Overview

File jasper-CVE-2017-14132.patch of Package jasper.22853

Index: jasper-2.0.14/src/libjasper/base/jas_image.c
===================================================================
--- jasper-2.0.14.orig/src/libjasper/base/jas_image.c
+++ jasper-2.0.14/src/libjasper/base/jas_image.c
@@ -1447,6 +1447,12 @@ jas_eprintf("IMAGE\n");
 jas_image_dump(image, stderr);
 #endif
 
+	if (image->numcmpts_ == 0)
+	/* can't work with a file with no components;
+	 * continuing would crash because we'd attempt to
+	 * obtain information about the first component */
+	return NULL;
+
 	outimage = 0;
 	xform = 0;
 	if (!(inimage = jas_image_copy(image)))
openSUSE Build Service is sponsored by
Places