TIFF* tif, uint8* op, tmsiz
- 				while (--cc && rc-- && i < npixels)
- 					tp[i++] |= (int16)*bp++ << shft;
- 			}
-+		}
- 		if (i != npixels) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- 			TIFFErrorExt(tif->tif_clientdata, module,
-@@ -268,13 +275,17 @@ LogLuvDecode24(TIFF* tif, uint8* op, tms
- 	if (sp->user_datafmt == SGILOGDATAFMT_RAW)
- 		tp = (uint32 *)op;
- 	else {
--		assert(sp->tbuflen >= npixels);
-+		if(sp->tbuflen < npixels) {
-+			TIFFErrorExt(tif->tif_clientdata, module,
-+						 "Translation buffer too short");
-+			return (0);
-+		}
- 		tp = (uint32 *) sp->tbuf;
- 	}
- 	/* copy to array of uint32 */
- 	bp = (unsigned char*) tif->tif_rawcp;
- 	cc = tif->tif_rawcc;
--	for (i = 0; i < npixels && cc > 0; i++) {
-+	for (i = 0; i < npixels && cc >= 3; i++) {
- 		tp[i] = bp[0] << 16 | bp[1] << 8 | bp[2];
- 		bp += 3;
- 		cc -= 3;
-@@ -325,7 +336,11 @@ LogLuvDecode32(TIFF* tif, uint8* op, tms
- 	if (sp->user_datafmt == SGILOGDATAFMT_RAW)
- 		tp = (uint32*) op;
- 	else {
--		assert(sp->tbuflen >= npixels);
-+		if(sp->tbuflen < npixels) {
-+			TIFFErrorExt(tif->tif_clientdata, module,
-+						 "Translation buffer too short");
-+			return (0);
-+		}
- 		tp = (uint32*) sp->tbuf;
- 	}
- 	_TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0]));
-@@ -334,11 +349,13 @@ LogLuvDecode32(TIFF* tif, uint8* op, tms
- 	cc = tif->tif_rawcc;
- 	/* get each byte string */
- 	for (shft = 4*8; (shft -= 8) >= 0; ) {
--		for (i = 0; i < npixels && cc > 0; )
-+		for (i = 0; i < npixels && cc > 0; ) {
- 			if (*bp >= 128) {		/* run */
-+				if( cc < 2 )
-+					break;
- 				rc = *bp++ + (2-128);
- 				b = (uint32)*bp++ << shft;
--				cc -= 2;                /* TODO: potential input buffer overrun when decoding corrupt or truncated data */
-+				cc -= 2;
- 				while (rc-- && i < npixels)
- 					tp[i++] |= b;
- 			} else {			/* non-run */
-@@ -346,6 +363,7 @@ LogLuvDecode32(TIFF* tif, uint8* op, tms
- 				while (--cc && rc-- && i < npixels)
- 					tp[i++] |= (uint32)*bp++ << shft;
- 			}
-+		}
- 		if (i != npixels) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- 			TIFFErrorExt(tif->tif_clientdata, module,
-@@ -413,6 +431,7 @@ LogLuvDecodeTile(TIFF* tif, uint8* bp, t
- static int
- LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- {
-+	static const char module[] = "LogL16Encode";
- 	LogLuvState* sp = EncoderState(tif);
- 	int shft;
- 	tmsize_t i;
-@@ -433,7 +452,11 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsiz
- 		tp = (int16*) bp;
- 	else {
- 		tp = (int16*) sp->tbuf;
--		assert(sp->tbuflen >= npixels);
-+		if(sp->tbuflen < npixels) {
-+			TIFFErrorExt(tif->tif_clientdata, module,
-+						 "Translation buffer too short");
-+			return (0);
-+		}
- 		(*sp->tfunc)(sp, bp, npixels);
- 	}
- 	/* compress each byte string */
-@@ -506,6 +529,7 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsiz
- static int
- LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- {
-+	static const char module[] = "LogLuvEncode24";
- 	LogLuvState* sp = EncoderState(tif);
- 	tmsize_t i;
- 	tmsize_t npixels;
-@@ -521,7 +545,11 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tms
- 		tp = (uint32*) bp;
- 	else {
- 		tp = (uint32*) sp->tbuf;
--		assert(sp->tbuflen >= npixels);
-+		if(sp->tbuflen < npixels) {
-+			TIFFErrorExt(tif->tif_clientdata, module,
-+						 "Translation buffer too short");
-+			return (0);
-+		}
- 		(*sp->tfunc)(sp, bp, npixels);
- 	}
- 	/* write out encoded pixels */
-@@ -553,6 +581,7 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tms
- static int
- LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- {
-+	static const char module[] = "LogLuvEncode32";
- 	LogLuvState* sp = EncoderState(tif);
- 	int shft;
- 	tmsize_t i;
-@@ -574,7 +603,11 @@ LogLuvEncode32(TIFF* tif, uint8* bp, tms
- 		tp = (uint32*) bp;
- 	else {
- 		tp = (uint32*) sp->tbuf;
--		assert(sp->tbuflen >= npixels);
-+		if(sp->tbuflen < npixels) {
-+			TIFFErrorExt(tif->tif_clientdata, module,
-+						 "Translation buffer too short");
-+			return (0);
-+		}
- 		(*sp->tfunc)(sp, bp, npixels);
- 	}
- 	/* compress each byte string */
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2015-8784.patch b/meta/recipes-multimedia/libtiff/files/CVE-2015-8784.patch
deleted file mode 100644
index 0caf800..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2015-8784.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From b18012dae552f85dcc5c57d3bf4e997a15b1cc1c Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sun, 27 Dec 2015 16:55:20 +0000
-Subject: [PATCH] * libtiff/tif_next.c: fix potential out-of-bound write in
- NeXTDecode() triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
- (bugzilla #2508)
-
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c
-hand applied Changelog changes
-
-CVE:  CVE-2015-8784
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- ChangeLog          |  6 ++++++
- libtiff/tif_next.c | 10 ++++++++--
- 2 files changed, 14 insertions(+), 2 deletions(-)
-
-Index: tiff-4.0.4/ChangeLog
-===================================================================
---- tiff-4.0.4.orig/ChangeLog
-+++ tiff-4.0.4/ChangeLog
-@@ -1,5 +1,11 @@
- 2015-12-27  Even Rouault <even.rouault at spatialys.com>
- 
-+	* libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()
-+	triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
-+	(bugzilla #2508)
-+
-+2015-12-27  Even Rouault <even.rouault at spatialys.com>
-+
- 	* libtiff/tif_luv.c: fix potential out-of-bound writes in decode
- 	functions in non debug builds by replacing assert()s by regular if
- 	checks (bugzilla #2522).
-Index: tiff-4.0.4/libtiff/tif_next.c
-===================================================================
---- tiff-4.0.4.orig/libtiff/tif_next.c
-+++ tiff-4.0.4/libtiff/tif_next.c
-@@ -37,7 +37,7 @@
- 	case 0:	op[0]  = (unsigned char) ((v) << 6); break;	\
- 	case 1:	op[0] |= (v) << 4; break;	\
- 	case 2:	op[0] |= (v) << 2; break;	\
--	case 3:	*op++ |= (v);	   break;	\
-+	case 3:	*op++ |= (v);	   op_offset++; break;	\
- 	}					\
- }
- 
-@@ -106,6 +106,7 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize
- 			uint32 imagewidth = tif->tif_dir.td_imagewidth;
-             if( isTiled(tif) )
-                 imagewidth = tif->tif_dir.td_tilewidth;
-+            tmsize_t op_offset = 0;
- 
- 			/*
- 			 * The scanline is composed of a sequence of constant
-@@ -122,10 +123,15 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize
- 				 * bounds, potentially resulting in a security
- 				 * issue.
- 				 */
--				while (n-- > 0 && npixels < imagewidth)
-+				while (n-- > 0 && npixels < imagewidth && op_offset < scanline)
- 					SETPIXEL(op, grey);
- 				if (npixels >= imagewidth)
- 					break;
-+                if (op_offset >= scanline ) {
-+                    TIFFErrorExt(tif->tif_clientdata, module, "Invalid data for scanline %ld",
-+                        (long) tif->tif_row);
-+                    return (0);
-+                }
- 				if (cc == 0)
- 					goto bad;
- 				n = *bp++, cc--;
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3186.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3186.patch
deleted file mode 100644
index 4a08aba..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3186.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Buffer overflow in the readextension function in gif2tiff.c
-allows remote attackers to cause a denial of service via a crafted GIF file.
-
-External References:
-https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3186
-https://bugzilla.redhat.com/show_bug.cgi?id=1319503
-
-CVE: CVE-2016-3186
-Upstream-Status: Backport (RedHat)
-https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
-
---- tiff-4.0.6/tools/gif2tiff.c	2016-04-06 15:43:01.586048341 +0200
-+++ tiff-4.0.6/tools/gif2tiff.c	2016-04-06 15:48:05.523207710 +0200
-@@ -349,7 +349,7 @@
-     int status = 1;
- 
-     (void) getc(infile);
--    while ((count = getc(infile)) && count <= 255)
-+    while ((count = getc(infile)) && count >= 0 && count <= 255)
-         if (fread(buf, 1, count, infile) != (size_t) count) {
-             fprintf(stderr, "short read from file %s (%s)\n",
-                     filename, strerror(errno));
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3622.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3622.patch
deleted file mode 100644
index 0c8b716..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3622.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-From 92d966a5fcfbdca67957c8c5c47b467aa650b286 Mon Sep 17 00:00:00 2001
-From: bfriesen <bfriesen>
-Date: Sat, 24 Sep 2016 23:11:55 +0000
-Subject: [PATCH] * libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts
- to read floating point images.
-
-* libtiff/tif_predict.c (PredictorSetup): Enforce bits-per-sample
-requirements of floating point predictor (3).  Fixes CVE-2016-3622
-"Divide By Zero in the tiff2rgba tool."
-
-CVE: CVE-2016-3622
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog              | 11 ++++++++++-
- libtiff/tif_getimage.c | 38 ++++++++++++++++++++------------------
- libtiff/tif_predict.c  | 11 ++++++++++-
- 3 files changed, 40 insertions(+), 20 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index 26d6f47..a628277 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,3 +1,12 @@
-+2016-09-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>
-+
-+	* libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts to
-+	read floating point images.
-+
-+	* libtiff/tif_predict.c (PredictorSetup): Enforce bits-per-sample
-+	requirements of floating point predictor (3).  Fixes CVE-2016-3622
-+	"Divide By Zero in the tiff2rgba tool."
-+
- 2016-08-15 Even Rouault <even.rouault at spatialys.com>
- 
- 	* tools/rgb2ycbcr.c: validate values of -v and -h parameters to
-diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
-index 386cee0..3e689ee 100644
---- a/libtiff/tif_getimage.c
-+++ b/libtiff/tif_getimage.c
-@@ -95,6 +95,10 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[1024])
- 			    td->td_bitspersample);
- 			return (0);
- 	}
-+        if (td->td_sampleformat == SAMPLEFORMAT_IEEEFP) {
-+                sprintf(emsg, "Sorry, can not handle images with IEEE floating-point samples");
-+                return (0);
-+        }
- 	colorchannels = td->td_samplesperpixel - td->td_extrasamples;
- 	if (!TIFFGetField(tif, TIFFTAG_PHOTOMETRIC, &photometric)) {
- 		switch (colorchannels) {
-@@ -182,27 +186,25 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[1024])
- 				    "Planarconfiguration", td->td_planarconfig);
- 				return (0);
- 			}
--			if( td->td_samplesperpixel != 3 || colorchannels != 3 )
--            {
--                sprintf(emsg,
--                        "Sorry, can not handle image with %s=%d, %s=%d",
--                        "Samples/pixel", td->td_samplesperpixel,
--                        "colorchannels", colorchannels);
--                return 0;
--            }
-+			if ( td->td_samplesperpixel != 3 || colorchannels != 3 ) {
-+                                sprintf(emsg,
-+                                        "Sorry, can not handle image with %s=%d, %s=%d",
-+                                        "Samples/pixel", td->td_samplesperpixel,
-+                                        "colorchannels", colorchannels);
-+                                return 0;
-+                        }
- 			break;
- 		case PHOTOMETRIC_CIELAB:
--            if( td->td_samplesperpixel != 3 || colorchannels != 3 || td->td_bitspersample != 8 )
--            {
--                sprintf(emsg,
--                        "Sorry, can not handle image with %s=%d, %s=%d and %s=%d",
--                        "Samples/pixel", td->td_samplesperpixel,
--                        "colorchannels", colorchannels,
--                        "Bits/sample", td->td_bitspersample);
--                return 0;
--            }
-+                        if ( td->td_samplesperpixel != 3 || colorchannels != 3 || td->td_bitspersample != 8 ) {
-+                                sprintf(emsg,
-+                                        "Sorry, can not handle image with %s=%d, %s=%d and %s=%d",
-+                                        "Samples/pixel", td->td_samplesperpixel,
-+                                        "colorchannels", colorchannels,
-+                                        "Bits/sample", td->td_bitspersample);
-+                                return 0;
-+                        }
- 			break;
--		default:
-+                default:
- 			sprintf(emsg, "Sorry, can not handle image with %s=%d",
- 			    photoTag, photometric);
- 			return (0);
-diff --git a/libtiff/tif_predict.c b/libtiff/tif_predict.c
-index 081eb11..555f2f9 100644
---- a/libtiff/tif_predict.c
-+++ b/libtiff/tif_predict.c
-@@ -80,6 +80,15 @@ PredictorSetup(TIFF* tif)
- 				    td->td_sampleformat);
- 				return 0;
- 			}
-+                        if (td->td_bitspersample != 16
-+                            && td->td_bitspersample != 24
-+                            && td->td_bitspersample != 32
-+                            && td->td_bitspersample != 64) { /* Should 64 be allowed? */
-+                                TIFFErrorExt(tif->tif_clientdata, module,
-+                                             "Floating point \"Predictor\" not supported with %d-bit samples",
-+                                             td->td_bitspersample);
-+				return 0;
-+                            }
- 			break;
- 		default:
- 			TIFFErrorExt(tif->tif_clientdata, module,
-@@ -174,7 +183,7 @@ PredictorSetupDecode(TIFF* tif)
- 		}
- 		/*
- 		 * Allocate buffer to keep the decoded bytes before
--		 * rearranging in the ight order
-+		 * rearranging in the right order
- 		 */
- 	}
- 
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3623.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3623.patch
deleted file mode 100644
index f554ac5..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3623.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From bd024f07019f5d9fea236675607a69f74a66bc7b Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 15 Aug 2016 21:26:56 +0000
-Subject: [PATCH] * tools/rgb2ycbcr.c: validate values of -v and -h parameters
- to avoid potential divide by zero. Fixes CVE-2016-3623 (bugzilla #2569)
-
-CVE: CVE-2016-3623
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/bd024f07019f5d9fea236675607a69f74a66bc7b
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog         | 5 +++++
- tools/rgb2ycbcr.c | 4 ++++
- 2 files changed, 9 insertions(+)
-
-diff --git a/ChangeLog b/ChangeLog
-index 5d60608..3e6642a 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,5 +1,10 @@
- 2016-08-15 Even Rouault <even.rouault at spatialys.com>
- 
-+	* tools/rgb2ycbcr.c: validate values of -v and -h parameters to
-+	avoid potential divide by zero. Fixes CVE-2016-3623 (bugzilla #2569)
-+
-+2016-08-15 Even Rouault <even.rouault at spatialys.com>
-+
- 	* tools/tiffcrop.c: Fix out-of-bounds write in loadImage().
- 	From patch libtiff-CVE-2016-3991.patch from
- 	libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro (bugzilla #2543)
-diff --git a/tools/rgb2ycbcr.c b/tools/rgb2ycbcr.c
-index 3829d6b..51f4259 100644
---- a/tools/rgb2ycbcr.c
-+++ b/tools/rgb2ycbcr.c
-@@ -95,9 +95,13 @@ main(int argc, char* argv[])
- 			break;
- 		case 'h':
- 			horizSubSampling = atoi(optarg);
-+            if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 )
-+                usage(-1);
- 			break;
- 		case 'v':
- 			vertSubSampling = atoi(optarg);
-+            if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 )
-+                usage(-1);
- 			break;
- 		case 'r':
- 			rowsperstrip = atoi(optarg);
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3632.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3632.patch
deleted file mode 100644
index a839250..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3632.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From d3f9829a37661749b200760ad6525f77cf77d77a Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
-Date: Mon, 11 Jul 2016 16:04:34 +0200
-Subject: [PATCH 4/8] Fix CVE-2016-3632
-
-CVE-2016-3632 libtiff: The _TIFFVGetField function in tif_dirinfo.c in
-LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service
-(out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
-
-CVE: CVE-2016-3632
-Upstream-Status: Backport [RedHat RHEL7]
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- tools/thumbnail.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/tools/thumbnail.c b/tools/thumbnail.c
-index fd1cba5..75e7009 100644
---- a/tools/thumbnail.c
-+++ b/tools/thumbnail.c
-@@ -253,7 +253,8 @@ static struct cpTag {
-     { TIFFTAG_WHITEPOINT,		2, TIFF_RATIONAL },
-     { TIFFTAG_PRIMARYCHROMATICITIES,	(uint16) -1,TIFF_RATIONAL },
-     { TIFFTAG_HALFTONEHINTS,		2, TIFF_SHORT },
--    { TIFFTAG_BADFAXLINES,		1, TIFF_LONG },
-+    // disable BADFAXLINES, CVE-2016-3632
-+    //{ TIFFTAG_BADFAXLINES,		1, TIFF_LONG },
-     { TIFFTAG_CLEANFAXDATA,		1, TIFF_SHORT },
-     { TIFFTAG_CONSECUTIVEBADFAXLINES,	1, TIFF_LONG },
-     { TIFFTAG_INKSET,			1, TIFF_SHORT },
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3658.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3658.patch
deleted file mode 100644
index 6cb12f2..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3658.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-From: 45c68450bef8ad876f310b495165c513cad8b67d
-From: Even Rouault <even.rouault@spatialys.com>
-
-* libtiff/tif_dir.c: discard values of SMinSampleValue and
-SMaxSampleValue when they have been read and the value of
-SamplesPerPixel is changed afterwards (like when reading a
-OJPEG compressed image with a missing SamplesPerPixel tag,
-and whose photometric is RGB or YCbCr, forcing SamplesPerPixel
-being 3). Otherwise when rewriting the directory (for example
-with tiffset, we will expect 3 values whereas the array had been
-allocated with just one), thus causing a out of bound read access.
-Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500
-(CVE-2014-8127, duplicate: CVE-2016-3658)
-
-* libtiff/tif_write.c: avoid null pointer dereference on td_stripoffset
-when writing directory, if FIELD_STRIPOFFSETS was artificially set
-for a hack case	in OJPEG case.
-Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500
-(CVE-2014-8127, duplicate: CVE-2016-3658)
-
-CVE: CVE-2016-3658
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/45c68450bef8ad876f310b495165c513cad8b67d
-
-Signed-off-by: Zhixiong.Chi <zhixiong.chi@windriver.com>
-
-Index: tiff-4.0.6/ChangeLog
-===================================================================
---- tiff-4.0.6.orig/ChangeLog	2016-11-14 10:52:10.008748230 +0800
-+++ tiff-4.0.6/ChangeLog	2016-11-14 16:17:46.140884438 +0800
-@@ -1,3 +1,22 @@
-+2016-10-25 Even Rouault <even.rouault at spatialys.com>
-+
-+	* libtiff/tif_dir.c: discard values of SMinSampleValue and
-+	SMaxSampleValue when they have been read and the value of
-+	SamplesPerPixel is changed afterwards (like when reading a
-+	OJPEG compressed image with a missing SamplesPerPixel tag,
-+	and whose photometric is RGB or YCbCr, forcing SamplesPerPixel
-+	being 3). Otherwise when rewriting the directory (for example
-+	with tiffset, we will expect 3 values whereas the array had been
-+	allocated with just one), thus causing a out of bound read access.
-+	Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500
-+	(CVE-2014-8127, duplicate: CVE-2016-3658)
-+
-+	* libtiff/tif_write.c: avoid null pointer dereference on td_stripoffset
-+	when writing directory, if FIELD_STRIPOFFSETS was artificially set
-+	for a hack case	in OJPEG case.
-+	Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500
-+	(CVE-2014-8127, duplicate: CVE-2016-3658)
-+
- 2016-09-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>
- 
- 	* libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts to
-Index: tiff-4.0.6/libtiff/tif_dir.c
-===================================================================
---- tiff-4.0.6.orig/libtiff/tif_dir.c	2015-06-01 07:11:43.000000000 +0800
-+++ tiff-4.0.6/libtiff/tif_dir.c	2016-11-14 16:20:17.800885495 +0800
-@@ -254,6 +254,28 @@
- 		v = (uint16) va_arg(ap, uint16_vap);
- 		if (v == 0)
- 			goto badvalue;
-+		if( v != td->td_samplesperpixel )
-+		{
-+		    /* See http://bugzilla.maptools.org/show_bug.cgi?id=2500 */
-+		    if( td->td_sminsamplevalue != NULL )
-+		    {
-+		        TIFFWarningExt(tif->tif_clientdata,module,
-+		            "SamplesPerPixel tag value is changing, "
-+		            "but SMinSampleValue tag was read with a different value. Cancelling it");
-+		        TIFFClrFieldBit(tif,FIELD_SMINSAMPLEVALUE);
-+		        _TIFFfree(td->td_sminsamplevalue);
-+		        td->td_sminsamplevalue = NULL;
-+		    }
-+		    if( td->td_smaxsamplevalue != NULL )
-+		    {
-+		        TIFFWarningExt(tif->tif_clientdata,module,
-+		            "SamplesPerPixel tag value is changing, "
-+		            "but SMaxSampleValue tag was read with a different value. Cancelling it");
-+		        TIFFClrFieldBit(tif,FIELD_SMAXSAMPLEVALUE);
-+		        _TIFFfree(td->td_smaxsamplevalue);
-+		        td->td_smaxsamplevalue = NULL;
-+		    }
-+		}
- 		td->td_samplesperpixel = (uint16) v;
- 		break;
- 	case TIFFTAG_ROWSPERSTRIP:
-Index: tiff-4.0.6/libtiff/tif_dirwrite.c
-===================================================================
---- tiff-4.0.6.orig/libtiff/tif_dirwrite.c	2015-05-31 08:38:46.000000000 +0800
-+++ tiff-4.0.6/libtiff/tif_dirwrite.c	2016-11-14 16:23:54.688887007 +0800
-@@ -542,7 +542,19 @@
- 			{
- 				if (!isTiled(tif))
- 				{
--					if (!TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_STRIPOFFSETS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripoffset))
-+					/* td_stripoffset might be NULL in an odd OJPEG case. See
-+					 *  tif_dirread.c around line 3634.
-+					 * XXX: OJPEG hack.
-+					 * If a) compression is OJPEG, b) it's not a tiled TIFF,
-+					 * and c) the number of strips is 1,
-+					 * then we tolerate the absence of stripoffsets tag,
-+					 * because, presumably, all required data is in the
-+					 * JpegInterchangeFormat stream.
-+					 * We can get here when using tiffset on such a file.
-+					 * See http://bugzilla.maptools.org/show_bug.cgi?id=2500
-+					*/
-+					if (tif->tif_dir.td_stripoffset != NULL &&
-+					    !TIFFWriteDirectoryTagLongLong8Array(tif,&ndir,dir,TIFFTAG_STRIPOFFSETS,tif->tif_dir.td_nstrips,tif->tif_dir.td_stripoffset))
- 						goto bad;
- 				}
- 				else
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3945.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3945.patch
deleted file mode 100644
index 4d965be..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3945.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-From 7c39352ccd9060d311d3dc9a1f1bc00133a160e6 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 15 Aug 2016 20:06:40 +0000
-Subject: [PATCH] * tools/tiff2rgba.c: Fix integer overflow in size of
- allocated buffer, when -b mode is enabled, that could result in out-of-bounds
- write. Based initially on patch tiff-CVE-2016-3945.patch from
- libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, with correction for invalid
- tests that rejected valid files.
-
-CVE: CVE-2016-3945
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/7c39352ccd9060d311d3dc9a1f1bc00133a160e6
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog         |  8 ++++++++
- tools/tiff2rgba.c | 34 ++++++++++++++++++++++++++++++----
- 2 files changed, 38 insertions(+), 4 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index 62dc1b5..9c0ab29 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,3 +1,11 @@
-+2016-08-15 Even Rouault <even.rouault at spatialys.com>
-+
-+	* tools/tiff2rgba.c: Fix integer overflow in size of allocated
-+	buffer, when -b mode is enabled, that could result in out-of-bounds
-+	write. Based initially on patch tiff-CVE-2016-3945.patch from
-+	libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, with correction for
-+	invalid tests that rejected valid files.
-+
- 2016-07-11 Even Rouault <even.rouault at spatialys.com>
- 
- 	* tools/tiffcrop.c: Avoid access outside of stack allocated array
-diff --git a/tools/tiff2rgba.c b/tools/tiff2rgba.c
-index b7a81eb..16e3dc4 100644
---- a/tools/tiff2rgba.c
-+++ b/tools/tiff2rgba.c
-@@ -147,6 +147,7 @@ cvt_by_tile( TIFF *in, TIFF *out )
-     uint32  row, col;
-     uint32  *wrk_line;
-     int	    ok = 1;
-+    uint32  rastersize, wrk_linesize;
- 
-     TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
-     TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
-@@ -163,7 +164,13 @@ cvt_by_tile( TIFF *in, TIFF *out )
-     /*
-      * Allocate tile buffer
-      */
--    raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32));
-+    rastersize = tile_width * tile_height * sizeof (uint32);
-+    if (tile_width != (rastersize / tile_height) / sizeof( uint32))
-+    {
-+	TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
-+	exit(-1);
-+    }
-+    raster = (uint32*)_TIFFmalloc(rastersize);
-     if (raster == 0) {
-         TIFFError(TIFFFileName(in), "No space for raster buffer");
-         return (0);
-@@ -173,7 +180,13 @@ cvt_by_tile( TIFF *in, TIFF *out )
-      * Allocate a scanline buffer for swapping during the vertical
-      * mirroring pass.
-      */
--    wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32));
-+    wrk_linesize = tile_width * sizeof (uint32);
-+    if (tile_width != wrk_linesize / sizeof (uint32))
-+    {
-+        TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
-+	exit(-1);
-+    }
-+    wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
-     if (!wrk_line) {
-         TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
-         ok = 0;
-@@ -249,6 +262,7 @@ cvt_by_strip( TIFF *in, TIFF *out )
-     uint32  row;
-     uint32  *wrk_line;
-     int	    ok = 1;
-+    uint32  rastersize, wrk_linesize;
- 
-     TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
-     TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
-@@ -263,7 +277,13 @@ cvt_by_strip( TIFF *in, TIFF *out )
-     /*
-      * Allocate strip buffer
-      */
--    raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32));
-+    rastersize = width * rowsperstrip * sizeof (uint32);
-+    if (width != (rastersize / rowsperstrip) / sizeof( uint32))
-+    {
-+	TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
-+	exit(-1);
-+    }
-+    raster = (uint32*)_TIFFmalloc(rastersize);
-     if (raster == 0) {
-         TIFFError(TIFFFileName(in), "No space for raster buffer");
-         return (0);
-@@ -273,7 +293,13 @@ cvt_by_strip( TIFF *in, TIFF *out )
-      * Allocate a scanline buffer for swapping during the vertical
-      * mirroring pass.
-      */
--    wrk_line = (uint32*)_TIFFmalloc(width * sizeof (uint32));
-+    wrk_linesize = width * sizeof (uint32);
-+    if (width != wrk_linesize / sizeof (uint32))
-+    {
-+        TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
-+	exit(-1);
-+    }
-+    wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
-     if (!wrk_line) {
-         TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
-         ok = 0;
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3990.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3990.patch
deleted file mode 100644
index 7bf52ee..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3990.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 6a4dbb07ccf92836bb4adac7be4575672d0ac5f1 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 15 Aug 2016 20:49:48 +0000
-Subject: [PATCH] * libtiff/tif_pixarlog.c: Fix write buffer overflow in
- PixarLogEncode if more input samples are provided than expected by
- PixarLogSetupEncode. Idea based on libtiff-CVE-2016-3990.patch from
- libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, but with different and
- simpler check. (bugzilla #2544)
-
-invalid tests that rejected valid files. (bugzilla #2545)
-
-CVE: CVE-2016-3990
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/6a4dbb07ccf92836bb4adac7be4575672d0ac5f1
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog              | 10 +++++++++-
- libtiff/tif_pixarlog.c |  7 +++++++
- 2 files changed, 16 insertions(+), 1 deletion(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index 9c0ab29..db4ea18 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,10 +1,18 @@
- 2016-08-15 Even Rouault <even.rouault at spatialys.com>
- 
-+	* libtiff/tif_pixarlog.c: Fix write buffer overflow in PixarLogEncode
-+	if more input samples are provided than expected by PixarLogSetupEncode.
-+	Idea based on libtiff-CVE-2016-3990.patch from
-+	libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, but with different and
-+	simpler check. (bugzilla #2544)
-+
-+2016-08-15 Even Rouault <even.rouault at spatialys.com>
-+
- 	* tools/tiff2rgba.c: Fix integer overflow in size of allocated
- 	buffer, when -b mode is enabled, that could result in out-of-bounds
- 	write. Based initially on patch tiff-CVE-2016-3945.patch from
- 	libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, with correction for
--	invalid tests that rejected valid files.
-+	invalid tests that rejected valid files. (bugzilla #2545)
- 
- 2016-07-11 Even Rouault <even.rouault at spatialys.com>
- 
-diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c
-index e78f788..28329d1 100644
---- a/libtiff/tif_pixarlog.c
-+++ b/libtiff/tif_pixarlog.c
-@@ -1141,6 +1141,13 @@ PixarLogEncode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- 	}
- 
- 	llen = sp->stride * td->td_imagewidth;
-+    /* Check against the number of elements (of size uint16) of sp->tbuf */
-+    if( n > td->td_rowsperstrip * llen )
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, module,
-+                     "Too many input bytes provided");
-+        return 0;
-+    }
- 
- 	for (i = 0, up = sp->tbuf; i < n; i += llen, up += llen) {
- 		switch (sp->user_datafmt)  {
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-3991.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-3991.patch
deleted file mode 100644
index 27dfd37..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-3991.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-From e596d4e27c5afb7960dc360fdd3afd90ba0fb8ba Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 15 Aug 2016 21:05:40 +0000
-Subject: [PATCH 2/2] * tools/tiffcrop.c: Fix out-of-bounds write in
- loadImage(). From patch libtiff-CVE-2016-3991.patch from
- libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro (bugzilla #2543)
-
-CVE: CVE-2016-3991
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/e596d4e27c5afb7960dc360fdd3afd90ba0fb8ba
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog        |  6 ++++++
- tools/tiffcrop.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
- 2 files changed, 62 insertions(+), 3 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index db4ea18..5d60608 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,5 +1,11 @@
- 2016-08-15 Even Rouault <even.rouault at spatialys.com>
- 
-+	* tools/tiffcrop.c: Fix out-of-bounds write in loadImage().
-+	From patch libtiff-CVE-2016-3991.patch from
-+	libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro (bugzilla #2543)
-+
-+2016-08-15 Even Rouault <even.rouault at spatialys.com>
-+
- 	* libtiff/tif_pixarlog.c: Fix write buffer overflow in PixarLogEncode
- 	if more input samples are provided than expected by PixarLogSetupEncode.
- 	Idea based on libtiff-CVE-2016-3990.patch from
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index 27abc0b..ddba7b9 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -798,6 +798,11 @@ static int readContigTilesIntoBuffer (TIFF* in, uint8* buf,
-     }
- 
-   tile_buffsize = tilesize;
-+  if (tilesize == 0 || tile_rowsize == 0)
-+  {
-+     TIFFError("readContigTilesIntoBuffer", "Tile size or tile rowsize is zero");
-+     exit(-1);
-+  }
- 
-   if (tilesize < (tsize_t)(tl * tile_rowsize))
-     {
-@@ -807,7 +812,12 @@ static int readContigTilesIntoBuffer (TIFF* in, uint8* buf,
-               tilesize, tl * tile_rowsize);
- #endif
-     tile_buffsize = tl * tile_rowsize;
--    } 
-+    if (tl != (tile_buffsize / tile_rowsize))
-+    {
-+    	TIFFError("readContigTilesIntoBuffer", "Integer overflow when calculating buffer size.");
-+        exit(-1);
-+    }
-+    }
- 
-   tilebuf = _TIFFmalloc(tile_buffsize);
-   if (tilebuf == 0)
-@@ -1210,6 +1220,12 @@ static int writeBufferToContigTiles (TIFF* out, uint8* buf, uint32 imagelength,
-       !TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps) )
-       return 1;
- 
-+  if (tilesize == 0 || tile_rowsize == 0 || tl == 0 || tw == 0)
-+  {
-+    TIFFError("writeBufferToContigTiles", "Tile size, tile row size, tile width, or tile length is zero");
-+    exit(-1);
-+  }
-+  
-   tile_buffsize = tilesize;
-   if (tilesize < (tsize_t)(tl * tile_rowsize))
-     {
-@@ -1219,6 +1235,11 @@ static int writeBufferToContigTiles (TIFF* out, uint8* buf, uint32 imagelength,
-               tilesize, tl * tile_rowsize);
- #endif
-     tile_buffsize = tl * tile_rowsize;
-+    if (tl != tile_buffsize / tile_rowsize)
-+    {
-+	TIFFError("writeBufferToContigTiles", "Integer overflow when calculating buffer size");
-+	exit(-1);
-+    }
-     }
- 
-   tilebuf = _TIFFmalloc(tile_buffsize);
-@@ -5945,12 +5966,27 @@ loadImage(TIFF* in, struct image_data *image, struct dump_opts *dump, unsigned c
-     TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
- 
-     tile_rowsize  = TIFFTileRowSize(in);      
-+    if (ntiles == 0 || tlsize == 0 || tile_rowsize == 0)
-+    {
-+	TIFFError("loadImage", "File appears to be tiled, but the number of tiles, tile size, or tile rowsize is zero.");
-+	exit(-1);
-+    }
-     buffsize = tlsize * ntiles;
-+    if (tlsize != (buffsize / ntiles))
-+    {
-+	TIFFError("loadImage", "Integer overflow when calculating buffer size");
-+	exit(-1);
-+    }
- 
--        
-     if (buffsize < (uint32)(ntiles * tl * tile_rowsize))
-       {
-       buffsize = ntiles * tl * tile_rowsize;
-+      if (ntiles != (buffsize / tl / tile_rowsize))
-+      {
-+	TIFFError("loadImage", "Integer overflow when calculating buffer size");
-+	exit(-1);
-+      }
-+      
- #ifdef DEBUG2
-       TIFFError("loadImage",
- 	        "Tilesize %u is too small, using ntiles * tilelength * tilerowsize %lu",
-@@ -5969,8 +6005,25 @@ loadImage(TIFF* in, struct image_data *image, struct dump_opts *dump, unsigned c
-     TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
-     stsize = TIFFStripSize(in);
-     nstrips = TIFFNumberOfStrips(in);
-+    if (nstrips == 0 || stsize == 0)
-+    {
-+	TIFFError("loadImage", "File appears to be striped, but the number of stipes or stripe size is zero.");
-+	exit(-1);
-+    }
-+
-     buffsize = stsize * nstrips;
--    
-+    if (stsize != (buffsize / nstrips))
-+    {
-+	TIFFError("loadImage", "Integer overflow when calculating buffer size");
-+	exit(-1);
-+    }
-+    uint32 buffsize_check;
-+    buffsize_check = ((length * width * spp * bps) + 7);
-+    if (length != ((buffsize_check - 7) / width / spp / bps))
-+    {
-+	TIFFError("loadImage", "Integer overflow detected.");
-+	exit(-1);
-+    }
-     if (buffsize < (uint32) (((length * width * spp * bps) + 7) / 8))
-       {
-       buffsize =  ((length * width * spp * bps) + 7) / 8;
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-5321.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-5321.patch
deleted file mode 100644
index 63c6650..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-5321.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From d9783e4a1476b6787a51c5ae9e9b3156527589f0 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 11 Jul 2016 21:26:03 +0000
-Subject: [PATCH 1/2] * tools/tiffcrop.c: Avoid access outside of stack
- allocated array on a tiled separate TIFF with more than 8 samples per pixel.
- Reported by Kaixiang Zhang of the Cloud Security Team, Qihoo 360
- (CVE-2016-5321, bugzilla #2558)
-
-CVE: CVE-2016-5321
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/d9783e4a1476b6787a51c5ae9e9b3156527589f0
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog        | 7 +++++++
- tools/tiffcrop.c | 2 +-
- 2 files changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index e98d54d..4e0302f 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,3 +1,10 @@
-+2016-07-11 Even Rouault <even.rouault at spatialys.com>
-+
-+	* tools/tiffcrop.c: Avoid access outside of stack allocated array
-+	on a tiled separate TIFF with more than 8 samples per pixel.
-+	Reported by Kaixiang Zhang of the Cloud Security Team, Qihoo 360
-+	(CVE-2016-5321, bugzilla #2558)
-+
- 2015-12-27  Even Rouault <even.rouault at spatialys.com>
-
-	* libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index d959ae3..6fc8fc1 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -989,7 +989,7 @@ static int  readSeparateTilesIntoBuffer (TIFF* in, uint8 *obuf,
-     nrow = (row + tl > imagelength) ? imagelength - row : tl;
-     for (col = 0; col < imagewidth; col += tw)
-       {
--      for (s = 0; s < spp; s++)
-+      for (s = 0; s < spp && s < MAX_SAMPLES; s++)
-         {  /* Read each plane of a tile set into srcbuffs[s] */
- 	tbytes = TIFFReadTile(in, srcbuffs[s], col, row, 0, s);
-         if (tbytes < 0  && !ignore)
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch
deleted file mode 100644
index 41eab91..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From 2f79856097f423eb33796a15fcf700d2ea41bf31 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 11 Jul 2016 21:38:31 +0000
-Subject: [PATCH 2/2] (CVE-2016-5321 / CVE-2016-5323 , bugzilla #2558 / #2559)
-
-CVE: CVE-2016-5323
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/2f79856097f423eb33796a15fcf700d2ea41bf31
-
-Signed-off-by: Yi Zhao <yi.zhao@windirver.com>
----
- ChangeLog        |  2 +-
- tools/tiffcrop.c | 16 ++++++++--------
- 2 files changed, 9 insertions(+), 9 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index 4e0302f..62dc1b5 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -3,7 +3,7 @@
- 	* tools/tiffcrop.c: Avoid access outside of stack allocated array
- 	on a tiled separate TIFF with more than 8 samples per pixel.
- 	Reported by Kaixiang Zhang of the Cloud Security Team, Qihoo 360
--	(CVE-2016-5321, bugzilla #2558)
-+	(CVE-2016-5321 / CVE-2016-5323 , bugzilla #2558 / #2559)
- 
- 2016-07-10 Even Rouault <even.rouault at spatialys.com>
- 
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index 6fc8fc1..27abc0b 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -3738,7 +3738,7 @@ combineSeparateSamples8bits (uint8 *in[], uint8 *out, uint32 cols,
- 
-       matchbits = maskbits << (8 - src_bit - bps); 
-       /* load up next sample from each plane */
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
-         {
- 	src = in[s] + src_offset + src_byte;
-         buff1 = ((*src) & matchbits) << (src_bit);
-@@ -3837,7 +3837,7 @@ combineSeparateSamples16bits (uint8 *in[], uint8 *out, uint32 cols,
-       src_bit  = bit_offset % 8;
- 
-       matchbits = maskbits << (16 - src_bit - bps); 
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
-         {
- 	src = in[s] + src_offset + src_byte;
-         if (little_endian)
-@@ -3947,7 +3947,7 @@ combineSeparateSamples24bits (uint8 *in[], uint8 *out, uint32 cols,
-       src_bit  = bit_offset % 8;
- 
-       matchbits = maskbits << (32 - src_bit - bps); 
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
-         {
- 	src = in[s] + src_offset + src_byte;
-         if (little_endian)
-@@ -4073,7 +4073,7 @@ combineSeparateSamples32bits (uint8 *in[], uint8 *out, uint32 cols,
-       src_bit  = bit_offset % 8;
- 
-       matchbits = maskbits << (64 - src_bit - bps); 
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- 	{
- 	src = in[s] + src_offset + src_byte;
- 	if (little_endian)
-@@ -4263,7 +4263,7 @@ combineSeparateTileSamples8bits (uint8 *in[], uint8 *out, uint32 cols,
- 
-       matchbits = maskbits << (8 - src_bit - bps); 
-       /* load up next sample from each plane */
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
-         {
- 	src = in[s] + src_offset + src_byte;
-         buff1 = ((*src) & matchbits) << (src_bit);
-@@ -4362,7 +4362,7 @@ combineSeparateTileSamples16bits (uint8 *in[], uint8 *out, uint32 cols,
-       src_bit  = bit_offset % 8;
- 
-       matchbits = maskbits << (16 - src_bit - bps); 
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
-         {
- 	src = in[s] + src_offset + src_byte;
-         if (little_endian)
-@@ -4471,7 +4471,7 @@ combineSeparateTileSamples24bits (uint8 *in[], uint8 *out, uint32 cols,
-       src_bit  = bit_offset % 8;
- 
-       matchbits = maskbits << (32 - src_bit - bps); 
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
-         {
- 	src = in[s] + src_offset + src_byte;
-         if (little_endian)
-@@ -4597,7 +4597,7 @@ combineSeparateTileSamples32bits (uint8 *in[], uint8 *out, uint32 cols,
-       src_bit  = bit_offset % 8;
- 
-       matchbits = maskbits << (64 - src_bit - bps); 
--      for (s = 0; s < spp; s++)
-+      for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
- 	{
- 	src = in[s] + src_offset + src_byte;
- 	if (little_endian)
--- 
-2.7.4
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch
deleted file mode 100644
index 26fd0df..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch
+++ /dev/null
@@ -1,423 +0,0 @@
-From 3ca657a8793dd011bf869695d72ad31c779c3cc1 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Mon, 31 Oct 2016 17:24:26 +0000
-Subject: [PATCH 1/2] Fix CVE-2016-9535
-
-* libtiff/tif_predict.h, libtiff/tif_predict.c: Replace
- assertions by runtime checks to avoid assertions in debug mode, or buffer
- overflows in release mode. Can happen when dealing with unusual tile size
- like YCbCr with subsampling. Reported as MSVR 35105 by Axel Souchet	&
- Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team.
-
-CVE: CVE-2016-9535
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
-
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
-
----
- libtiff/tif_predict.c | 153 +++++++++++++++++++++++++++++++++++---------------
- libtiff/tif_predict.h |   6 +-
- 2 files changed, 121 insertions(+), 47 deletions(-)
-
-diff --git a/libtiff/tif_predict.c b/libtiff/tif_predict.c
-index 555f2f9..b829259 100644
---- a/libtiff/tif_predict.c
-+++ b/libtiff/tif_predict.c
-@@ -34,18 +34,18 @@
- 
- #define	PredictorState(tif)	((TIFFPredictorState*) (tif)->tif_data)
- 
--static void horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void swabHorAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void swabHorAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void swabHorDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void swabHorDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc);
--static void fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int swabHorAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int swabHorAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int swabHorDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int swabHorDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc);
-+static int fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc);
- static int PredictorDecodeRow(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s);
- static int PredictorDecodeTile(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s);
- static int PredictorEncodeRow(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s);
-@@ -273,13 +273,19 @@ PredictorSetupEncode(TIFF* tif)
- /* - when storing into the byte stream, we explicitly mask with 0xff so */
- /*   as to make icc -check=conversions happy (not necessary by the standard) */
- 
--static void
-+static int
- horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	tmsize_t stride = PredictorState(tif)->stride;
- 
- 	unsigned char* cp = (unsigned char*) cp0;
--	assert((cc%stride)==0);
-+    if((cc%stride)!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "horAcc8",
-+                     "%s", "(cc%stride)!=0");
-+        return 0;
-+    }
-+
- 	if (cc > stride) {
- 		/*
- 		 * Pipeline the most common cases.
-@@ -321,26 +327,32 @@ horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc)
- 			} while (cc>0);
- 		}
- 	}
-+	return 1;
- }
- 
--static void
-+static int
- swabHorAcc16(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	uint16* wp = (uint16*) cp0;
- 	tmsize_t wc = cc / 2;
- 
-         TIFFSwabArrayOfShort(wp, wc);
--        horAcc16(tif, cp0, cc);
-+        return horAcc16(tif, cp0, cc);
- }
- 
--static void
-+static int
- horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	tmsize_t stride = PredictorState(tif)->stride;
- 	uint16* wp = (uint16*) cp0;
- 	tmsize_t wc = cc / 2;
- 
--	assert((cc%(2*stride))==0);
-+    if((cc%(2*stride))!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "horAcc16",
-+                     "%s", "cc%(2*stride))!=0");
-+        return 0;
-+    }
- 
- 	if (wc > stride) {
- 		wc -= stride;
-@@ -349,26 +361,32 @@ horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc)
- 			wc -= stride;
- 		} while (wc > 0);
- 	}
-+	return 1;
- }
- 
--static void
-+static int
- swabHorAcc32(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	uint32* wp = (uint32*) cp0;
- 	tmsize_t wc = cc / 4;
- 
-         TIFFSwabArrayOfLong(wp, wc);
--	horAcc32(tif, cp0, cc);
-+	return horAcc32(tif, cp0, cc);
- }
- 
--static void
-+static int
- horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	tmsize_t stride = PredictorState(tif)->stride;
- 	uint32* wp = (uint32*) cp0;
- 	tmsize_t wc = cc / 4;
- 
--	assert((cc%(4*stride))==0);
-+    if((cc%(4*stride))!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "horAcc32",
-+                     "%s", "cc%(4*stride))!=0");
-+        return 0;
-+    }
- 
- 	if (wc > stride) {
- 		wc -= stride;
-@@ -377,12 +395,13 @@ horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc)
- 			wc -= stride;
- 		} while (wc > 0);
- 	}
-+	return 1;
- }
- 
- /*
-  * Floating point predictor accumulation routine.
-  */
--static void
-+static int
- fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	tmsize_t stride = PredictorState(tif)->stride;
-@@ -392,10 +411,15 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	uint8 *cp = (uint8 *) cp0;
- 	uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
- 
--	assert((cc%(bps*stride))==0);
-+    if(cc%(bps*stride)!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "fpAcc",
-+                     "%s", "cc%(bps*stride))!=0");
-+        return 0;
-+    }
- 
- 	if (!tmp)
--		return;
-+		return 0;
- 
- 	while (count > stride) {
- 		REPEAT4(stride, cp[stride] =
-@@ -417,6 +441,7 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
- 		}
- 	}
- 	_TIFFfree(tmp);
-+    return 1;
- }
- 
- /*
-@@ -432,8 +457,7 @@ PredictorDecodeRow(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- 	assert(sp->decodepfunc != NULL);  
- 
- 	if ((*sp->decoderow)(tif, op0, occ0, s)) {
--		(*sp->decodepfunc)(tif, op0, occ0);
--		return 1;
-+		return (*sp->decodepfunc)(tif, op0, occ0);
- 	} else
- 		return 0;
- }
-@@ -456,10 +480,16 @@ PredictorDecodeTile(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- 	if ((*sp->decodetile)(tif, op0, occ0, s)) {
- 		tmsize_t rowsize = sp->rowsize;
- 		assert(rowsize > 0);
--		assert((occ0%rowsize)==0);
-+		if((occ0%rowsize) !=0)
-+        {
-+            TIFFErrorExt(tif->tif_clientdata, "PredictorDecodeTile",
-+                         "%s", "occ0%rowsize != 0");
-+            return 0;
-+        }
- 		assert(sp->decodepfunc != NULL);
- 		while (occ0 > 0) {
--			(*sp->decodepfunc)(tif, op0, rowsize);
-+			if( !(*sp->decodepfunc)(tif, op0, rowsize) )
-+                return 0;
- 			occ0 -= rowsize;
- 			op0 += rowsize;
- 		}
-@@ -468,14 +498,19 @@ PredictorDecodeTile(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- 		return 0;
- }
- 
--static void
-+static int
- horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	TIFFPredictorState* sp = PredictorState(tif);
- 	tmsize_t stride = sp->stride;
- 	unsigned char* cp = (unsigned char*) cp0;
- 
--	assert((cc%stride)==0);
-+    if((cc%stride)!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "horDiff8",
-+                     "%s", "(cc%stride)!=0");
-+        return 0;
-+    }
- 
- 	if (cc > stride) {
- 		cc -= stride;
-@@ -513,9 +548,10 @@ horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc)
- 			} while ((cc -= stride) > 0);
- 		}
- 	}
-+	return 1;
- }
- 
--static void
-+static int
- horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	TIFFPredictorState* sp = PredictorState(tif);
-@@ -523,7 +559,12 @@ horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	uint16 *wp = (uint16*) cp0;
- 	tmsize_t wc = cc/2;
- 
--	assert((cc%(2*stride))==0);
-+    if((cc%(2*stride))!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "horDiff8",
-+                     "%s", "(cc%(2*stride))!=0");
-+        return 0;
-+    }
- 
- 	if (wc > stride) {
- 		wc -= stride;
-@@ -533,20 +574,23 @@ horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
- 			wc -= stride;
- 		} while (wc > 0);
- 	}
-+	return 1;
- }
- 
--static void
-+static int
- swabHorDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
-     uint16* wp = (uint16*) cp0;
-     tmsize_t wc = cc / 2;
- 
--    horDiff16(tif, cp0, cc);
-+    if( !horDiff16(tif, cp0, cc) )
-+        return 0;
- 
-     TIFFSwabArrayOfShort(wp, wc);
-+    return 1;
- }
- 
--static void
-+static int
- horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	TIFFPredictorState* sp = PredictorState(tif);
-@@ -554,7 +598,12 @@ horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	uint32 *wp = (uint32*) cp0;
- 	tmsize_t wc = cc/4;
- 
--	assert((cc%(4*stride))==0);
-+    if((cc%(4*stride))!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "horDiff32",
-+                     "%s", "(cc%(4*stride))!=0");
-+        return 0;
-+    }
- 
- 	if (wc > stride) {
- 		wc -= stride;
-@@ -564,23 +613,26 @@ horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
- 			wc -= stride;
- 		} while (wc > 0);
- 	}
-+	return 1;
- }
- 
--static void
-+static int
- swabHorDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
-     uint32* wp = (uint32*) cp0;
-     tmsize_t wc = cc / 4;
- 
--    horDiff32(tif, cp0, cc);
-+    if( !horDiff32(tif, cp0, cc) )
-+        return 0;
- 
-     TIFFSwabArrayOfLong(wp, wc);
-+    return 1;
- }
- 
- /*
-  * Floating point predictor differencing routine.
-  */
--static void
-+static int
- fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
- {
- 	tmsize_t stride = PredictorState(tif)->stride;
-@@ -590,10 +642,14 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	uint8 *cp = (uint8 *) cp0;
- 	uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
- 
--	assert((cc%(bps*stride))==0);
--
-+    if((cc%(bps*stride))!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "fpDiff",
-+                     "%s", "(cc%(bps*stride))!=0");
-+        return 0;
-+    }
- 	if (!tmp)
--		return;
-+		return 0;
- 
- 	_TIFFmemcpy(tmp, cp0, cc);
- 	for (count = 0; count < wc; count++) {
-@@ -613,6 +669,7 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	cp += cc - stride - 1;
- 	for (count = cc; count > stride; count -= stride)
- 		REPEAT4(stride, cp[stride] = (unsigned char)((cp[stride] - cp[0])&0xff); cp--)
-+    return 1;
- }
- 
- static int
-@@ -625,7 +682,8 @@ PredictorEncodeRow(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- 	assert(sp->encoderow != NULL);
- 
- 	/* XXX horizontal differencing alters user's data XXX */
--	(*sp->encodepfunc)(tif, bp, cc);
-+	if( !(*sp->encodepfunc)(tif, bp, cc) )
-+        return 0;
- 	return (*sp->encoderow)(tif, bp, cc, s);
- }
- 
-@@ -660,7 +718,12 @@ PredictorEncodeTile(TIFF* tif, uint8* bp0, tmsize_t cc0, uint16 s)
- 
- 	rowsize = sp->rowsize;
- 	assert(rowsize > 0);
--	assert((cc0%rowsize)==0);
-+	if((cc0%rowsize)!=0)
-+    {
-+        TIFFErrorExt(tif->tif_clientdata, "PredictorEncodeTile",
-+                     "%s", "(cc0%rowsize)!=0");
-+        return 0;
-+    }
- 	while (cc > 0) {
- 		(*sp->encodepfunc)(tif, bp, rowsize);
- 		cc -= rowsize;
-diff --git a/libtiff/tif_predict.h b/libtiff/tif_predict.h
-index 91330cc..9e485a4 100644
---- a/libtiff/tif_predict.h
-+++ b/libtiff/tif_predict.h
-@@ -30,6 +30,8 @@
-  * ``Library-private'' Support for the Predictor Tag
-  */
- 
-+typedef int (*TIFFEncodeDecodeMethod)(TIFF* tif, uint8* buf, tmsize_t size);
-+
- /*
-  * Codecs that want to support the Predictor tag must place
-  * this structure first in their private state block so that
-@@ -43,12 +45,12 @@ typedef struct {
- 	TIFFCodeMethod  encoderow;	/* parent codec encode/decode row */
- 	TIFFCodeMethod  encodestrip;	/* parent codec encode/decode strip */
- 	TIFFCodeMethod  encodetile;	/* parent codec encode/decode tile */ 
--	TIFFPostMethod  encodepfunc;	/* horizontal differencer */
-+	TIFFEncodeDecodeMethod  encodepfunc;	/* horizontal differencer */
- 
- 	TIFFCodeMethod  decoderow;	/* parent codec encode/decode row */
- 	TIFFCodeMethod  decodestrip;	/* parent codec encode/decode strip */
- 	TIFFCodeMethod  decodetile;	/* parent codec encode/decode tile */ 
--	TIFFPostMethod  decodepfunc;	/* horizontal accumulator */
-+	TIFFEncodeDecodeMethod  decodepfunc;	/* horizontal accumulator */
- 
- 	TIFFVGetMethod  vgetparent;	/* super-class method */
- 	TIFFVSetMethod  vsetparent;	/* super-class method */
--- 
-2.9.3
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch
deleted file mode 100644
index 977dbf6..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From 6a984bf7905c6621281588431f384e79d11a2e33 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Fri, 4 Nov 2016 09:19:13 +0000
-Subject: [PATCH 2/2] Fix CVE-2016-9535
-* libtiff/tif_predic.c: fix memory leaks in error code
- paths added in previous commit (fix for MSVR 35105)
-
-CVE: CVE-2016-9535
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33
-
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
-
----
- libtiff/tif_predict.c | 8 ++++++--
- 1 files changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/libtiff/tif_predict.c b/libtiff/tif_predict.c
-index b829259..3f42f3b 100644
---- a/libtiff/tif_predict.c
-+++ b/libtiff/tif_predict.c
-@@ -409,7 +409,7 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	tmsize_t wc = cc / bps;
- 	tmsize_t count = cc;
- 	uint8 *cp = (uint8 *) cp0;
--	uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
-+	uint8 *tmp;
- 
-     if(cc%(bps*stride)!=0)
-     {
-@@ -418,6 +418,7 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
-         return 0;
-     }
- 
-+    tmp = (uint8 *)_TIFFmalloc(cc);
- 	if (!tmp)
- 		return 0;
- 
-@@ -640,7 +641,7 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
- 	tmsize_t wc = cc / bps;
- 	tmsize_t count;
- 	uint8 *cp = (uint8 *) cp0;
--	uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
-+	uint8 *tmp;
- 
-     if((cc%(bps*stride))!=0)
-     {
-@@ -648,6 +649,8 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
-                      "%s", "(cc%(bps*stride))!=0");
-         return 0;
-     }
-+
-+    tmp = (uint8 *)_TIFFmalloc(cc);
- 	if (!tmp)
- 		return 0;
- 
-@@ -722,6 +725,7 @@ PredictorEncodeTile(TIFF* tif, uint8* bp0, tmsize_t cc0, uint16 s)
-     {
-         TIFFErrorExt(tif->tif_clientdata, "PredictorEncodeTile",
-                      "%s", "(cc0%rowsize)!=0");
-+        _TIFFfree( working_copy );
-         return 0;
-     }
- 	while (cc > 0) {
--- 
-2.9.3
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch
deleted file mode 100644
index e1141df..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From 43c0b81a818640429317c80fea1e66771e85024b Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sat, 8 Oct 2016 15:04:31 +0000
-Subject: [PATCH] Fix CVE-2016-9538
-* tools/tiffcp.c: fix read of undefined variable in case of
- missing required tags. Found on test case of MSVR 35100. * tools/tiffcrop.c:
- fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16
- overflow. Probably not a security issue but I can be wrong. Reported as MSVR
- 35100 by Axel Souchet from the MSRC Vulnerabilities & Mitigations team.
-
-CVE: CVE-2016-9538
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
-
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
-
----
- tools/tiffcp.c   | 4 ++--
- tools/tiffcrop.c | 9 ++++++---
- 2 files changed, 17 insertions(+), 5 deletions(-)
-
-diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index ba2b715..4ad74d3 100644
---- a/tools/tiffcp.c
-+++ b/tools/tiffcp.c
-@@ -592,8 +592,8 @@ static	copyFunc pickCopyFunc(TIFF*, TIFF*, uint16, uint16);
- static int
- tiffcp(TIFF* in, TIFF* out)
- {
--	uint16 bitspersample, samplesperpixel;
--	uint16 input_compression, input_photometric;
-+	uint16 bitspersample, samplesperpixel = 1;
-+	uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK;
- 	copyFunc cf;
- 	uint32 width, length;
- 	struct cpTag* p;
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index 7685566..eb6de77 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -3628,7 +3628,7 @@ static int readContigStripsIntoBuffer (TIFF* in, uint8* buf)
- {
-         uint8* bufp = buf;
-         int32  bytes_read = 0;
--        uint16 strip, nstrips   = TIFFNumberOfStrips(in);
-+        uint32 strip, nstrips   = TIFFNumberOfStrips(in);
-         uint32 stripsize = TIFFStripSize(in);
-         uint32 rows = 0;
-         uint32 rps = TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps);
-@@ -4711,9 +4711,12 @@ static int readSeparateStripsIntoBuffer (TIFF *in, uint8 *obuf, uint32 length,
-                                          uint32 width, uint16 spp,
-                                          struct dump_opts *dump)
-   {
--  int i, j, bytes_per_sample, bytes_per_pixel, shift_width, result = 1;
-+  int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1;
-+  uint32 j;
-   int32  bytes_read = 0;
--  uint16 bps, nstrips, planar, strips_per_sample;
-+  uint16 bps, planar;
-+  uint32 nstrips;
-+  uint32 strips_per_sample;
-   uint32 src_rowsize, dst_rowsize, rows_processed, rps;
-   uint32 rows_this_strip = 0;
-   tsample_t s;
--- 
-2.9.3
-
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9539.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9539.patch
deleted file mode 100644
index 1d9be42..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-9539.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From ae9365db1b271b62b35ce018eac8799b1d5e8a53 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Fri, 14 Oct 2016 19:13:20 +0000
-Subject: [PATCH ] * tools/tiffcrop.c: fix out-of-bound read of up to 3 bytes
- in readContigTilesIntoBuffer(). Reported as MSVR 35092 by Axel Souchet
- & Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team.
-
-CVE: CVE-2016-9539
-
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53
-
-Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
-
----
- ChangeLog        |  6 ++++++
- tools/tiffcrop.c | 11 ++++++++++-
- 2 files changed, 16 insertions(+), 1 deletion(-)
-
-Index: tiff-4.0.6/ChangeLog
-===================================================================
---- tiff-4.0.6.orig/ChangeLog	2016-11-28 14:56:32.109283913 +0800
-+++ tiff-4.0.6/ChangeLog	2016-11-28 16:36:01.805325534 +0800
-@@ -17,6 +17,12 @@
- 	Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500
- 	(CVE-2014-8127, duplicate: CVE-2016-3658)
- 
-+2016-10-14 Even Rouault <even.rouault at spatialys.com>
-+
-+	* tools/tiffcrop.c: fix out-of-bound read of up to 3 bytes in
-+	readContigTilesIntoBuffer(). Reported as MSVR 35092 by Axel Souchet
-+	& Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team.
-+
- 2016-10-08 Even Rouault <even.rouault at spatialys.com>
- 
- 	* tools/tiffcp.c: fix out-of-bounds write on tiled images with odd
-Index: tiff-4.0.6/tools/tiffcrop.c
-===================================================================
---- tiff-4.0.6.orig/tools/tiffcrop.c	2016-11-28 14:56:31.433283908 +0800
-+++ tiff-4.0.6/tools/tiffcrop.c	2016-11-28 16:42:13.793328128 +0800
-@@ -819,9 +819,18 @@
-     }
-     }
- 
--  tilebuf = _TIFFmalloc(tile_buffsize);
-+  /* Add 3 padding bytes for extractContigSamplesShifted32bits */
-+  if( tile_buffsize > 0xFFFFFFFFU - 3 )
-+  {
-+      TIFFError("readContigTilesIntoBuffer", "Integer overflow when calculating buffer size.");
-+      exit(-1);
-+  }
-+  tilebuf = _TIFFmalloc(tile_buffsize + 3);
-   if (tilebuf == 0)
-     return 0;
-+  tilebuf[tile_buffsize] = 0;
-+  tilebuf[tile_buffsize+1] = 0;
-+  tilebuf[tile_buffsize+2] = 0;
- 
-   dst_rowsize = ((imagewidth * bps * spp) + 7) / 8;  
-   for (row = 0; row < imagelength; row += tl)
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9540.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9540.patch
deleted file mode 100644
index dddaa0c..0000000
--- a/meta/recipes-multimedia/libtiff/files/CVE-2016-9540.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sat, 8 Oct 2016 15:54:56 +0000
-Subject: [PATCH] fix CVE-2016-9540
- * tools/tiffcp.c: fix out-of-bounds write on tiled images with odd
- tile width vs image width. Reported as MSVR 35103
- by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities &
- Mitigations team.
-
-CVE: CVE-2016-9540
-
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3
-
-Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
----
- ChangeLog      | 7 +++++++
- tools/tiffcp.c | 4 ++--
- 2 files changed, 9 insertions(+), 2 deletions(-)
-
-Index: tiff-4.0.4/ChangeLog
-===================================================================
---- tiff-4.0.4.orig/ChangeLog	2016-11-24 14:40:43.046867737 +0800
-+++ tiff-4.0.4/ChangeLog	2016-11-28 14:38:01.681276171 +0800
-@@ -17,6 +17,13 @@
- 	Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500
- 	(CVE-2014-8127, duplicate: CVE-2016-3658)
- 
-+2016-10-08 Even Rouault <even.rouault at spatialys.com>
-+
-+	* tools/tiffcp.c: fix out-of-bounds write on tiled images with odd
-+	tile width vs image width. Reported as MSVR 35103
-+	by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities &
-+	Mitigations team.
-+
- 2016-09-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>
-
- 	* libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts to
-Index: tiff-4.0.4/tools/tiffcp.c
-===================================================================
---- tiff-4.0.4.orig/tools/tiffcp.c	2015-06-21 09:09:10.000000000 +0800
-+++ tiff-4.0.4/tools/tiffcp.c	2016-11-28 14:41:02.221277430 +0800
-@@ -1338,7 +1338,7 @@
- 		uint32 colb = 0;
- 		uint32 col;
- 
--		for (col = 0; col < imagewidth; col += tw) {
-+		for (col = 0; col < imagewidth && colb < imagew; col += tw) {
- 			if (TIFFReadTile(in, tilebuf, col, row, 0, 0) < 0
- 			    && !ignore) {
- 				TIFFError(TIFFFileName(in),
-@@ -1523,7 +1523,7 @@
- 		uint32 colb = 0;
- 		uint32 col;
- 
--		for (col = 0; col < imagewidth; col += tw) {
-+		for (col = 0; col < imagewidth && colb < imagew; col += tw) {
- 			/*
- 			 * Tile is clipped horizontally.  Calculate
- 			 * visible portion and skewing factors.
diff --git a/meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch b/meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch
deleted file mode 100644
index bd587e6..0000000
--- a/meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch
+++ /dev/null
@@ -1,281 +0,0 @@
-From 83a4b92815ea04969d494416eaae3d4c6b338e4a Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Fri, 23 Sep 2016 22:12:18 +0000
-Subject: [PATCH] Fix several CVE issues
-
-Fix CVE-2016-9533, CVE-2016-9534, CVE-2016-9536 and CVE-2016-9537
-
-* tools/tiffcrop.c: fix various out-of-bounds write
- vulnerabilities in heap or stack allocated buffers. Reported as MSVR 35093,
- MSVR 35096 and MSVR 35097. Discovered by Axel Souchet and Vishal Chauhan from
- the MSRC Vulnerabilities & Mitigations team. * tools/tiff2pdf.c: fix
- out-of-bounds write vulnerabilities in heap allocate buffer in
- t2p_process_jpeg_strip(). Reported as MSVR 35098. Discovered by Axel Souchet
- and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. *
- libtiff/tif_pixarlog.c: fix out-of-bounds write vulnerabilities in heap
- allocated buffers. Reported as MSVR 35094. Discovered by Axel Souchet and
- Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. *
- libtiff/tif_write.c: fix issue in error code path of TIFFFlushData1() that
- didn't reset the tif_rawcc and tif_rawcp members. I'm not completely sure if
- that could happen in practice outside of the odd behaviour of t2p_seekproc()
- of tiff2pdf). The report points that a better fix could be to check the
- return value of TIFFFlushData1() in places where it isn't done currently, but
- it seems this patch is enough. Reported as MSVR 35095. Discovered by Axel
- Souchet & Vishal Chauhan & Suha Can from the MSRC Vulnerabilities &
- Mitigations team.
-
-CVE: CVE-2016-9533, CVE-2016-9534, CVE-2016-9536, CVE-2016-9537
-Upstream-Status: Backport
-https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-bdc795f6afeb9558c1012b3cfae729ef
-
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
-
----
- libtiff/tif_pixarlog.c | 55 +++++++++++++++++++++-----------------------------
- libtiff/tif_write.c    |  7 +++++++
- tools/tiff2pdf.c       | 22 ++++++++++++++++++--
- tools/tiffcrop.c       | 20 +++++++++++++++++-
- 4 files changed, 92 insertions(+), 35 deletions(-)
-
-diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c
-index 1fb8f3b..d1246c3 100644
---- a/libtiff/tif_pixarlog.c
-+++ b/libtiff/tif_pixarlog.c
-@@ -983,17 +983,14 @@ horizontalDifferenceF(float *ip, int n, int stride, uint16 *wp, uint16 *FromLT2)
- 		a1 = (int32) CLAMP(ip[3]); wp[3] = (uint16)((a1-a2) & mask); a2 = a1;
- 	    }
- 	} else {
--	    ip += n - 1;	/* point to last one */
--	    wp += n - 1;	/* point to last one */
--	    n -= stride;
--	    while (n > 0) {
--		REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]);
--				wp[stride] -= wp[0];
--				wp[stride] &= mask;
--				wp--; ip--)
--		n -= stride;
--	    }
--	    REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); wp--; ip--)
-+        REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); wp++; ip++)
-+        n -= stride;
-+        while (n > 0) {
-+            REPEAT(stride,
-+                wp[0] = (uint16)(((int32)CLAMP(ip[0])-(int32)CLAMP(ip[-stride])) & mask);
-+                wp++; ip++)
-+            n -= stride;
-+        }
- 	}
-     }
- }
-@@ -1036,17 +1033,14 @@ horizontalDifference16(unsigned short *ip, int n, int stride,
- 		a1 = CLAMP(ip[3]); wp[3] = (uint16)((a1-a2) & mask); a2 = a1;
- 	    }
- 	} else {
--	    ip += n - 1;	/* point to last one */
--	    wp += n - 1;	/* point to last one */
-+        REPEAT(stride, wp[0] = CLAMP(ip[0]); wp++; ip++)
- 	    n -= stride;
- 	    while (n > 0) {
--		REPEAT(stride, wp[0] = CLAMP(ip[0]);
--				wp[stride] -= wp[0];
--				wp[stride] &= mask;
--				wp--; ip--)
--		n -= stride;
--	    }
--	    REPEAT(stride, wp[0] = CLAMP(ip[0]); wp--; ip--)
-+            REPEAT(stride,
-+                wp[0] = (uint16)((CLAMP(ip[0])-CLAMP(ip[-stride])) & mask);
-+                wp++; ip++)
-+            n -= stride;
-+        }
- 	}
-     }
- }
-@@ -1089,18 +1083,15 @@ horizontalDifference8(unsigned char *ip, int n, int stride,
- 		ip += 4;
- 	    }
- 	} else {
--	    wp += n + stride - 1;	/* point to last one */
--	    ip += n + stride - 1;	/* point to last one */
--	    n -= stride;
--	    while (n > 0) {
--		REPEAT(stride, wp[0] = CLAMP(ip[0]);
--				wp[stride] -= wp[0];
--				wp[stride] &= mask;
--				wp--; ip--)
--		n -= stride;
--	    }
--	    REPEAT(stride, wp[0] = CLAMP(ip[0]); wp--; ip--)
--	}
-+        REPEAT(stride, wp[0] = CLAMP(ip[0]); wp++; ip++)
-+        n -= stride;
-+        while (n > 0) {
-+            REPEAT(stride,
-+                wp[0] = (uint16)((CLAMP(ip[0])-CLAMP(ip[-stride])) & mask);
-+                wp++; ip++)
-+            n -= stride;
-+        }
-+    }
-     }
- }
- 
-diff --git a/libtiff/tif_write.c b/libtiff/tif_write.c
-index f9a3fc0..d8fa802 100644
---- a/libtiff/tif_write.c
-+++ b/libtiff/tif_write.c
-@@ -798,7 +798,14 @@ TIFFFlushData1(TIFF* tif)
- 		if (!TIFFAppendToStrip(tif,
- 		    isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip,
- 		    tif->tif_rawdata, tif->tif_rawcc))
-+        {
-+            /* We update those variables even in case of error since there's */
-+            /* code that doesn't really check the return code of this */
-+            /* function */
-+            tif->tif_rawcc = 0;
-+            tif->tif_rawcp = tif->tif_rawdata;
- 			return (0);
-+        }
- 		tif->tif_rawcc = 0;
- 		tif->tif_rawcp = tif->tif_rawdata;
- 	}
-diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
-index dcd5a7e..f8df6b5 100644
---- a/tools/tiff2pdf.c
-+++ b/tools/tiff2pdf.c
-@@ -286,7 +286,7 @@ tsize_t t2p_readwrite_pdf_image_tile(T2P*, TIFF*, TIFF*, ttile_t);
- int t2p_process_ojpeg_tables(T2P*, TIFF*);
- #endif
- #ifdef JPEG_SUPPORT
--int t2p_process_jpeg_strip(unsigned char*, tsize_t*, unsigned char*, tsize_t*, tstrip_t, uint32);
-+int t2p_process_jpeg_strip(unsigned char*, tsize_t*, unsigned char*, tsize_t, tsize_t*, tstrip_t, uint32);
- #endif
- void t2p_tile_collapse_left(tdata_t, tsize_t, uint32, uint32, uint32);
- void t2p_write_advance_directory(T2P*, TIFF*);
-@@ -2408,7 +2408,8 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p, TIFF* input, TIFF* output){
- 				if(!t2p_process_jpeg_strip(
- 					stripbuffer, 
- 					&striplength, 
--					buffer, 
-+					buffer,
-+                    t2p->tiff_datasize,
- 					&bufferoffset, 
- 					i, 
- 					t2p->tiff_length)){
-@@ -3439,6 +3440,7 @@ int t2p_process_jpeg_strip(
- 	unsigned char* strip, 
- 	tsize_t* striplength, 
- 	unsigned char* buffer, 
-+    tsize_t buffersize,
- 	tsize_t* bufferoffset, 
- 	tstrip_t no, 
- 	uint32 height){
-@@ -3473,6 +3475,8 @@ int t2p_process_jpeg_strip(
- 		}
- 		switch( strip[i] ){
- 			case 0xd8:	/* SOI - start of image */
-+                if( *bufferoffset + 2 > buffersize )
-+                    return(0);
- 				_TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), 2);
- 				*bufferoffset+=2;
- 				break;
-@@ -3482,12 +3486,18 @@ int t2p_process_jpeg_strip(
- 			case 0xc9:	/* SOF9 */
- 			case 0xca:	/* SOF10 */
- 				if(no==0){
-+                    if( *bufferoffset + datalen + 2 + 6 > buffersize )
-+                        return(0);
- 					_TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
-+                    if( *bufferoffset + 9 >= buffersize )
-+                        return(0);
- 					ncomp = buffer[*bufferoffset+9];
- 					if (ncomp < 1 || ncomp > 4)
- 						return(0);
- 					v_samp=1;
- 					h_samp=1;
-+                    if( *bufferoffset + 11 + 3*(ncomp-1) >= buffersize )
-+                        return(0);
- 					for(j=0;j<ncomp;j++){
- 						uint16 samp = buffer[*bufferoffset+11+(3*j)];
- 						if( (samp>>4) > h_samp) 
-@@ -3519,20 +3529,28 @@ int t2p_process_jpeg_strip(
- 				break;
- 			case 0xc4: /* DHT */
- 			case 0xdb: /* DQT */
-+                if( *bufferoffset + datalen + 2 > buffersize )
-+                    return(0);
- 				_TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
- 				*bufferoffset+=datalen+2;
- 				break;
- 			case 0xda: /* SOS */
- 				if(no==0){
-+                    if( *bufferoffset + datalen + 2 > buffersize )
-+                        return(0);
- 					_TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
- 					*bufferoffset+=datalen+2;
- 				} else {
-+                    if( *bufferoffset + 2 > buffersize )
-+                        return(0);
- 					buffer[(*bufferoffset)++]=0xff;
- 					buffer[(*bufferoffset)++]=
-                                             (unsigned char)(0xd0 | ((no-1)%8));
- 				}
- 				i += datalen + 1;
- 				/* copy remainder of strip */
-+                if( *bufferoffset + *striplength - i > buffersize )
-+                    return(0);
- 				_TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i]), *striplength - i);
- 				*bufferoffset+= *striplength - i;
- 				return(1);
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index ebc4aba..7685566 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -5758,7 +5758,8 @@ loadImage(TIFF* in, struct image_data *image, struct dump_opts *dump, unsigned c
-   {
-   uint32   i;
-   float    xres = 0.0, yres = 0.0;
--  uint16   nstrips = 0, ntiles = 0, planar = 0;
-+  uint32   nstrips = 0, ntiles = 0;
-+  uint16   planar = 0;
-   uint16   bps = 0, spp = 0, res_unit = 0;
-   uint16   orientation = 0;
-   uint16   input_compression = 0, input_photometric = 0;
-@@ -6066,11 +6067,23 @@ loadImage(TIFF* in, struct image_data *image, struct dump_opts *dump, unsigned c
-   /* +3 : add a few guard bytes since reverseSamples16bits() can read a bit */
-   /* outside buffer */
-   if (!read_buff)
-+  {
-+    if( buffsize > 0xFFFFFFFFU - 3 )
-+    {
-+        TIFFError("loadImage", "Unable to allocate/reallocate read buffer");
-+        return (-1);
-+    }
-     read_buff = (unsigned char *)_TIFFmalloc(buffsize+3);
-+  }
-   else
-     {
-     if (prev_readsize < buffsize)
-+    {
-+      if( buffsize > 0xFFFFFFFFU - 3 )
-       {
-+          TIFFError("loadImage", "Unable to allocate/reallocate read buffer");
-+          return (-1);
-+      }
-       new_buff = _TIFFrealloc(read_buff, buffsize+3);
-       if (!new_buff)
-         {
-@@ -8912,6 +8925,11 @@ reverseSamplesBytes (uint16 spp, uint16 bps, uint32 width,
-     }
- 
-   bytes_per_pixel  = ((bps * spp) + 7) / 8;
-+  if( bytes_per_pixel > sizeof(swapbuff) )
-+  {
-+    TIFFError("reverseSamplesBytes","bytes_per_pixel too large");
-+    return (1);
-+  }
-   switch (bps / 8)
-      {
-      case 8:  /* Use memcpy for multiple bytes per sample data */
--- 
-2.9.3
-
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
similarity index 65%
rename from meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
rename to meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
index 450927d..bbc7389 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
@@ -6,29 +6,10 @@ CVE_NAME = "libtiff"
 
 SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
            file://libtool2.patch \
-           file://CVE-2015-8665_8683.patch \
-           file://CVE-2015-8781.patch \
-           file://CVE-2015-8784.patch \
-           file://CVE-2016-3186.patch \
-           file://CVE-2016-5321.patch \
-           file://CVE-2016-5323.patch \
-           file://CVE-2016-3945.patch \
-           file://CVE-2016-3990.patch \
-           file://CVE-2016-3991.patch \
-           file://CVE-2016-3623.patch \
-           file://CVE-2016-3622.patch \
-           file://CVE-2016-3658.patch \
-           file://CVE-2016-3632.patch \
-           file://CVE-2016-9540.patch \
-           file://CVE-2016-9539.patch \
-           file://CVE-2016-9535-1.patch \
-           file://CVE-2016-9535-2.patch \
-           file://CVE-2016-9538.patch \
-           file://Fix_several_CVE_issues.patch \
           "
 
-SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
-SRC_URI[sha256sum] = "4d57a50907b510e3049a4bba0d7888930fdfc16ce49f1bf693e5b6247370d68c"
+SRC_URI[md5sum] = "77ae928d2c6b7fb46a21c3a29325157b"
+SRC_URI[sha256sum] = "9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019"
 
 # exclude betas
 UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
-- 
2.7.4



^ permalink raw reply related


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox