File openjpeg2-CVE-2018-18088.patch of Package openjpeg2.39682
From cab352e249ed3372dd9355c85e837613fff98fa2 Mon Sep 17 00:00:00 2001
From: Hugo Lefeuvre <hle@debian.org>
Date: Wed, 7 Nov 2018 18:48:29 +0100
Subject: [PATCH] jp2: convert: fix null pointer dereference
Tile components in a JP2 image might have null data pointer by defining a
zero component size (for example using large horizontal or vertical
sampling periods). This null data pointer leads to null image component
data pointer, causing crash when dereferenced without != null check in
imagetopnm.
Add != null check.
This commit addresses #1152 (CVE-2018-18088).
---
diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
index 38d2d44..718183c 100644
--- a/src/bin/jp2/convert.c
+++ b/src/bin/jp2/convert.c
@@ -2248,6 +2248,11 @@ if(v > 65535) v = 65535; else if(v < 0) v = 0;
opj_version(), wr, hr, max);
red = image->comps[compno].data;
+ if (!red) {
+ fclose(fdest);
+ continue;
+ }
+
adjustR =
(image->comps[compno].sgnd ? 1 << (image->comps[compno].prec - 1) : 0);
