File jasper-CVE-2021-3272.patch of Package jasper

Overview Repositories Revisions Requests Users Attributes Meta

File jasper-CVE-2021-3272.patch of Package jasper

Index: jasper-1.900.14/src/libjasper/jp2/jp2_dec.c
===================================================================
--- jasper-1.900.14.orig/src/libjasper/jp2/jp2_dec.c
+++ jasper-1.900.14/src/libjasper/jp2/jp2_dec.c
@@ -250,7 +250,7 @@ jas_image_t *jp2_decode(jas_stream_t *in
 	  with the data in the code stream? */
 	if ((samedtype && dec->ihdr->data.ihdr.bpc != JP2_DTYPETOBPC(dtype)) ||
 	  (!samedtype && dec->ihdr->data.ihdr.bpc != JP2_IHDR_BPCNULL)) {
-		jas_eprintf("warning: component data type mismatch\n");
+		jas_eprintf("warning: component data type mismatch (IHDR)\n");
 	}
 
 	/* Is the compression type supported? */
@@ -273,7 +273,7 @@ jas_image_t *jp2_decode(jas_stream_t *in
 			  ++i) {
 				if (jas_image_cmptdtype(dec->image, i) !=
 				  JP2_BPCTODTYPE(dec->bpcc->data.bpcc.bpcs[i])) {
-					jas_eprintf("warning: component data type mismatch\n");
+					jas_eprintf("warning: component data type mismatch (BPCC)\n");
 				}
 			}
 		} else {
@@ -392,6 +392,14 @@ jas_image_t *jp2_decode(jas_stream_t *in
 		}
 	}
 
+	/* Ensure that the number of channels being used by the decoder
+	 * matches the number of image components. */
+	if (dec->numchans != jas_image_numcmpts(dec->image)) {
+		jas_eprintf("error: mismatch in number of components (%d != %d)\n",
+				dec->numchans, jas_image_numcmpts(dec->image));
+		goto error;
+	}
+
 	/* Mark all components as being of unknown type. */
 
 	for (i = 0; i < JAS_CAST(uint, jas_image_numcmpts(dec->image)); ++i) {

Places

File jasper-CVE-2021-3272.patch of Package jasper

Places