Overview

File openjpeg-CVE-2018-21010.patch of Package openjpeg.26661

Index: openjpeg-1.5.2/applications/common/color.c
===================================================================
--- openjpeg-1.5.2.orig/applications/common/color.c
+++ openjpeg-1.5.2/applications/common/color.c
@@ -384,6 +384,10 @@ fprintf(stderr,"%s:%d:color_apply_icc_pr
 
 	if(image->numcomps > 2)/* RGB, RGBA */
    {
+	   if ((image->comps[0].w == image->comps[1].w &&
+			image->comps[0].w == image->comps[2].w) &&
+		   (image->comps[0].h == image->comps[1].h &&
+			image->comps[0].h == image->comps[2].h)) {
 	unsigned short *inbuf, *outbuf, *in, *out;
 	max = max_w * max_h; nr_samples = max * 3 * sizeof(unsigned short);
 	in = inbuf = (unsigned short*)malloc(nr_samples);
@@ -413,6 +417,12 @@ fprintf(stderr,"%s:%d:color_apply_icc_pr
 	*b++ = (int)*out++;
   }
 	free(inbuf); free(outbuf);
+   } else {
+		   fprintf(stderr,
+				   "[ERROR] Image components should have the same width and height\n");
+		   cmsDeleteTransform(transform);
+		   return;
+	   }
    }
 	else /* GRAY, GRAYA */
    {
openSUSE Build Service is sponsored by
Places