Overview

File jasper-CVE-2018-19542.patch of Package jasper

See: https://github.com/mdadams/jasper/pull/200

Index: jasper-2.0.14/src/libjasper/jp2/jp2_dec.c
===================================================================
--- jasper-2.0.14.orig/src/libjasper/jp2/jp2_dec.c
+++ jasper-2.0.14/src/libjasper/jp2/jp2_dec.c
@@ -388,6 +388,9 @@ jas_image_t *jp2_decode(jas_stream_t *in
 				jas_image_setcmpttype(dec->image, newcmptno, jp2_getct(jas_image_clrspc(dec->image), 0, channo + 1));
 				}
 #endif
+			} else {
+				jas_eprintf("error: invalid MTYP in CMAP box\n");
+				goto error;
 			}
 		}
 	}
openSUSE Build Service is sponsored by
Places