Overview

File poppler-CVE-2019-12293.patch of Package poppler.29743

Index: poppler-0.62.0/poppler/JPEG2000Stream.cc
===================================================================
--- poppler-0.62.0.orig/poppler/JPEG2000Stream.cc
+++ poppler-0.62.0/poppler/JPEG2000Stream.cc
@@ -254,6 +254,12 @@ void JPXStream::init()
         close();
         break;
       }
+      const int componentPixels = priv->image->comps[component].w * priv->image->comps[component].h;
+      if (componentPixels != priv->npixels) {
+        error(errSyntaxWarning, -1, "Component {0:d} has different WxH than component 0", component);
+        close();
+        break;
+      }
       unsigned char *cdata = (unsigned char *)priv->image->comps[component].data;
       int adjust = 0;
       int depth = priv->image->comps[component].prec;
openSUSE Build Service is sponsored by
Places