File openexr-CVE-2021-3605.patch of Package openexr.21776
--- a/IlmImf/ImfRle.cpp +++ b/IlmImf/ImfRle.cpp @@ -146,6 +146,11 @@ rleUncompress (int inLength, int maxLength, const signed char in[], char out[]) if (0 > (maxLength -= count + 1)) return 0; + // check the input buffer is big enough to contain + // byte to be duplicated + if (inLength < 0) + return 0; + memset(out, *(char*)in, count+1); out += count+1;