Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
openjpeg2
openjpeg2-CVE-2016-1924.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openjpeg2-CVE-2016-1924.patch of Package openjpeg2
Index: openjpeg-2.1.0/src/lib/openjp2/j2k.c =================================================================== --- openjpeg-2.1.0.orig/src/lib/openjp2/j2k.c +++ openjpeg-2.1.0/src/lib/openjp2/j2k.c @@ -8449,6 +8449,11 @@ OPJ_BOOL opj_j2k_read_SPCod_SPCoc( opj_ opj_read_bytes(l_current_ptr,&l_tccp->cblksty ,1); /* SPcoc (G) */ ++l_current_ptr; + if (l_tccp->cblksty & 0xC0U) { /* 2 msb are reserved, assume we can't read */ + opj_event_msg(p_manager, EVT_ERROR, + "Error reading SPCod SPCoc element, Invalid code-block style found\n"); + return OPJ_FALSE; + } opj_read_bytes(l_current_ptr,&l_tccp->qmfbid ,1); /* SPcoc (H) */ ++l_current_ptr; Index: openjpeg-2.1.0/src/lib/openjp2/t2.c =================================================================== --- openjpeg-2.1.0.orig/src/lib/openjp2/t2.c +++ openjpeg-2.1.0/src/lib/openjp2/t2.c @@ -847,9 +847,13 @@ OPJ_BOOL opj_t2_read_packet_header( opj_ /* reset tagtrees */ for (bandno = 0; bandno < l_res->numbands; ++bandno) { - opj_tcd_precinct_t *l_prc = &l_band->precincts[p_pi->precno]; - if ( ! ((l_band->x1-l_band->x0 == 0)||(l_band->y1-l_band->y0 == 0)) ) { + opj_tcd_precinct_t *l_prc = &l_band->precincts[p_pi->precno]; + if (!(p_pi->precno < (l_band->precincts_data_size / sizeof(opj_tcd_precinct_t)))) { + fprintf(stderr, "Invalid precinct\n"); + return OPJ_FALSE; + } + opj_tgt_reset(l_prc->incltree); opj_tgt_reset(l_prc->imsbtree); l_cblk = l_prc->cblks.dec;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor