Overview

File openjpeg2-CVE-2016-9115.patch of Package openjpeg2.36921

From 2b3c51a12ce1c71459d3eaab6518deb219f9d6c5 Mon Sep 17 00:00:00 2001
From: Hans Petter Jansson <hpj@cl.no>
Date: Wed, 21 Dec 2016 04:31:21 +0100
Subject: [PATCH 10/11] CVE-2016-9115

---
 src/bin/jp2/convert.c | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
index 2001b87..7e7d644 100644
--- a/src/bin/jp2/convert.c
+++ b/src/bin/jp2/convert.c
@@ -430,6 +430,11 @@ int imagetotga(opj_image_t * image, const char *outfile) {
         return 1;
     }
 
+    if (image->numcomps < 1) {
+        fprintf(stderr, "Unable to create a tga file with such J2K image characteristics.\n");
+        return 1;
+    }
+
     for (i = 0; i < image->numcomps-1; i++)	{
         if ((image->comps[0].dx != image->comps[i+1].dx)
                 ||(image->comps[0].dy != image->comps[i+1].dy)
@@ -440,6 +445,13 @@ int imagetotga(opj_image_t * image, const char *outfile) {
         }
     }
 
+    for (i = 0; i < image->numcomps; i++)	{
+        if (!image->comps[i].data) {
+            fprintf(stderr, "imagetotga: Missing image data in input file.\n");
+            return 1;
+        }
+    }
+
     width  = (int)image->comps[0].w;
     height = (int)image->comps[0].h;
 
@@ -457,8 +469,11 @@ int imagetotga(opj_image_t * image, const char *outfile) {
     scale = 255.0f / (float)((1<<image->comps[0].prec)-1);
 
     adjustR = (image->comps[0].sgnd ? 1 << (image->comps[0].prec - 1) : 0);
-    adjustG = (image->comps[1].sgnd ? 1 << (image->comps[1].prec - 1) : 0);
-    adjustB = (image->comps[2].sgnd ? 1 << (image->comps[2].prec - 1) : 0);
+    if (image->numcomps > 2)
+    {
+        adjustG = (image->comps[1].sgnd ? 1 << (image->comps[1].prec - 1) : 0);
+        adjustB = (image->comps[2].sgnd ? 1 << (image->comps[2].prec - 1) : 0);
+    }
 
 	for (y=0; y < height; y++) 
    {
@@ -3678,6 +3693,11 @@ int imagetopng(opj_image_t * image, const char *write_idf)
     {
         int v;
 
+        if (!image->comps[0].data || !image->comps[1].data || !image->comps[2].data) {
+            fprintf(stderr, "imagetopng: Missing image data in input file\n");
+            goto fin;
+        }
+
         has_alpha = (nr_comp > 3);
 
         is16 = (prec == 16);
@@ -3693,6 +3713,11 @@ int imagetopng(opj_image_t * image, const char *write_idf)
 
         if(has_alpha)
         {
+            if (!image->comps[3].data) {
+                fprintf(stderr, "imagetopng: Missing image data in input file\n");
+                goto fin;
+            }
+
             sig_bit.alpha = (png_byte)prec;
             alpha = image->comps[3].data;
             color_type = PNG_COLOR_TYPE_RGB_ALPHA;
@@ -3818,6 +3843,11 @@ image->comps[1].sgnd,image->comps[2].sgnd,width,height,has_alpha);
         {
             int v;
 
+            if (!image->comps[0].data) {
+                fprintf(stderr, "imagetopng: Missing image data in input file\n");
+                goto fin;
+            }
+
             red = image->comps[0].data;
 
             sig_bit.gray = (png_byte)prec;
@@ -3827,6 +3857,11 @@ image->comps[1].sgnd,image->comps[2].sgnd,width,height,has_alpha);
 
             if(nr_comp == 2)
             {
+                if (!image->comps[1].data) {
+                    fprintf(stderr, "imagetopng: Missing image data in input file\n");
+                    goto fin;
+                }
+
                 has_alpha = 1; sig_bit.alpha = (png_byte)prec;
                 alpha = image->comps[1].data;
                 color_type = PNG_COLOR_TYPE_GRAY_ALPHA;
-- 
1.8.4.5
openSUSE Build Service is sponsored by
Places