Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
jasper.25970
jasper-CVE-2021-3443.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File jasper-CVE-2021-3443.patch of Package jasper.25970
Index: jasper-1.900.14/src/libjasper/jp2/jp2_dec.c =================================================================== --- jasper-1.900.14.orig/src/libjasper/jp2/jp2_dec.c +++ jasper-1.900.14/src/libjasper/jp2/jp2_dec.c @@ -430,7 +430,12 @@ jas_image_t *jp2_decode(jas_stream_t *in } } else { for (i = 0; i < dec->numchans; ++i) { - jas_image_setcmpttype(dec->image, dec->chantocmptlut[i], + unsigned compno = dec->chantocmptlut[i]; + if (compno >= jas_image_numcmpts(dec->image)) { + jas_eprintf( "error: invalid component reference (%d)\n", compno); + goto error; + } + jas_image_setcmpttype(dec->image, compno, jp2_getct(jas_image_clrspc(dec->image), 0, i + 1)); } }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor