File openjpeg-CVE-2018-16376.patch of Package openjpeg.23765

Index: openjpeg-1.5.2/libopenjpeg/t2.c
===================================================================
--- openjpeg-1.5.2.orig/libopenjpeg/t2.c
+++ openjpeg-1.5.2/libopenjpeg/t2.c
@@ -146,6 +146,10 @@ static int t2_encode_packet(opj_tcd_tile
 	
 	/* <SOP 0xff91> */
 	if (tcp->csty & J2K_CP_CSTY_SOP) {
+		if (length < 6) {
+			return OPJ_FALSE;
+		}
+
 		c[0] = 255;
 		c[1] = 145;
 		c[2] = 0;
@@ -249,6 +253,10 @@ static int t2_encode_packet(opj_tcd_tile
 	
 	/* <EPH 0xff92> */
 	if (tcp->csty & J2K_CP_CSTY_EPH) {
+		if (length < 2) {
+			return OPJ_FALSE;
+		}
+
 		c[0] = 255;
 		c[1] = 146;
 		c += 2;

Places

File openjpeg-CVE-2018-16376.patch of Package openjpeg.23765

Places