File jasper-CVE-2020-27828.patch of Package jasper.23813

Index: jasper-2.0.14/src/libjasper/jpc/jpc_enc.c
===================================================================
--- jasper-2.0.14.orig/src/libjasper/jpc/jpc_enc.c
+++ jasper-2.0.14/src/libjasper/jpc/jpc_enc.c
@@ -510,6 +510,11 @@ static jpc_enc_cp_t *cp_create(const cha
 			break;
 		case OPT_MAXRLVLS:
 			tccp->maxrlvls = atoi(jas_tvparser_getval(tvp));
+			if (tccp->maxrlvls > JPC_MAXRLVLS) {
+				jas_eprintf("number of resolution levels exceeds maximum %d\n",
+						JPC_MAXRLVLS);
+				goto error;
+			}
 			break;
 		case OPT_SOP:
 			cp->tcp.csty |= JPC_COD_SOP;

Places

File jasper-CVE-2020-27828.patch of Package jasper.23813

Places