Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
openjpeg2
openjpeg2-CVE-2018-16375.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openjpeg2-CVE-2018-16375.patch of Package openjpeg2
Index: openjpeg-2.3.0/src/bin/jpwl/convert.c =================================================================== --- openjpeg-2.3.0.orig/src/bin/jpwl/convert.c +++ openjpeg-2.3.0/src/bin/jpwl/convert.c @@ -41,6 +41,7 @@ #include <stdlib.h> #include <string.h> #include <ctype.h> +#include <limits.h> #ifdef OPJ_HAVE_LIBTIFF #include <tiffio.h> @@ -1860,6 +1861,15 @@ opj_image_t* pnmtoimage(const char *file fclose(fp); return NULL; } + + /* This limitation could be removed by making sure to use size_t below */ + if (header_info.height != 0 && + header_info.width > INT_MAX / header_info.height) { + fprintf(stderr, "pnmtoimage:Image %dx%d too big!\n", + header_info.width, header_info.height); + fclose(fp); + return NULL; + } format = header_info.format;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor