Overview

File openjpeg2-CVE-2020-27842.patch of Package openjpeg2.36921

Index: openjpeg-2.1.0/src/lib/openjp2/t2.c
===================================================================
--- openjpeg-2.1.0.orig/src/lib/openjp2/t2.c
+++ openjpeg-2.1.0/src/lib/openjp2/t2.c
@@ -586,8 +586,15 @@ OPJ_BOOL opj_t2_encode_packet(  OPJ_UINT
                 band = res->bands;
 
                 for(bandno = 0; bandno < res->numbands; ++bandno) {
-                        opj_tcd_precinct_t *prc = &band->precincts[precno];
+                        opj_tcd_precinct_t *prc;
 
+                        /* Avoid out of bounds access of https://github.com/uclouvain/openjpeg/issues/1294 */
+                        /* but likely not a proper fix. */
+                        if (precno >= res->pw * res->ph) {
+                                return OPJ_FALSE;
+                        }
+
+                        prc = &band->precincts[precno];
                         opj_tgt_reset(prc->incltree);
                         opj_tgt_reset(prc->imsbtree);
openSUSE Build Service is sponsored by
Places