Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-15-SP2:Update
jasper.33539
jasper-CVE-2021-3467.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File jasper-CVE-2021-3467.patch of Package jasper.33539
Index: jasper-2.0.14/src/libjasper/jp2/jp2_dec.c =================================================================== --- jasper-2.0.14.orig/src/libjasper/jp2/jp2_dec.c +++ jasper-2.0.14/src/libjasper/jp2/jp2_dec.c @@ -412,13 +412,21 @@ jas_image_t *jp2_decode(jas_stream_t *in /* Determine the type of each component. */ if (dec->cdef) { for (i = 0; i < dec->cdef->data.cdef.numchans; ++i) { + uint_fast16_t channo = dec->cdef->data.cdef.ents[i].channo; /* Is the channel number reasonable? */ - if (dec->cdef->data.cdef.ents[i].channo >= dec->numchans) { - jas_eprintf("error: invalid channel number in CDEF box\n"); + if (channo >= dec->numchans) { + jas_eprintf("error: invalid channel number in CDEF box (%d)\n", + channo); goto error; } - jas_image_setcmpttype(dec->image, - dec->chantocmptlut[dec->cdef->data.cdef.ents[i].channo], + unsigned compno = dec->chantocmptlut[channo]; + if (compno >= jas_image_numcmpts(dec->image)) { + jas_eprintf( + "error: invalid component reference in CDEF box (%d)\n", + compno); + goto error; + } + jas_image_setcmpttype(dec->image, compno, jp2_getct(jas_image_clrspc(dec->image), dec->cdef->data.cdef.ents[i].type, dec->cdef->data.cdef.ents[i].assoc));
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
