Use bundled eigen3 on ppc64le - https://issues.redhat.com/browse/RHEL-131497

Backport ppc64le inline patch
Rebuild for gdal (rhbz#2416611)
2025-12-04 07:41:45 -07:00 · 2025-11-26 08:33:07 -07:00 · 2025-11-24 17:21:22 -07:00 · 2025-06-24 09:28:27 -06:00 · 2023-04-25 17:56:21 -06:00
4 changed files with 99 additions and 3 deletions
--- a/9621.patch
+++ b/9621.patch
@ -0,0 +1,36 @@
+From 72119ea71422d2892f2a0475fc282835310f8d9e Mon Sep 17 00:00:00 2001
+From: Cory Quammen <cory.quammen@kitware.com>
+Date: Thu, 29 Sep 2022 13:10:00 -0400
+Subject: [PATCH] vtkXMLTreeReader: protect against possible nullptr
+ dereference
+
+Vulnerability reported at
+https://nvd.nist.gov/vuln/detail/CVE-2021-42521.
+
+Fixes #17818
+
+(cherry picked from commit 9a2fe8ef2ecbf04f811b2e02b71eae8b94aae089)
+---
+ IO/Infovis/vtkXMLTreeReader.cxx | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/IO/Infovis/vtkXMLTreeReader.cxx b/IO/Infovis/vtkXMLTreeReader.cxx
+index 64abca37e96..af64572b27f 100644
+--- a/IO/Infovis/vtkXMLTreeReader.cxx
+++ b/IO/Infovis/vtkXMLTreeReader.cxx
+@@ -217,6 +217,12 @@ int vtkXMLTreeReader::RequestData(
+ 
+   // Get the root element node
+   xmlNode* rootElement = xmlDocGetRootElement(doc);
+  if (!rootElement)
+  {
+    vtkErrorMacro(<< "Could not get root element of document.");
+    return 0;
+  }
+
+   vtkXMLTreeReaderProcessElement(builder, -1, rootElement, this->ReadCharData, this->MaskArrays);
+ 
+   xmlFreeDoc(doc);
+-- 
+GitLab
+
--- a/vtk-eigen3.patch
+++ b/vtk-eigen3.patch
@ -0,0 +1,12 @@
+diff -up VTK-9.1.0/ThirdParty/eigen/vtkeigen/CMakeLists.txt.eigen3 VTK-9.1.0/ThirdParty/eigen/vtkeigen/CMakeLists.txt
+--- VTK-9.1.0/ThirdParty/eigen/vtkeigen/CMakeLists.txt.eigen3	2021-11-04 13:48:20.000000000 -0600
+++ VTK-9.1.0/ThirdParty/eigen/vtkeigen/CMakeLists.txt	2025-12-03 21:34:28.475070319 -0700
+@@ -486,7 +486,7 @@ endif ()
+ 
+ foreach(var INCLUDE_INSTALL_DIR CMAKEPACKAGE_INSTALL_DIR PKGCONFIG_INSTALL_DIR)
+   if(IS_ABSOLUTE "${${var}}")
+-    message(FATAL_ERROR "${var} must be relative to CMAKE_PREFIX_PATH. Got: ${${var}}")
+    file(RELATIVE_PATH "${var}" "${CMAKE_INSTALL_PREFIX}" "${${var}}")
+   endif()
+ endforeach()
+ 
--- a/vtk-ppc64-no-always-inline.patch
+++ b/vtk-ppc64-no-always-inline.patch
@ -0,0 +1,14 @@
+diff --git a/Common/Core/vtkDataArrayMeta.h b/Common/Core/vtkDataArrayMeta.h
+index 376244b..9b8f58e 100644
+--- a/Common/Core/vtkDataArrayMeta.h
+++ b/Common/Core/vtkDataArrayMeta.h
+@@ -43,7 +43,8 @@
+ #define VTK_ITER_ASSERT(x, msg)
+ #endif
+ 
+-#if defined(VTK_ALWAYS_OPTIMIZE_ARRAY_ITERATORS) && !defined(VTK_DEBUG_RANGE_ITERATORS)
+#if (defined(VTK_ALWAYS_OPTIMIZE_ARRAY_ITERATORS) || !defined(VTK_DEBUG_RANGE_ITERATORS)) &&       \
+  !defined(VTK_COMPILER_MSVC) && !defined(__PPC64__)
+ #define VTK_ITER_INLINE VTK_ALWAYS_INLINE
+ #define VTK_ITER_ASSUME VTK_ASSUME_NO_ASSERT
+ #define VTK_ITER_OPTIMIZE_START VTK_ALWAYS_OPTIMIZE_START
--- a/vtk.spec
+++ b/vtk.spec
@ -31,6 +31,13 @@
 %bcond_without flexiblas
 %endif

+%ifarch ppc64le
+# Deal with ppc64le issue - https://issues.redhat.com/browse/RHEL-131497
+%bcond_with eigen3
+%else
+%bcond_without eigen3
+%endif
+
 # VTK currently is carrying local modifications to gl2ps
 %bcond_with gl2ps

@ -40,7 +47,7 @@
 Summary: The Visualization Toolkit - A high level 3D visualization library
 Name: vtk
 Version: 9.1.0
-Release: 17%{?dist}
+Release: 20%{?dist}
 # This is a variant BSD license, a cross between BSD and ZLIB.
 # For all intents, it has the same rights and restrictions as BSD.
 # http://fedoraproject.org/wiki/Licensing/BSD#VTKBSDVariant
@ -58,6 +65,14 @@ Patch2: vtk-netcdf.patch
 # Duplicate define conflict with Xutil, see:
 # https://gitlab.kitware.com/vtk/vtk/-/issues/18048
 Patch3: vtk-AllValues.patch
+# CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference
+Patch4: https://gitlab.kitware.com/vtk/vtk/-/merge_requests/9621.patch
+# always_inline fails on ppc64le
+# https://gitlab.kitware.com/vtk/vtk/-/issues/19622
+# https://bugzilla.redhat.com/show_bug.cgi?id=2386242
+Patch5: vtk-ppc64-no-always-inline.patch
+# Fix build of bundled eigen3
+Patch6: vtk-eigen3.patch

 URL: https://vtk.org/

@ -82,7 +97,9 @@ BuildRequires:  boost-devel
 BuildRequires:  cgnslib-devel
 BuildRequires:  cli11-devel
 BuildRequires:  double-conversion-devel
+%if %{with eigen3}
 BuildRequires:  eigen3-devel
+%endif
 BuildRequires:  expat-devel
 %if %{with fmt}
 BuildRequires:  fmt-devel >= 8.1.0
@ -168,7 +185,9 @@ Requires: cgnslib-devel%{?_isa} \
 Requires: cli11-static \
 Requires: double-conversion-devel%{?_isa} \
 # eigen3 is noarch and header-only \
+%if %{with eigen3} \
 Requires: eigen3-static \
+%endif \
 Requires: expat-devel%{?_isa} \
 %if %{with fmt} \
 Requires: fmt-devel%{?_isa} \
@ -491,7 +510,7 @@ programming languages.
 # TODO - VPIC - not yet packaged
 # TODO - xdmf2 - not yet packaged
 # TODO - xdmf3 - not yet packaged
-for x in vtk{cli11,doubleconversion,eigen,expat,%{?with_fmt:fmt,}freetype,%{?with_gl2ps:gl2ps,}glew,hdf5,jpeg,jsoncpp,libharu,libproj,libxml2,lz4,lzma,mpi4py,netcdf,ogg,pegtl,png,pugixml,sqlite,theora,tiff,utf8,zfp,zlib}
+for x in vtk{cli11,doubleconversion,%{?with_eigen3:eigen,}expat,%{?with_fmt:fmt,}freetype,%{?with_gl2ps:gl2ps,}glew,hdf5,jpeg,jsoncpp,libharu,libproj,libxml2,lz4,lzma,mpi4py,netcdf,ogg,pegtl,png,pugixml,sqlite,theora,tiff,utf8,zfp,zlib}
 do
  rm -r ThirdParty/*/${x}
 done
@ -558,13 +577,16 @@ export JAVA_TOOL_OPTIONS=-Xmx2048m
 %endif \
 -DVTK_WRAP_PYTHON:BOOL=ON \\\
 -DVTK_USE_EXTERNAL=ON \\\
+%if !%{with eigen3} \
+ -DVTK_MODULE_USE_EXTERNAL_VTK_eigen:BOOL=OFF \\\
+%endif \
+ -DVTK_MODULE_USE_EXTERNAL_VTK_exprtk:BOOL=OFF \\\
 %if !%{with fmt} \
 -DVTK_MODULE_USE_EXTERNAL_VTK_fmt:BOOL=OFF \\\
 %endif \
 %if !%{with gl2ps} \
 -DVTK_MODULE_USE_EXTERNAL_VTK_gl2ps:BOOL=OFF \\\
 %endif \
- -DVTK_MODULE_USE_EXTERNAL_VTK_exprtk:BOOL=OFF \\\
 -DVTK_MODULE_USE_EXTERNAL_VTK_ioss:BOOL=OFF \\\
 -DVTK_USE_TK=ON \\\
  %{?with_flexiblas:-DBLA_VENDOR=FlexiBLAS}
@ -844,6 +866,18 @@ cat xorg.log


 %changelog
+* Tue Nov 25 2025 Orion Poplawski <orion@nwra.com> - 9.1.0-20
+- Rebuild for gdal (rhbz#2416611)
+- Backport ppc64le inline patch
+- Use bundled eigen3 on ppc64le - https://issues.redhat.com/browse/RHEL-131497
+
+* Tue Jun 24 2025 Orion Poplawski <orion@nwra.com> - 9.1.0-19
+- Rebuild for proj 9
+
+* Tue Apr 25 2023 Orion Poplawski <orion@nwra.com> - 9.1.0-18
+- Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr
+  dereference (bz#2189654)
+
 * Thu Jul 28 2022 Orion Poplawski <orion@nwra.com> - 9.1.0-17
 - Remove all of vtkdata/Wrapping to keep vtk-data noarch
Author	SHA1	Message	Date
Orion Poplawski	02400611be	Use bundled eigen3 on ppc64le - https://issues.redhat.com/browse/RHEL-131497	2025-12-04 07:41:45 -07:00
Orion Poplawski	cedd757304	Backport ppc64le inline patch	2025-11-26 08:33:07 -07:00
Orion Poplawski	3da9ad4e02	Rebuild for gdal (rhbz#2416611)	2025-11-24 17:21:22 -07:00
Orion Poplawski	c83770a71c	Rebuild for proj 9	2025-06-24 09:28:27 -06:00
Orion Poplawski	0744477aa5	Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference (bz#2189654)	2023-04-25 17:56:21 -06:00