From 890a331f891567db8fe0cc79e13baaafe76adf8b Mon Sep 17 00:00:00 2001 From: tigro Date: Sat, 27 Apr 2024 15:15:29 +0300 Subject: [PATCH] import dcmtk-3.6.6-12.el9 --- .dcmtk.metadata | 1 + .gitignore | 1 + SOURCES/0017-Increase-sleep-for-tests.patch | 73 +++ SOURCES/0018-Fix-for-big-endian-systems.patch | 116 ++++ ...NULL-pointer-dereference-double-free.patch | 568 ++++++++++++++++++ ...ed-possible-NULL-pointer-dereference.patch | 30 + ...ed-possible-NULL-pointer-dereference.patch | 53 ++ ...d-memory-leak-in-single-process-mode.patch | 53 ++ SPECS/dcmtk.spec | 454 ++++++++++++++ 9 files changed, 1349 insertions(+) create mode 100644 .dcmtk.metadata create mode 100644 .gitignore create mode 100644 SOURCES/0017-Increase-sleep-for-tests.patch create mode 100644 SOURCES/0018-Fix-for-big-endian-systems.patch create mode 100644 SOURCES/0019-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch create mode 100644 SOURCES/0020-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch create mode 100644 SOURCES/0021-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch create mode 100644 SOURCES/0022-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch create mode 100644 SPECS/dcmtk.spec diff --git a/.dcmtk.metadata b/.dcmtk.metadata new file mode 100644 index 0000000..244c904 --- /dev/null +++ b/.dcmtk.metadata @@ -0,0 +1 @@ +2e370b1d11ad840d34f151ea9fd51b7fd03fb5f2 SOURCES/dcmtk-3.6.6.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..753c31f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/dcmtk-3.6.6.tar.gz diff --git a/SOURCES/0017-Increase-sleep-for-tests.patch b/SOURCES/0017-Increase-sleep-for-tests.patch new file mode 100644 index 0000000..16f592b --- /dev/null +++ b/SOURCES/0017-Increase-sleep-for-tests.patch @@ -0,0 +1,73 @@ +From 6f8d21d803c5e5d2fab5cbff97b2d40793fa5701 Mon Sep 17 00:00:00 2001 +From: Alessio +Date: Thu, 2 Mar 2023 00:04:18 -0600 +Subject: [PATCH 17/22] Increase sleep for tests + +--- + dcmnet/tests/tscusession.cc | 6 +++--- + dcmtls/tests/tscuscptls.cc | 6 +++--- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/dcmnet/tests/tscusession.cc b/dcmnet/tests/tscusession.cc +index 7ae4ff53a..3508b6da8 100644 +--- a/dcmnet/tests/tscusession.cc ++++ b/dcmnet/tests/tscusession.cc +@@ -280,7 +280,7 @@ void configure_scp_for_sop_class(DcmSCPConfig& cfg, + void scu_session(const OFString& called_ae_title, const OFString& sop_class) + { + // Make sure server is up +- force_sleep(1); ++ force_sleep(10); + // Basic configuration + SessionSCU scu; + scu.setAETitle("TEST_SCU"); +@@ -334,13 +334,13 @@ OFTEST_FLAGS(dcmnet_scu_session_handler, EF_Slow) + + // Send FIND, and wait to be sure SCP has time to exit + scu_session("FIND_SESSION", UID_FINDPatientRootQueryRetrieveInformationModel); +- force_sleep(1); ++ force_sleep(10); + scp.join(); + + // Send MOVE, and wait to be sure SCP has time to exit + scp.start(); + scu_session("MOVE_SESSION", UID_MOVEPatientRootQueryRetrieveInformationModel); +- force_sleep(1); ++ force_sleep(10); + scp.join(); + + // TODO: Test C-GET +diff --git a/dcmtls/tests/tscuscptls.cc b/dcmtls/tests/tscuscptls.cc +index ef0cb2232..f054e8b18 100644 +--- a/dcmtls/tests/tscuscptls.cc ++++ b/dcmtls/tests/tscuscptls.cc +@@ -318,7 +318,7 @@ OFTEST_FLAGS(dcmtls_scp_tls, EF_None) + scp.start(); + + // Ensure server is up and listening +- force_sleep(1); ++ force_sleep(10); + + // Configure SCU and run it against SCP + DcmTLSSCU scu; +@@ -386,7 +386,7 @@ OFTEST_FLAGS(dcmtls_scp_pool_tls, EF_None) + pool.start(); + + // Ensure server is up and listening +- force_sleep(1); ++ force_sleep(10); + + OFVector scus(20); + OFVector scuTlsLayers; +@@ -412,7 +412,7 @@ OFTEST_FLAGS(dcmtls_scp_pool_tls, EF_None) + + // "ensure" the pool is initialized before any SCU starts connecting to it. The initialization + // can take a couple of seconds on older systems, e.g. debian i368. +- force_sleep(5); ++ force_sleep(15); + + for (OFVector::const_iterator it2 = scus.begin(); it2 != scus.end(); ++it2) + { +-- +2.39.2 + diff --git a/SOURCES/0018-Fix-for-big-endian-systems.patch b/SOURCES/0018-Fix-for-big-endian-systems.patch new file mode 100644 index 0000000..456d4e3 --- /dev/null +++ b/SOURCES/0018-Fix-for-big-endian-systems.patch @@ -0,0 +1,116 @@ +From 3fa9f67fdaeee2f13efe93c93435a3e6462e9188 Mon Sep 17 00:00:00 2001 +From: Alessio +Date: Thu, 2 Mar 2023 00:06:34 -0600 +Subject: [PATCH 18/22] Fix for big-endian systems + +--- + dcmect/tests/t_roundtrip.cc | 15 +++++++++++---- + dcmseg/tests/troundtrip.cc | 10 ++++++++-- + 2 files changed, 19 insertions(+), 6 deletions(-) + +diff --git a/dcmect/tests/t_roundtrip.cc b/dcmect/tests/t_roundtrip.cc +index 3cdeb907a..26839bdcc 100644 +--- a/dcmect/tests/t_roundtrip.cc ++++ b/dcmect/tests/t_roundtrip.cc +@@ -28,6 +28,9 @@ + + #include "dcmtk/dcmect/enhanced_ct.h" + ++#include "dcmtk/dcmdata/dcxfer.h" ++#include "dcmtk/dcmdata/dcswap.h" ++ + #include "dcmtk/dcmfg/concatenationcreator.h" + #include "dcmtk/dcmfg/concatenationloader.h" + #include "dcmtk/dcmfg/fgctacquisitiondetails.h" +@@ -295,7 +298,6 @@ static void addSharedFGs(EctEnhancedCT* ct) + OFCHECK(exp_item->setCTDIVol(0.1).good()); + CodeSequenceMacro* phantom_item = new CodeSequenceMacro("113682", "DCM", "ACR Accreditation Phantom - CT"); + exp_item->getCTDIPhantomTypeCodeSequence().push_back(phantom_item); +- OFCHECK(exp_item->setEstimatedDoseSaving(0.2).good()); + OFCHECK(exp_item->setExposureInMas(0.3).good()); + OFCHECK(exp_item->setExposureModulationType("WEIRD").good()); + OFCHECK(exp_item->setExposureTimeInMs(0.4).good()); +@@ -619,6 +621,8 @@ static void checkConcatenationInstance(size_t numInstance, EctEnhancedCT* srcIns + // Check that all pixels are set to their original source instances frame number (starting from 1) + for (size_t pix = 0; pix < NUM_PIXELS_PER_FRAME; pix++) + { ++ // We need to swap the 16 bit value if the test runs on big endian platforms ++ swapIfNecessary(gLocalByteOrder, EBO_LittleEndian, &frame[pix], 2, sizeof(Uint16)); + OFCHECK(frame[pix] == numInstance + 1); + } + delete concat; +@@ -658,7 +662,11 @@ static void prepareExpectedDump() + { + EXPECTED_DUMP += "\n"; + EXPECTED_DUMP += "# Dicom-Data-Set\n"; +- EXPECTED_DUMP += "# Used TransferSyntax: Little Endian Explicit\n"; ++ // DcmDataset.print() produces dumps in local endianess, so make sure the dump reflects the current machine ++ if (gLocalByteOrder == EBO_LittleEndian) ++ EXPECTED_DUMP += "# Used TransferSyntax: Little Endian Explicit\n"; ++ else ++ EXPECTED_DUMP += "# Used TransferSyntax: Big Endian Explicit\n"; + EXPECTED_DUMP += "(0008,0008) CS [ORIGINAL\\PRIMARY\\VOLUME\\MAXIMUM] # 32, 4 ImageType\n"; + EXPECTED_DUMP += "(0008,0016) UI =EnhancedCTImageStorage # 28, 1 SOPClassUID\n"; + EXPECTED_DUMP +@@ -789,7 +797,7 @@ static void prepareExpectedDump() + EXPECTED_DUMP += " (fffe,e00d) na (ItemDelimitationItem for re-encoding) # 0, 0 ItemDelimitationItem\n"; + EXPECTED_DUMP += " (fffe,e0dd) na (SequenceDelimitationItem for re-encod.) # 0, 0 SequenceDelimitationItem\n"; + EXPECTED_DUMP += " (0018,9321) SQ (Sequence with explicit length #=1) # 0, 1 CTExposureSequence\n"; +- EXPECTED_DUMP += " (fffe,e000) na (Item with explicit length #=10) # 0, 1 Item\n"; ++ EXPECTED_DUMP += " (fffe,e000) na (Item with explicit length #=9) # 0, 1 Item\n"; + EXPECTED_DUMP += " (0018,115e) DS [0.5] # 4, 1 " + "ImageAndFluoroscopyAreaDoseProduct\n"; + EXPECTED_DUMP +@@ -807,7 +815,6 @@ static void prepareExpectedDump() + += " (fffe,e0dd) na (SequenceDelimitationItem for re-encod.) # 0, 0 SequenceDelimitationItem\n"; + EXPECTED_DUMP + += " (0018,9323) CS [WEIRD] # 6, 1 ExposureModulationType\n"; +- EXPECTED_DUMP += " (0018,9324) FD 0.2 # 8, 1 EstimatedDoseSaving\n"; + EXPECTED_DUMP += " (0018,9328) FD 0.4 # 8, 1 ExposureTimeInms\n"; + EXPECTED_DUMP += " (0018,9330) FD 0.7 # 8, 1 XRayTubeCurrentInmA\n"; + EXPECTED_DUMP += " (0018,9332) FD 0.3 # 8, 1 ExposureInmAs\n"; +diff --git a/dcmseg/tests/troundtrip.cc b/dcmseg/tests/troundtrip.cc +index 472eaf1ef..8a605ab68 100644 +--- a/dcmseg/tests/troundtrip.cc ++++ b/dcmseg/tests/troundtrip.cc +@@ -31,6 +31,7 @@ + #include "dcmtk/dcmfg/fgplanpo.h" + #include "dcmtk/dcmfg/fgseg.h" + #include "dcmtk/dcmiod/iodmacro.h" ++#include "dcmtk/dcmdata/dcxfer.h" + #include "dcmtk/ofstd/ofmem.h" + #include "dcmtk/ofstd/ofstrutl.h" + #include "dcmtk/ofstd/oftempf.h" +@@ -285,6 +286,7 @@ static void checkConcatenationInstance(size_t numInstance, DcmSegmentation* srcI + { + DcmSegmentation* concat = NULL; + OFCHECK(DcmSegmentation::loadDataset(*concatInstance, concat).good()); ++ if (concat == NULL) return; // loadDataset() failed, we cannot continue + size_t numFrames; + numFrames = concat->getNumberOfFrames(); + OFCHECK(numFrames == 1); +@@ -327,7 +329,7 @@ static void checkConcatenationInstance(size_t numInstance, DcmSegmentation* srcI + && (cShared == concat->getFunctionalGroups().getShared()->end())); + DcmSequenceOfItems* cPerFrame = NULL; + OFCHECK(concatInstance->findAndGetSequence(DCM_PerFrameFunctionalGroupsSequence, cPerFrame).good()); +- OFCHECK(cPerFrame->card() == 1); ++ OFCHECK(cPerFrame && (cPerFrame->card() == 1)); + + OFBool perFrame = OFFalse; + FGBase* fg = concat->getFunctionalGroups().get(0, DcmFGTypes::EFG_FRAMECONTENT, perFrame); +@@ -406,7 +408,11 @@ static void prepareExpectedDump() + { + EXPECTED_DUMP = "\n"; + EXPECTED_DUMP += "# Dicom-Data-Set\n"; +- EXPECTED_DUMP += "# Used TransferSyntax: Little Endian Explicit\n"; ++ // DcmDataset.print() produces dumps in local endianess, so make sure the dump reflects the current machine ++ if (gLocalByteOrder == EBO_LittleEndian) ++ EXPECTED_DUMP += "# Used TransferSyntax: Little Endian Explicit\n"; ++ else ++ EXPECTED_DUMP += "# Used TransferSyntax: Big Endian Explicit\n"; + EXPECTED_DUMP += "(0008,0008) CS [DERIVED\\PRIMARY] # 16, 2 ImageType\n"; + EXPECTED_DUMP += "(0008,0016) UI =SegmentationStorage # 28, 1 SOPClassUID\n"; + EXPECTED_DUMP +-- +2.39.2 + diff --git a/SOURCES/0019-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch b/SOURCES/0019-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch new file mode 100644 index 0000000..c6f2863 --- /dev/null +++ b/SOURCES/0019-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch @@ -0,0 +1,568 @@ +From 2b026afd64f077b4f6276afc2fa9a885b8b47d38 Mon Sep 17 00:00:00 2001 +From: Michael Onken +Date: Sat, 2 Oct 2021 00:29:56 +0200 +Subject: [PATCH 19/22] [CVE-2021-41687, CVE-2021-41688, CVE-2021-41690] Fixed + poss. NULL pointer dereference/double free. + +Thanks to Jinsheng Ba for the report and some patches. + +(cherry picked from commit a9697dfeb672b0b9412c00c7d36d801e27ec85cb) +--- + .../dcmtk/dcmnet}/dulstruc.h | 8 ++ + dcmnet/include/dcmtk/dcmnet/helpers.h | 38 +++++++ + dcmnet/libsrc/CMakeLists.txt | 2 +- + dcmnet/libsrc/Makefile.in | 2 +- + dcmnet/libsrc/assoc.cc | 23 +--- + dcmnet/libsrc/dcuserid.cc | 4 +- + dcmnet/libsrc/dul.cc | 2 +- + dcmnet/libsrc/dulconst.cc | 2 +- + dcmnet/libsrc/dulextra.cc | 2 +- + dcmnet/libsrc/dulfsm.cc | 51 +-------- + dcmnet/libsrc/dulparse.cc | 100 +++++++++++++----- + dcmnet/libsrc/dulpres.cc | 2 +- + dcmnet/libsrc/helpers.cc | 71 +++++++++++++ + 13 files changed, 201 insertions(+), 106 deletions(-) + rename dcmnet/{libsrc => include/dcmtk/dcmnet}/dulstruc.h (98%) + create mode 100644 dcmnet/include/dcmtk/dcmnet/helpers.h + create mode 100644 dcmnet/libsrc/helpers.cc + +diff --git a/dcmnet/libsrc/dulstruc.h b/dcmnet/include/dcmtk/dcmnet/dulstruc.h +similarity index 98% +rename from dcmnet/libsrc/dulstruc.h +rename to dcmnet/include/dcmtk/dcmnet/dulstruc.h +index 22da6ece1..6ac9a8f5d 100644 +--- a/dcmnet/libsrc/dulstruc.h ++++ b/dcmnet/include/dcmtk/dcmnet/dulstruc.h +@@ -71,6 +71,11 @@ + #include "dcmtk/config/osconfig.h" /* make sure OS specific configuration is included first */ + #include "dcmtk/dcmnet/extneg.h" + #include "dcmtk/dcmnet/dcuserid.h" ++#include "dcmtk/dcmnet/dicom.h" ++#include "dcmtk/dcmnet/dntypes.h" ++#include "dcmtk/dcmnet/dul.h" ++#include "dcmtk/dcmnet/lst.h" ++ + + class DcmTransportConnection; + class DcmTransportLayer; +@@ -290,6 +295,9 @@ typedef struct dul_datapdu { + DUL_PRESENTATIONDATAVALUE presentationDataValue; + } DUL_DATAPDU; + ++ ++ ++ + #define DUL_PROTOCOL (unsigned short) 0x01 + + #define DUL_TYPEAPPLICATIONCONTEXT (unsigned char)0x10 +diff --git a/dcmnet/include/dcmtk/dcmnet/helpers.h b/dcmnet/include/dcmtk/dcmnet/helpers.h +new file mode 100644 +index 000000000..7d7e382be +--- /dev/null ++++ b/dcmnet/include/dcmtk/dcmnet/helpers.h +@@ -0,0 +1,38 @@ ++/* ++ * ++ * Copyright (C) 2021, OFFIS e.V. ++ * All rights reserved. See COPYRIGHT file for details. ++ * ++ * This software and supporting documentation were partly developed by ++ * ++ * OFFIS e.V. ++ * R&D Division Health ++ * Escherweg 2 ++ * D-26121 Oldenburg, Germany ++ * ++ * ++ * Module: dcmnet ++ * ++ * Author: Michael Onken ++ * ++ * Purpose: Collection of helper functions ++ * ++ */ ++ ++#ifndef DCMHET_HELPERS_H ++#define DCMHET_HELPERS_H ++ ++#include "dcmtk/ofstd/ofcond.h" ++#include "dcmtk/dcmnet/dulstruc.h" ++ ++struct T_ASC_Parameters; ++class LST_HEAD; ++ ++ ++void ++destroyPresentationContextList(LST_HEAD ** l); ++ ++void ++destroyUserInformationLists(DUL_USERINFO * userInfo); ++ ++#endif +diff --git a/dcmnet/libsrc/CMakeLists.txt b/dcmnet/libsrc/CMakeLists.txt +index ed902ddc1..ee39d0f14 100644 +--- a/dcmnet/libsrc/CMakeLists.txt ++++ b/dcmnet/libsrc/CMakeLists.txt +@@ -1,5 +1,5 @@ + # create library from source files +-DCMTK_ADD_LIBRARY(dcmnet assoc cond dcasccff dcasccfg dccfenmp dccfpcmp dccfprmp dccfrsmp dccftsmp dccfuidh dcmlayer dcmtrans dcompat dimcancl dimcmd dimdump dimecho dimfind dimget dimmove dimse dimstore diutil dul dulconst dulextra dulfsm dulparse dulpres extneg lst dfindscu dstorscp dstorscu dcuserid scu scp scpthrd scpcfg scppool dwrap) ++DCMTK_ADD_LIBRARY(dcmnet assoc cond dcasccff dcasccfg dccfenmp dccfpcmp dccfprmp dccfrsmp dccftsmp dccfuidh dcmlayer dcmtrans dcompat dimcancl dimcmd dimdump dimecho dimfind dimget dimmove dimse dimstore diutil dul dulconst dulextra dulfsm dulparse dulpres extneg helpers lst dfindscu dstorscp dstorscu dcuserid scu scp scpthrd scpcfg scppool dwrap) + + DCMTK_TARGET_LINK_MODULES(dcmnet ofstd oflog dcmdata) + DCMTK_TARGET_LINK_LIBRARIES(dcmnet ${WRAP_LIBS}) +diff --git a/dcmnet/libsrc/Makefile.in b/dcmnet/libsrc/Makefile.in +index 66d8c527b..d767bea35 100644 +--- a/dcmnet/libsrc/Makefile.in ++++ b/dcmnet/libsrc/Makefile.in +@@ -25,7 +25,7 @@ objs = assoc.o cond.o dcompat.o dimcancl.o dimcmd.o dimdump.o dimecho.o \ + dulfsm.o dulparse.o dulpres.o dul.o lst.o extneg.o dimget.o dcmlayer.o \ + dcmtrans.o dcasccfg.o dcasccff.o dccfuidh.o dccftsmp.o dccfpcmp.o \ + dccfrsmp.o dccfenmp.o dccfprmp.o dfindscu.o dstorscp.o dstorscu.o \ +- dcuserid.o scu.o scp.o scpcfg.o scpthrd.o scppool.o dwrap.o ++ dcuserid.o helper.o scu.o scp.o scpcfg.o scpthrd.o scppool.o dwrap.o + + library = libdcmnet.$(LIBEXT) + +diff --git a/dcmnet/libsrc/assoc.cc b/dcmnet/libsrc/assoc.cc +index 6dbe4ef4d..a97f10699 100644 +--- a/dcmnet/libsrc/assoc.cc ++++ b/dcmnet/libsrc/assoc.cc +@@ -125,6 +125,7 @@ + #include "dcmtk/ofstd/ofconsol.h" + #include "dcmtk/ofstd/ofstd.h" + #include "dcmtk/dcmnet/dcmtrans.h" ++#include "dcmtk/dcmnet/helpers.h" + + /* + ** Constant Definitions +@@ -343,25 +344,6 @@ ASC_createAssociationParameters(T_ASC_Parameters ** params, + return EC_Normal; + } + +-static void +-destroyPresentationContextList(LST_HEAD ** lst) +-{ +- DUL_PRESENTATIONCONTEXT *pc; +- DUL_TRANSFERSYNTAX *ts; +- +- if ((lst == NULL) || (*lst == NULL)) +- return; +- while ((pc = (DUL_PRESENTATIONCONTEXT*) LST_Dequeue(lst)) != NULL) { +- if (pc->proposedTransferSyntax != NULL) { +- while ((ts = (DUL_TRANSFERSYNTAX*) LST_Dequeue(&pc->proposedTransferSyntax)) != NULL) { +- free(ts); +- } +- LST_Destroy(&pc->proposedTransferSyntax); +- } +- free(pc); +- } +- LST_Destroy(lst); +-} + + OFCondition + ASC_destroyAssociationParameters(T_ASC_Parameters ** params) +@@ -1706,8 +1688,7 @@ ASC_destroyAssociation(T_ASC_Association ** association) + } + + if ((*association)->params != NULL) { +- cond = ASC_destroyAssociationParameters(&(*association)->params); +- if (cond.bad()) return cond; ++ ASC_destroyAssociationParameters(&(*association)->params); + } + + if ((*association)->sendPDVBuffer != NULL) +diff --git a/dcmnet/libsrc/dcuserid.cc b/dcmnet/libsrc/dcuserid.cc +index 6a2d72a20..f1530fe79 100644 +--- a/dcmnet/libsrc/dcuserid.cc ++++ b/dcmnet/libsrc/dcuserid.cc +@@ -1,6 +1,6 @@ + /* + * +- * Copyright (C) 1997-2018, OFFIS e.V. ++ * Copyright (C) 1997-2021, OFFIS e.V. + * All rights reserved. See COPYRIGHT file for details. + * + * This software and supporting documentation were developed by +@@ -23,7 +23,7 @@ + #include "dcmtk/config/osconfig.h" /* make sure OS specific configuration is included first */ + #include "dcmtk/dcmnet/dcuserid.h" + #include "dcmtk/dcmnet/dul.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" + + /* ************************************************************************* */ + /* Implementation of class UserIdentityNegotiationSubItem */ +diff --git a/dcmnet/libsrc/dul.cc b/dcmnet/libsrc/dul.cc +index b8e9cc044..38a8d730e 100644 +--- a/dcmnet/libsrc/dul.cc ++++ b/dcmnet/libsrc/dul.cc +@@ -142,7 +142,7 @@ END_EXTERN_C + #include "dcmtk/ofstd/ofstd.h" + + #include "dcmtk/dcmnet/dul.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" + #include "dulpriv.h" + #include "dulfsm.h" + #include "dcmtk/dcmnet/dcmtrans.h" +diff --git a/dcmnet/libsrc/dulconst.cc b/dcmnet/libsrc/dulconst.cc +index c0643c2bc..13738e8ea 100644 +--- a/dcmnet/libsrc/dulconst.cc ++++ b/dcmnet/libsrc/dulconst.cc +@@ -77,7 +77,7 @@ + #include "dcmtk/dcmnet/diutil.h" + #include "dcmtk/dcmnet/lst.h" + #include "dcmtk/dcmnet/dul.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" + #include "dulpriv.h" + #include "dcmtk/ofstd/ofconsol.h" + +diff --git a/dcmnet/libsrc/dulextra.cc b/dcmnet/libsrc/dulextra.cc +index 9845f3e4c..bec14fc2b 100644 +--- a/dcmnet/libsrc/dulextra.cc ++++ b/dcmnet/libsrc/dulextra.cc +@@ -102,7 +102,7 @@ + #include "dcmtk/dcmnet/lst.h" + #include "dcmtk/dcmnet/cond.h" + #include "dcmtk/dcmnet/dul.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" + #include "dulpriv.h" + #include "dcmtk/dcmnet/dcmtrans.h" + #include "dcmtk/dcmnet/diutil.h" +diff --git a/dcmnet/libsrc/dulfsm.cc b/dcmnet/libsrc/dulfsm.cc +index 91dcc7fcb..9bbe3462a 100644 +--- a/dcmnet/libsrc/dulfsm.cc ++++ b/dcmnet/libsrc/dulfsm.cc +@@ -113,7 +113,7 @@ END_EXTERN_C + #include "dcmtk/dcmnet/lst.h" + #include "dcmtk/dcmnet/cond.h" + #include "dcmtk/dcmnet/dul.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" + #include "dulpriv.h" + #include "dulfsm.h" + #include "dcmtk/ofstd/ofbmanip.h" +@@ -122,6 +122,7 @@ END_EXTERN_C + #include "dcmtk/dcmnet/dcmtrans.h" + #include "dcmtk/dcmnet/dcmlayer.h" + #include "dcmtk/dcmnet/diutil.h" ++#include "dcmtk/dcmnet/helpers.h" + #include "dcmtk/ofstd/ofsockad.h" /* for class OFSockAddr */ + + /* At least Solaris doesn't define this */ +@@ -310,9 +311,6 @@ findPresentationCtx(LST_HEAD ** lst, DUL_PRESENTATIONCONTEXTID contextID); + PRV_SCUSCPROLE * + findSCUSCPRole(LST_HEAD ** lst, char *abstractSyntax); + +-void destroyPresentationContextList(LST_HEAD ** l); +-void destroyUserInformationLists(DUL_USERINFO * userInfo); +- + static volatile FSM_Event_Description Event_Table[] = { + {A_ASSOCIATE_REQ_LOCAL_USER, "A-ASSOCIATE request (local user)"}, + {TRANS_CONN_CONFIRM_LOCAL_USER, "Transport conn confirmation (local)"}, +@@ -3988,48 +3986,3 @@ findSCUSCPRole(LST_HEAD ** lst, char *abstractSyntax) + } + return NULL; + } +- +-void +-destroyPresentationContextList(LST_HEAD ** l) +-{ +- PRV_PRESENTATIONCONTEXTITEM +- * prvCtx; +- DUL_SUBITEM +- * subItem; +- +- if (*l == NULL) +- return; +- +- prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l); +- while (prvCtx != NULL) { +- subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList); +- while (subItem != NULL) { +- free(subItem); +- subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList); +- } +- LST_Destroy(&prvCtx->transferSyntaxList); +- free(prvCtx); +- prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l); +- } +- LST_Destroy(l); +-} +- +-void +-destroyUserInformationLists(DUL_USERINFO * userInfo) +-{ +- PRV_SCUSCPROLE +- * role; +- +- role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList); +- while (role != NULL) { +- free(role); +- role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList); +- } +- LST_Destroy(&userInfo->SCUSCPRoleList); +- +- /* extended negotiation */ +- delete userInfo->extNegList; userInfo->extNegList = NULL; +- +- /* user identity negotiation */ +- delete userInfo->usrIdent; userInfo->usrIdent = NULL; +-} +diff --git a/dcmnet/libsrc/dulparse.cc b/dcmnet/libsrc/dulparse.cc +index 0a84f3850..decd60dc5 100644 +--- a/dcmnet/libsrc/dulparse.cc ++++ b/dcmnet/libsrc/dulparse.cc +@@ -75,7 +75,8 @@ + #include "dcmtk/dcmnet/lst.h" + #include "dcmtk/dcmnet/dul.h" + #include "dcmtk/dcmnet/diutil.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" ++#include "dcmtk/dcmnet/helpers.h" + #include "dulpriv.h" + #include "dcmtk/ofstd/ofconsol.h" + +@@ -147,9 +148,6 @@ parseAssociate(unsigned char *buf, unsigned long pduLength, + * context; + + (void) memset(assoc, 0, sizeof(*assoc)); +- if ((assoc->presentationContextList = LST_Create()) == NULL) return EC_MemoryExhausted; +- if ((assoc->userInfo.SCUSCPRoleList = LST_Create()) == NULL) return EC_MemoryExhausted; +- + // Check if the PDU actually is long enough for the fields we read + if (pduLength < 2 + 2 + 16 + 16 + 32) + return makeLengthError("associate PDU", pduLength, 2 + 2 + 16 + 16 + 32); +@@ -210,6 +208,8 @@ parseAssociate(unsigned char *buf, unsigned long pduLength, + << "Called AP Title: " << assoc->calledAPTitle << OFendl + << "Calling AP Title: " << assoc->callingAPTitle); + } ++ if ((assoc->presentationContextList = LST_Create()) == NULL) return EC_MemoryExhausted; ++ if ((assoc->userInfo.SCUSCPRoleList = LST_Create()) == NULL) return EC_MemoryExhausted; + while ((cond.good()) && (pduLength > 0)) + { + type = *buf; +@@ -224,44 +224,80 @@ parseAssociate(unsigned char *buf, unsigned long pduLength, + { + buf += itemLength; + if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) +- return makeUnderflowError("Application Context item", pduLength, itemLength); +- DCMNET_TRACE("Successfully parsed Application Context"); ++ { ++ cond = makeUnderflowError("Application Context item", pduLength, itemLength); ++ } ++ else ++ { ++ DCMNET_TRACE("Successfully parsed Application Context"); ++ } + } + break; + case DUL_TYPEPRESENTATIONCONTEXTRQ: + case DUL_TYPEPRESENTATIONCONTEXTAC: + context = (PRV_PRESENTATIONCONTEXTITEM*)malloc(sizeof(PRV_PRESENTATIONCONTEXTITEM)); +- if (context == NULL) return EC_MemoryExhausted; +- (void) memset(context, 0, sizeof(*context)); +- cond = parsePresentationContext(type, context, buf, &itemLength, pduLength); +- if (cond.bad()) return cond; +- buf += itemLength; +- if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) +- return makeUnderflowError("Presentation Context item", pduLength, itemLength); +- LST_Enqueue(&assoc->presentationContextList, (LST_NODE*)context); +- DCMNET_TRACE("Successfully parsed Presentation Context"); ++ if (context != NULL) ++ { ++ (void) memset(context, 0, sizeof(*context)); ++ cond = parsePresentationContext(type, context, buf, &itemLength, pduLength); ++ if (cond.bad()) ++ { ++ free(context); ++ } ++ else ++ { ++ buf += itemLength; ++ if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) ++ { ++ cond = makeUnderflowError("Presentation Context item", pduLength, itemLength); ++ } ++ else ++ { ++ LST_Enqueue(&assoc->presentationContextList, (LST_NODE*)context); ++ DCMNET_TRACE("Successfully parsed Presentation Context"); ++ } ++ } ++ } ++ else ++ { ++ cond = EC_MemoryExhausted; ++ } + break; + case DUL_TYPEUSERINFO: + // parse user info, which can contain several sub-items like User + // Identity Negotiation or SOP Class Extended Negotiation + cond = parseUserInfo(&assoc->userInfo, buf, &itemLength, assoc->type, pduLength); +- if (cond.bad()) +- return cond; +- buf += itemLength; +- if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) +- return makeUnderflowError("User Information item", pduLength, itemLength); +- DCMNET_TRACE("Successfully parsed User Information"); ++ if (cond.good()) ++ { ++ buf += itemLength; ++ if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) ++ { ++ cond = makeUnderflowError("User Information item", pduLength, itemLength); ++ } ++ else ++ { ++ DCMNET_TRACE("Successfully parsed User Information"); ++ } ++ } + break; + default: + cond = parseDummy(buf, &itemLength, pduLength); +- if (cond.bad()) +- return cond; +- buf += itemLength; +- if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) +- return makeUnderflowError("unknown item type", pduLength, itemLength); ++ if (cond.good()) ++ { ++ buf += itemLength; ++ if (!OFStandard::safeSubtract(pduLength, itemLength, pduLength)) ++ { ++ cond = makeUnderflowError("unknown item type", pduLength, itemLength); ++ } ++ } + break; + } + } ++ if (cond.bad()) ++ { ++ destroyPresentationContextList(&assoc->presentationContextList); ++ destroyUserInformationLists(&assoc->userInfo); ++ } + return cond; + } + +@@ -409,7 +445,11 @@ parsePresentationContext(unsigned char type, + subItem = (DUL_SUBITEM*)malloc(sizeof(DUL_SUBITEM)); + if (subItem == NULL) return EC_MemoryExhausted; + cond = parseSubItem(subItem, buf, &length, presentationLength); +- if (cond.bad()) return cond; ++ if (cond.bad()) ++ { ++ free(subItem); ++ return cond; ++ } + LST_Enqueue(&context->transferSyntaxList, (LST_NODE*)subItem); + buf += length; + if (!OFStandard::safeSubtract(presentationLength, length, presentationLength)) +@@ -530,7 +570,11 @@ parseUserInfo(DUL_USERINFO * userInfo, + role = (PRV_SCUSCPROLE*)malloc(sizeof(PRV_SCUSCPROLE)); + if (role == NULL) return EC_MemoryExhausted; + cond = parseSCUSCPRole(role, buf, &length, userLength); +- if (cond.bad()) return cond; ++ if (cond.bad()) ++ { ++ free(role); ++ return cond; ++ } + LST_Enqueue(&userInfo->SCUSCPRoleList, (LST_NODE*)role); + buf += length; + if (!OFStandard::safeSubtract(userLength, OFstatic_cast(short unsigned int, length), userLength)) +diff --git a/dcmnet/libsrc/dulpres.cc b/dcmnet/libsrc/dulpres.cc +index a0b8d618c..77be86c24 100644 +--- a/dcmnet/libsrc/dulpres.cc ++++ b/dcmnet/libsrc/dulpres.cc +@@ -74,7 +74,7 @@ + #include "dcmtk/dcmnet/cond.h" + #include "dcmtk/dcmnet/lst.h" + #include "dcmtk/dcmnet/dul.h" +-#include "dulstruc.h" ++#include "dcmtk/dcmnet/dulstruc.h" + #include "dulpriv.h" + #include "dulfsm.h" + +diff --git a/dcmnet/libsrc/helpers.cc b/dcmnet/libsrc/helpers.cc +new file mode 100644 +index 000000000..9cd20cefc +--- /dev/null ++++ b/dcmnet/libsrc/helpers.cc +@@ -0,0 +1,71 @@ ++/* ++ * ++ * Copyright (C) 2021, OFFIS e.V. ++ * All rights reserved. See COPYRIGHT file for details. ++ * ++ * This software and supporting documentation were partly developed by ++ * ++ * OFFIS e.V. ++ * R&D Division Health ++ * Escherweg 2 ++ * D-26121 Oldenburg, Germany ++ * ++ * ++ * Module: dcmnet ++ * ++ * Author: Michael Onken ++ * ++ * Purpose: Collection of helper functions ++ * ++ */ ++ ++#include "dcmtk/dcmnet/helpers.h" ++#include "dcmtk/dcmnet/lst.h" ++#include "dcmtk/dcmnet/assoc.h" ++#include "dcmtk/dcmnet/dulstruc.h" ++ ++ ++void ++destroyPresentationContextList(LST_HEAD ** l) ++{ ++ PRV_PRESENTATIONCONTEXTITEM ++ * prvCtx; ++ DUL_SUBITEM ++ * subItem; ++ ++ if (*l == NULL) ++ return; ++ ++ prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l); ++ while (prvCtx != NULL) { ++ subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList); ++ while (subItem != NULL) { ++ free(subItem); ++ subItem = (DUL_SUBITEM*)LST_Dequeue(&prvCtx->transferSyntaxList); ++ } ++ LST_Destroy(&prvCtx->transferSyntaxList); ++ free(prvCtx); ++ prvCtx = (PRV_PRESENTATIONCONTEXTITEM*)LST_Dequeue(l); ++ } ++ LST_Destroy(l); ++} ++ ++void ++destroyUserInformationLists(DUL_USERINFO * userInfo) ++{ ++ PRV_SCUSCPROLE ++ * role; ++ ++ role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList); ++ while (role != NULL) { ++ free(role); ++ role = (PRV_SCUSCPROLE*)LST_Dequeue(&userInfo->SCUSCPRoleList); ++ } ++ LST_Destroy(&userInfo->SCUSCPRoleList); ++ ++ /* extended negotiation */ ++ delete userInfo->extNegList; userInfo->extNegList = NULL; ++ ++ /* user identity negotiation */ ++ delete userInfo->usrIdent; userInfo->usrIdent = NULL; ++} +-- +2.39.2 + diff --git a/SOURCES/0020-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch b/SOURCES/0020-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch new file mode 100644 index 0000000..e83fd06 --- /dev/null +++ b/SOURCES/0020-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch @@ -0,0 +1,30 @@ +From 0e507235266dab0f9046a94231c3eb09fc27ceca Mon Sep 17 00:00:00 2001 +From: Michael Onken +Date: Wed, 15 Sep 2021 09:04:12 +0200 +Subject: [PATCH 20/22] [CVE-2021-41689] Fixed possible NULL pointer + dereference. + +Thanks to Jinsheng Ba for the report and patch. + +(cherry picked from commit 5c14bf53fb42ceca12bbcc0016e8704b1580920d) +--- + dcmnet/libsrc/diutil.cc | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/dcmnet/libsrc/diutil.cc b/dcmnet/libsrc/diutil.cc +index 856143d8c..fc446dd43 100644 +--- a/dcmnet/libsrc/diutil.cc ++++ b/dcmnet/libsrc/diutil.cc +@@ -177,7 +177,8 @@ DU_getStringDOElement(DcmItem *obj, DcmTagKey t, char *s, size_t bufsize) + s[0] = '\0'; + } else { + ec = elem->getString(aString); +- OFStandard::strlcpy(s, aString, bufsize); ++ if (ec == EC_Normal) ++ OFStandard::strlcpy(s, aString, bufsize); + } + } + return (ec == EC_Normal); +-- +2.39.2 + diff --git a/SOURCES/0021-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch b/SOURCES/0021-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch new file mode 100644 index 0000000..a29b27f --- /dev/null +++ b/SOURCES/0021-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch @@ -0,0 +1,53 @@ +From 6aca095491009d88c4e2ea6be153ed1c5ee8e9c3 Mon Sep 17 00:00:00 2001 +From: Marco Eichelberg +Date: Wed, 30 Mar 2022 18:46:02 +0200 +Subject: [PATCH 21/22] [CVE-2022-2119, CVE-2022-2120, CVE-2022-2121] Fixed + possible NULL pointer dereference. + +Fixed a possible NULL pointer dereference that could occur when reading an +invalid DICOM file from stdin. Loading a file from the file system +and receiving data over a network connection were not affected by this bug. + +Thanks to Sharon Brizinov and Noam Moshe from Claroty Research for the +bug report and sample file. + +(cherry picked from commit 3e996a2749a9355c9b680fa464ecfd9ab9ff567f) +--- + dcmdata/libsrc/dcfilefo.cc | 3 +++ + dcmdata/libsrc/dcitem.cc | 6 +++++- + 2 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/dcmdata/libsrc/dcfilefo.cc b/dcmdata/libsrc/dcfilefo.cc +index 4b6b64899..ede677efd 100644 +--- a/dcmdata/libsrc/dcfilefo.cc ++++ b/dcmdata/libsrc/dcfilefo.cc +@@ -736,6 +736,9 @@ OFCondition DcmFileFormat::readUntilTag(DcmInputStream &inStream, + errorFlag = metaInfo->read(inStream, EXS_Unknown, glenc, maxReadLength); + } + ++ // bail out if the meta-header is still incomplete or an error occured ++ if (errorFlag.bad()) return errorFlag; ++ + // determine xfer from tag (0002,0010) in the meta header + newxfer = lookForXfer(metaInfo); + if ((FileReadMode == ERM_fileOnly) || (FileReadMode == ERM_metaOnly)) +diff --git a/dcmdata/libsrc/dcitem.cc b/dcmdata/libsrc/dcitem.cc +index 045f3c93f..a866b9845 100644 +--- a/dcmdata/libsrc/dcitem.cc ++++ b/dcmdata/libsrc/dcitem.cc +@@ -1463,7 +1463,11 @@ OFCondition DcmItem::readUntilTag(DcmInputStream & inStream, + /* tag and length (and possibly VR) information as well as maybe some data */ + /* data value information. We need to continue reading the data value */ + /* information for this particular element. */ +- errorFlag = elementList->get()->read(inStream, xfer, glenc, maxReadLength); ++ DcmObject *dO = elementList->get(); ++ if (dO) ++ errorFlag = dO->read(inStream, xfer, glenc, maxReadLength); ++ else errorFlag = EC_InternalError; // should never happen ++ + /* if reading was successful, we read the entire information */ + /* for this element; hence lastElementComplete is true */ + if (errorFlag.good()) +-- +2.39.2 + diff --git a/SOURCES/0022-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch b/SOURCES/0022-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch new file mode 100644 index 0000000..403f6fe --- /dev/null +++ b/SOURCES/0022-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch @@ -0,0 +1,53 @@ +From 17ae64c748e821c5aa0cf62689ce77afa741e721 Mon Sep 17 00:00:00 2001 +From: Marco Eichelberg +Date: Thu, 9 Jun 2022 10:03:38 +0200 +Subject: [PATCH 22/22] [CVE-2022-43272] Fixed memory leak in single process + mode. + +Fixed a memory leak in dcmqrscp's single process mode. + +Thanks to for the bug report and test data. + +(cherry picked from commit c34f4e46e672ad21accf04da0dc085e43be6f5e1) +--- + dcmqrdb/libsrc/dcmqrsrv.cc | 22 +++++++++------------- + 1 file changed, 9 insertions(+), 13 deletions(-) + +diff --git a/dcmqrdb/libsrc/dcmqrsrv.cc b/dcmqrdb/libsrc/dcmqrsrv.cc +index 7f01409c5..1702fa460 100644 +--- a/dcmqrdb/libsrc/dcmqrsrv.cc ++++ b/dcmqrdb/libsrc/dcmqrsrv.cc +@@ -1112,21 +1112,17 @@ OFCondition DcmQueryRetrieveSCP::waitForAssociation(T_ASC_Network * theNet) + #endif + } + +- // cleanup code ++ // clean-up association + OFCondition oldcond = cond; /* store condition flag for later use */ +- if (!options_.singleProcess_ && (cond != ASC_SHUTDOWNAPPLICATION)) ++ cond = ASC_dropAssociation(assoc); ++ if (cond.bad()) + { +- /* the child will handle the association, we can drop it */ +- cond = ASC_dropAssociation(assoc); +- if (cond.bad()) +- { +- DCMQRDB_ERROR("Cannot Drop Association: " << DimseCondition::dump(temp_str, cond)); +- } +- cond = ASC_destroyAssociation(&assoc); +- if (cond.bad()) +- { +- DCMQRDB_ERROR("Cannot Destroy Association: " << DimseCondition::dump(temp_str, cond)); +- } ++ DCMQRDB_ERROR("Cannot Drop Association: " << DimseCondition::dump(temp_str, cond)); ++ } ++ cond = ASC_destroyAssociation(&assoc); ++ if (cond.bad()) ++ { ++ DCMQRDB_ERROR("Cannot Destroy Association: " << DimseCondition::dump(temp_str, cond)); + } + + if (oldcond == ASC_SHUTDOWNAPPLICATION) cond = oldcond; /* abort flag is reported to top-level wait loop */ +-- +2.39.2 + diff --git a/SPECS/dcmtk.spec b/SPECS/dcmtk.spec new file mode 100644 index 0000000..a702f54 --- /dev/null +++ b/SPECS/dcmtk.spec @@ -0,0 +1,454 @@ +# Notes on soname versioning +# There's absolutely no guarantee of ABI stability, so a soname bump is +# included for every new release: +# https://github.com/DCMTK/dcmtk/blob/master/CMake/dcmtkPrepare.cmake#L37 + +# Odd number releases are dev snapshots, so we will stick to even number +# (official releases) only. + +%global abi_version 16 + +%bcond_with charls2 + +Name: dcmtk +Summary: Offis DICOM Toolkit (DCMTK) +Version: 3.6.6 + +# soname version is "abi_version.version" +# https://github.com/DCMTK/dcmtk/blob/master/CMake/dcmtkPrepare.cmake#L78 +%global soname_version %{abi_version}.%{version} + +Release: 12%{?dist} +License: BSD +Source: https://dicom.offis.de/download/dcmtk/dcmtk366/dcmtk-3.6.6.tar.gz +URL: http://dicom.offis.de/dcmtk.php.en + +# Downstream fixes +# Use bundled charls version and wait until upstream ports to new charls version +# charls version 2 includes a regression: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923433 +%if %{with charls2} +# not merged upstream yet: https://github.com/DCMTK/dcmtk/pull/18 +Patch: 0001-Use-system-CharLS-include.patch +Patch: 0002-Add-FindCharLS.patch +Patch: 0003-Find-and-include-CharLS.patch +Patch: 0004-Use-cmake-suggested-locations-for-CharLS.patch +Patch: 0005-Correct-CharLS-API-call.patch +Patch: 0006-Remove-reference-to-bundled-CharLS.patch +Patch: 0007-Update-JLS_ERROR-to-jpegls_error-in-CharLS-usage.patch +Patch: 0008-Correct-JpegLsReadHeader-arguments.patch +Patch: 0009-Update-JlsParameters-for-new-CharLS.patch +Patch: 0010-Correct-JpegLsDecode-arguments-for-CharLS-2.patch +Patch: 0011-Update-ilv-for-new-CharLS.patch +Patch: 0012-Correct-extra-include-for-CharLS.patch +Patch: 0013-Update-errors-to-use-enum-class-in-CharLS-2.patch +Patch: 0014-Define-BYTE-for-CharLS.patch +Patch: 0015-Update-colorTransformation-for-CharLS-2.patch +Patch: 0016-Update-JpegLsEncode-for-CharLS-2.patch +%endif +# https://forum.dcmtk.org/viewtopic.php?t=5084 +Patch: 0017-Increase-sleep-for-tests.patch +# Fix for endianess systems https://forum.dcmtk.org/viewtopic.php?f=3&t=5116 +Patch: 0018-Fix-for-big-endian-systems.patch + +# Upstream fixes +# https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb +Patch: 0019-CVE-2021-41687-CVE-2021-41688-CVE-2021-41690-Fixed-poss.-NULL-pointer-dereference-double-free.patch +# https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d +Patch: 0020-CVE-2021-41689-Fixed-possible-NULL-pointer-dereference.patch +# https://github.com/DCMTK/dcmtk/commit/3e996a2749a9355c9b680fa464ecfd9ab9ff567f +Patch: 0021-CVE-2022-2119-CVE-2022-2120-CVE-2022-2121-Fixed-possible-NULL-pointer-dereference.patch +# https://github.com/DCMTK/dcmtk/commit/c34f4e46e672ad21accf04da0dc085e43be6f5e1 +Patch: 0022-CVE-2022-43272-Fixed-memory-leak-in-single-process-mode.patch + +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: git-core +BuildRequires: cmake +BuildRequires: libjpeg-devel +BuildRequires: libpng-devel +BuildRequires: libtiff-devel +BuildRequires: libxml2-devel +BuildRequires: openssl-devel >= 1.0.1 +BuildRequires: zlib-devel +%if %{with charls2} +BuildRequires: CharLS-devel >= 2.0.0 +%endif +BuildRequires: doxygen + +%description +DCMTK is a collection of libraries and applications implementing large +parts the DICOM standard. It includes software for examining, +constructing and converting DICOM image files, handling offline media, +sending and receiving images over a network connection, as well as +demonstrative image storage and worklist servers. DCMTK is is written +in a mixture of ANSI C and C++. It comes in complete source code and +is made available as "open source" software. This package includes +multiple fixes taken from the "patched DCMTK" project. + +Install DCMTK if you are working with DICOM format medical image files. + +%package devel +Summary: Development Libraries and Headers for dcmtk +Requires: %{name}%{?_isa} = %{version}-%{release} +%if %{with charls2} +Requires: CharLS-devel%{?_isa} +%endif +Requires: libpng-devel%{?_isa} +Requires: libtiff-devel%{?_isa} + +%description devel +Development Libraries and Headers for dcmtk. You only need to install +this if you are developing programs that use the dcmtk libraries. + +%prep +%autosetup -n %{name}-%{version} -p1 -S git + +%if %{with charls2} +# Remove bundled libraries +rm -rf dcmjpls/libcharls/ +%endif + +# Fix permissions +find . -type f -name "*.h" -exec chmod 0644 '{}' \; +find . -type f -name "*.cc" -exec chmod 0644 '{}' \; + +%build +export CFLAGS="%{optflags} -fPIC -Wno-error=deprecated-declarations" +export CXXFLAGS="%{optflags} -fPIC -Wno-error=deprecated-declarations" +export LDFLAGS="%{__global_ldflags} -fPIC" +%cmake -DCMAKE_BUILD_TYPE:STRING="Release" \ + -DDCMTK_INSTALL_LIBDIR=%{_lib} \ + -DDCMTK_INSTALL_CMKDIR=%{_lib}/cmake/%{name} \ + -DCMAKE_INSTALL_DOCDIR:PATH=%{_pkgdocdir} \ + -DCMAKE_INSTALL_INCLUDEDIR:PATH=include \ + -DCMAKE_INSTALL_MANDIR:PATH=%{_mandir} \ + -DCMAKE_INSTALL_PREFIX:PATH=%{_prefix} \ + -DCMAKE_INSTALL_SYSCONFDIR:PATH=%{_sysconfdir} \ + -DCMAKE_INSTALL_DATADIR:PATH=share \ + -DBUILD_APPS:BOOL=ON \ + -DBUILD_SHARED_LIBS:BOOL=ON \ + -DBUILD_SINGLE_SHARED_LIBRARY:BOOL=OFF \ + -DDCMTK_WITH_OPENSSL:BOOL=ON \ + -DDCMTK_WITH_PNG:BOOL=ON \ + -DDCMTK_WITH_PRIVATE_TAGS:BOOL=ON \ + -DDCMTK_WITH_TIFF:BOOL=ON \ + -DDCMTK_WITH_XML:BOOL=ON \ + -DDCMTK_WITH_CHARLS:BOOL=ON \ + -DDCMTK_WITH_ZLIB:BOOL=ON \ + -DDCMTK_ENABLE_CXX11:BOOL=ON \ + -Wno-dev +%cmake_build + +%install +%cmake_install + +# Remove zero-lenght file +rm -f $RPM_BUILD_ROOT%{_datadir}/%{name}/wlistdb/OFFIS/lockfile + +%ldconfig_scriptlets + +%check +# remove dcmtls_scp_tls and dcmtls_scp_pool_tls that sporadically fails +# upstream considers these tests unstable +# https://forum.dcmtk.org/viewtopic.php?t=5084#p20705 +rm -rf %{_vpath_builddir}/dcmtls/tests/ +%ctest + +%files +%license COPYRIGHT +%{_pkgdocdir}/ +%{_bindir}/* +%{_libdir}/libdcmfg.so.%{soname_version} +%{_libdir}/libcmr.so.%{abi_version} +%{_libdir}/libcmr.so.%{soname_version} +%{_libdir}/libdcmdata.so.%{abi_version} +%{_libdir}/libdcmdata.so.%{soname_version} +%{_libdir}/libdcmdsig.so.%{abi_version} +%{_libdir}/libdcmdsig.so.%{soname_version} +%{_libdir}/libdcmect.so.%{abi_version} +%{_libdir}/libdcmect.so.%{soname_version} +%{_libdir}/libdcmfg.so.%{abi_version} +%{_libdir}/libdcmimage.so.%{abi_version} +%{_libdir}/libdcmimage.so.%{soname_version} +%{_libdir}/libdcmimgle.so.%{abi_version} +%{_libdir}/libdcmimgle.so.%{soname_version} +%{_libdir}/libdcmiod.so.%{abi_version} +%{_libdir}/libdcmiod.so.%{soname_version} +%{_libdir}/libdcmjpeg.so.%{abi_version} +%{_libdir}/libdcmjpeg.so.%{soname_version} +%{_libdir}/libdcmjpls.so.%{abi_version} +%{_libdir}/libdcmjpls.so.%{soname_version} +%{_libdir}/libdcmnet.so.%{abi_version} +%{_libdir}/libdcmnet.so.%{soname_version} +%{_libdir}/libdcmpmap.so.%{abi_version} +%{_libdir}/libdcmpmap.so.%{soname_version} +%{_libdir}/libdcmpstat.so.%{abi_version} +%{_libdir}/libdcmpstat.so.%{soname_version} +%{_libdir}/libdcmqrdb.so.%{abi_version} +%{_libdir}/libdcmqrdb.so.%{soname_version} +%{_libdir}/libdcmrt.so.%{abi_version} +%{_libdir}/libdcmrt.so.%{soname_version} +%{_libdir}/libdcmseg.so.%{abi_version} +%{_libdir}/libdcmseg.so.%{soname_version} +%{_libdir}/libdcmsr.so.%{abi_version} +%{_libdir}/libdcmsr.so.%{soname_version} +%{_libdir}/libdcmtkcharls.so.%{abi_version} +%{_libdir}/libdcmtkcharls.so.%{soname_version} +%{_libdir}/libdcmtls.so.%{abi_version} +%{_libdir}/libdcmtls.so.%{soname_version} +%{_libdir}/libdcmtract.so.%{abi_version} +%{_libdir}/libdcmtract.so.%{soname_version} +%{_libdir}/libdcmwlm.so.%{abi_version} +%{_libdir}/libdcmwlm.so.%{soname_version} +%{_libdir}/libi2d.so.%{abi_version} +%{_libdir}/libi2d.so.%{soname_version} +%{_libdir}/libijg12.so.%{abi_version} +%{_libdir}/libijg12.so.%{soname_version} +%{_libdir}/libijg%{abi_version}.so +%{_libdir}/libijg%{abi_version}.so.%{abi_version} +%{_libdir}/libijg%{abi_version}.so.%{soname_version} +%{_libdir}/libijg8.so.%{abi_version} +%{_libdir}/libijg8.so.%{soname_version} +%{_libdir}/liboflog.so.%{abi_version} +%{_libdir}/liboflog.so.%{soname_version} +%{_libdir}/libofstd.so.%{abi_version} +%{_libdir}/libofstd.so.%{soname_version} +%dir %{_sysconfdir}/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/dcmpstat.cfg +%config(noreplace) %{_sysconfdir}/%{name}/dcmqrscp.cfg +%config(noreplace) %{_sysconfdir}/%{name}/printers.cfg +%config(noreplace) %{_sysconfdir}/%{name}/storescp.cfg +%config(noreplace) %{_sysconfdir}/%{name}/storescu.cfg +%config(noreplace) %{_sysconfdir}/%{name}/filelog.cfg +%config(noreplace) %{_sysconfdir}/%{name}/logger.cfg +%{_datadir}/%{name}/ +%{_mandir}/man1/*.1* + +%files devel +%{_includedir}/%{name}/ +%{_libdir}/cmake/%{name}/ +%{_libdir}/libcmr.so +%{_libdir}/libdcmdata.so +%{_libdir}/libdcmdsig.so +%{_libdir}/libdcmect.so +%{_libdir}/libdcmfg.so +%{_libdir}/libdcmimgle.so +%{_libdir}/libdcmimage.so +%{_libdir}/libdcmiod.so +%{_libdir}/libdcmjpeg.so +%{_libdir}/libdcmjpls.so +%{_libdir}/libdcmnet.so +%{_libdir}/libdcmpmap.so +%{_libdir}/libdcmpstat.so +%{_libdir}/libdcmqrdb.so +%{_libdir}/libdcmrt.so +%{_libdir}/libdcmseg.so +%{_libdir}/libdcmsr.so +%{_libdir}/libdcmtkcharls.so +%{_libdir}/libdcmtls.so +%{_libdir}/libdcmtract.so +%{_libdir}/libdcmwlm.so +%{_libdir}/libi2d.so +%{_libdir}/libijg12.so +%{_libdir}/libijg8.so +%{_libdir}/liboflog.so +%{_libdir}/libofstd.so + +%changelog +* Sat Apr 27 2024 Arkady L. Shane - 3.6.6-12 +- Rebuilt for MSVSphere 9.3 + +* Thu Mar 02 2023 Carl George - 3.6.6-12 +- Backport fix for CVE-2021-41687/CVE-2021-41688/CVE-2021-41690, resolves rhbz#2106336/rhbz#2106315/rhbz#2106332 +- Backport fix for CVE-2021-41689, resolves rhbz#2106340 +- Backport fix for CVE-2022-2119/CVE-2022-2120/CVE-2022-2121, resolves rhbz#2173039/rhbz#2173042/rhbz#2173045 +- Backport fix for CVE-2022-43272, resolves rhbz#2150931 +- Disable dcmtls tests on all architectures + +* Mon Apr 25 2022 Ankur Sinha - 3.6.6-11 +- Disable sporadically failing test on s390x also + +* Mon Apr 25 2022 Ankur Sinha - 3.6.6-10 +- Use bundled charls + +* Mon Apr 25 2022 Ankur Sinha - 3.6.6-9 +- Temporarily allow use of deprecated flags to fix build with openssl 3.0 + +* Thu Jan 20 2022 Fedora Release Engineering - 3.6.6-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Sep 14 2021 Sahana Prasad - 3.6.6-7 +- Rebuilt with OpenSSL 3.0.0 + +* Mon Aug 09 2021 Ankur Sinha - 3.6.6-6 +- Explicitly set ABI version in shared objects +- Include note about lack of ABI compatibility +- Include note about versioning scheme + +* Wed Aug 04 2021 Alessio - 3.6.6-5 +- Removed dcmtls_scp_tls and dcmtls_scp_pool_tls from ppc64le because sporadically fail + +* Tue Aug 03 2021 Alessio - 3.6.6-4 +- Added patch to solve endianess test + +* Wed Jul 28 2021 Alessio - 3.6.6-3 +- Added patch to increase sleep time in the dcmtls_scp_pool_tls test + +* Sat Jul 24 2021 Alessio - 3.6.6-1 +- Release 3.6.6 + +* Wed Jul 21 2021 Fedora Release Engineering - 3.6.4-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon Apr 12 2021 Benjamin A. Beasley - 3.6.4-10 +- Fix RHBZ#1827255 (Manual pages installed at the wrong path) + +* Tue Jan 26 2021 Fedora Release Engineering - 3.6.4-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Sep 04 2020 Ankur Sinha - 3.6.4-8 +- Update cmake macros + +* Sat Aug 01 2020 Fedora Release Engineering - 3.6.4-7 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 3.6.4-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jan 28 2020 Fedora Release Engineering - 3.6.4-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Sep 06 2019 Ankur Sinha - 3.6.4-4 +- Update to use CharLS v2 + +* Fri Sep 06 2019 Devrim Gündüz - 3.6.4-3 +- Rebuild for new CharLS + +* Wed Jul 24 2019 Fedora Release Engineering - 3.6.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sat Mar 09 2019 Antonio Trande - 3.6.4-1 +- Release 3.6.4 +- Use %%_pkgdocdir +- Active modern C++ support +- Enable tests + +* Thu Jan 31 2019 Fedora Release Engineering - 3.6.2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Jul 12 2018 Fedora Release Engineering - 3.6.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 3.6.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Jan 31 2018 Igor Gnatenko - 3.6.2-2 +- Switch to %%ldconfig_scriptlets + +* Sun Dec 10 2017 Jens Lody - 3.6.2-1 +- Update to 3.6.2, fixes rhbz #1440439. +- Do not use deprecated tcp-wrappers, fixes rhbz #1518760. + +* Sun Aug 06 2017 Björn Esser - 3.6.1-8 +- Rebuilt for AutoReq cmake-filesystem + +* Wed Aug 02 2017 Fedora Release Engineering - 3.6.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 3.6.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 3.6.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 03 2016 Fedora Release Engineering - 3.6.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering - 3.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat May 02 2015 Kalev Lember - 3.6.1-2 +- Rebuilt for GCC 5 C++11 ABI change + +* Mon Dec 15 2014 Mario Ceresa - 3.6.1-1 +- Upgraded to new upstream version. +- Various fixes to the specfile +- Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails + +* Sat Aug 16 2014 Fedora Release Engineering - 3.6.0-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 3.6.0-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Aug 06 2013 Mario Ceresa - 3.6.0-16 +- General spec cleanup +- Move libs into _lib and remove ldd config file +- Fixes versioned doc dir as per BZ993719 +- Bump up release + +* Sat Aug 03 2013 Fedora Release Engineering - 3.6.0-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Jul 10 2013 Mario Ceresa - 3.6.0-14 +- Added more requires to devel package as per BZ922937 +- Added _isa to explicit requires + +* Wed Feb 13 2013 Fedora Release Engineering - 3.6.0-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Aug 01 2012 Jon Ciesla - 3.6.0-12 +- FTBFS, BZ 819236. + +* Wed Jul 18 2012 Fedora Release Engineering - 3.6.0-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue Feb 28 2012 Fedora Release Engineering - 3.6.0-10 +- Rebuilt for c++ ABI breakage + +* Fri Jan 13 2012 Fedora Release Engineering - 3.6.0-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Dec 06 2011 Adam Jackson - 3.6.0-8 +- Rebuild for new libpng + +* Thu Oct 20 2011 Dan Horák 3.6.0-7 +- skip the EOL conversion step, files are correct (FTBFS due a change in dos2unix) + +* Wed Oct 19 2011 Mario Ceresa 3.6.0-6 +- Added explicit require for CharLS-devel as requested in #745277 + +* Wed Apr 20 2011 Mario Ceresa 3.6.0-5 +- Fixed dir ownership + +* Wed Apr 20 2011 Mario Ceresa 3.6.0-4 +- Added doxygen BR + +* Tue Mar 22 2011 Mario Ceresa 3.6.0-3 +- Fixed soname generation for residual modules + +* Mon Mar 21 2011 Mario Ceresa 3.6.0-2 +- Fixed shared library generation +- Fixed patch schema numbering + +* Sun Mar 20 2011 Mario Ceresa 3.6.0-1 +- Removed bundled charls +- Rebased on public dcmtk git repository + +* Thu Feb 3 2011 Mario Ceresa 3.6.1-1.20110203git +- Updated to new version +- Added patch to fix shared lib generation + +* Tue Oct 19 2010 Mario Ceresa 3.5.4-4 +- Adding soname's to generated lib + +* Mon Mar 15 2010 Andy Loening 3.5.4-3 +- updates for packaging with fedora core +- multiple fixes/enhancements from pdcmtk version 48 + +* Sat Jan 02 2010 Andy Loening 3.5.4-2 +- tlslayer.cc patch for openssl 1.0 + +* Thu Feb 02 2006 Andy Loening 3.5.4-1 +- initial build