File jasper-CVE-2020-27828.patch of Package jasper.23813
Index: jasper-2.0.14/src/libjasper/jpc/jpc_enc.c
===================================================================
--- jasper-2.0.14.orig/src/libjasper/jpc/jpc_enc.c
+++ jasper-2.0.14/src/libjasper/jpc/jpc_enc.c
@@ -510,6 +510,11 @@ static jpc_enc_cp_t *cp_create(const cha
break;
case OPT_MAXRLVLS:
tccp->maxrlvls = atoi(jas_tvparser_getval(tvp));
+ if (tccp->maxrlvls > JPC_MAXRLVLS) {
+ jas_eprintf("number of resolution levels exceeds maximum %d\n",
+ JPC_MAXRLVLS);
+ goto error;
+ }
break;
case OPT_SOP:
cp->tcp.csty |= JPC_COD_SOP;