File openexr-CVE-2021-3474.patch of Package openexr.18965

Index: openexr-2.2.1/IlmImf/ImfDwaCompressor.cpp
===================================================================
--- openexr-2.2.1.orig/IlmImf/ImfDwaCompressor.cpp	2021-03-31 17:28:23.070431727 +0200
+++ openexr-2.2.1/IlmImf/ImfDwaCompressor.cpp	2021-03-31 17:28:23.086431821 +0200
@@ -2525,7 +2525,7 @@ DwaCompressor::uncompress
 
     if (acCompressedSize > 0)
     {
-        if (totalAcUncompressedCount*sizeof(unsigned short) > _packedAcBufferSize)
+        if ( !_packedAcBuffer || totalAcUncompressedCount*sizeof(unsigned short) > _packedAcBufferSize)
         {
             throw Iex::InputExc("Error uncompressing DWA data"
                                 "(corrupt header).");
Index: openexr-2.2.1/IlmImf/ImfFastHuf.cpp
===================================================================
--- openexr-2.2.1.orig/IlmImf/ImfFastHuf.cpp	2021-03-31 17:28:23.022431443 +0200
+++ openexr-2.2.1/IlmImf/ImfFastHuf.cpp	2021-03-31 17:28:23.086431821 +0200
@@ -205,7 +205,7 @@ FastHufDecoder::FastHufDecoder
         for (int l = _minCodeLength; l <= _maxCodeLength; ++l)
         {
             countTmp[l] = (double)codeCount[l] * 
-                          (double)(2 << (_maxCodeLength-l));
+                          (double)(2ll << (_maxCodeLength-l));
         }
     
         for (int l = _minCodeLength; l <= _maxCodeLength; ++l)
@@ -215,7 +215,7 @@ FastHufDecoder::FastHufDecoder
             for (int k =l + 1; k <= _maxCodeLength; ++k)
                 tmp += countTmp[k];
             
-            tmp /= (double)(2 << (_maxCodeLength - l));
+            tmp /= (double)(2ll << (_maxCodeLength - l));
 
             base[l] = (Int64)ceil (tmp);
         }