Overview

File openjpeg2-CVE-2017-17479-CVE-2017-17480.patch of Package openjpeg2.36921

diff --git a/src/bin/jp3d/convert.c b/src/bin/jp3d/convert.c
index e50f74a..59d6cab 100755
--- a/src/bin/jp3d/convert.c
+++ b/src/bin/jp3d/convert.c
@@ -281,7 +281,7 @@ opj_volume_t* pgxtovolume(char *relpath, opj_cparameters_t *parameters) {
 			fprintf(stdout, "[INFO] Loading %s \n",pgxfiles[pos]);
 
 			fseek(f, 0, SEEK_SET);
-			fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d",temp,&endian1,&endian2,signtmp,&prec,temp,&w,temp,&h);
+			fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d",temp,&endian1,&endian2,signtmp,&prec,temp,&w,temp,&h);
 
 			i=0;
 			sign='+';		
diff --git a/src/bin/jpwl/convert.c b/src/bin/jpwl/convert.c
index 5d9219b..fc22eeb 100644
--- a/src/bin/jpwl/convert.c
+++ b/src/bin/jpwl/convert.c
@@ -1297,7 +1297,7 @@ opj_image_t* pgxtoimage(const char *filename, opj_cparameters_t *parameters) {
 	}
 
 	fseek(f, 0, SEEK_SET);
-	if( fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d",temp,&endian1,&endian2,signtmp,&prec,temp,&w,temp,&h) != 9){
+	if( fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d",temp,&endian1,&endian2,signtmp,&prec,temp,&w,temp,&h) != 9){
 		fprintf(stderr, "ERROR: Failed to read the right number of element from the fscanf() function!\n");
 		return NULL;
 	}
openSUSE Build Service is sponsored by
Places