Overview

File openjpeg-CVE-2021-29338.patch of Package openjpeg.23765

Index: openjpeg-1.5.2/applications/codec/image_to_j2k.c
===================================================================
--- openjpeg-1.5.2.orig/applications/codec/image_to_j2k.c
+++ openjpeg-1.5.2/applications/codec/image_to_j2k.c
@@ -1554,10 +1554,10 @@ int main(int argc, char **argv) {
 	/* Read directory if necessary */
 	if(img_fol.set_imgdir==1){
 		num_images=get_num_images(img_fol.imgdirpath);
-		dirptr=(dircnt_t*)malloc(sizeof(dircnt_t));
+		dirptr=(dircnt_t*)calloc(1, sizeof(dircnt_t));
 		if(dirptr){
-			dirptr->filename_buf = (char*)malloc(num_images*OPJ_PATH_LEN*sizeof(char));	/* Stores at max 10 image file names*/
-			dirptr->filename = (char**) malloc(num_images*sizeof(char*));
+			dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN*sizeof(char));	/* Stores at max 10 image file names*/
+			dirptr->filename = (char**) calloc(num_images, sizeof(char*));
 			if(!dirptr->filename_buf){
 				return 0;
 			}
Index: openjpeg-1.5.2/applications/codec/j2k_dump.c
===================================================================
--- openjpeg-1.5.2.orig/applications/codec/j2k_dump.c
+++ openjpeg-1.5.2/applications/codec/j2k_dump.c
@@ -361,10 +361,10 @@ int main(int argc, char *argv[])
 	if(img_fol.set_imgdir==1){	
 		num_images=get_num_images(img_fol.imgdirpath);
 
-		dirptr=(dircnt_t*)malloc(sizeof(dircnt_t));
+		dirptr=(dircnt_t*)calloc(1, sizeof(dircnt_t));
 		if(dirptr){
-			dirptr->filename_buf = (char*)malloc(num_images*OPJ_PATH_LEN*sizeof(char));	/* Stores at max 10 image file names*/
-			dirptr->filename = (char**) malloc(num_images*sizeof(char*));
+			dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN*sizeof(char));	/* Stores at max 10 image file names*/
+			dirptr->filename = (char**) calloc(num_images, sizeof(char*));
 
 			if(!dirptr->filename_buf){
 				return 1;
Index: openjpeg-1.5.2/applications/codec/j2k_to_image.c
===================================================================
--- openjpeg-1.5.2.orig/applications/codec/j2k_to_image.c
+++ openjpeg-1.5.2/applications/codec/j2k_to_image.c
@@ -556,10 +556,10 @@ int main(int argc, char **argv) {
 	if(img_fol.set_imgdir==1){	
 		num_images=get_num_images(img_fol.imgdirpath);
 
-		dirptr=(dircnt_t*)malloc(sizeof(dircnt_t));
+		dirptr=(dircnt_t*)calloc(1, sizeof(dircnt_t));
 		if(dirptr){
-			dirptr->filename_buf = (char*)malloc(num_images*OPJ_PATH_LEN*sizeof(char));	/* Stores at max 10 image file names*/
-			dirptr->filename = (char**) malloc(num_images*sizeof(char*));
+			dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN*sizeof(char));	/* Stores at max 10 image file names*/
+			dirptr->filename = (char**) calloc(num_images, sizeof(char*));
 
 			if(!dirptr->filename_buf){
 				return 1;
openSUSE Build Service is sponsored by
Places