Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Staging:F
jasper
jasper-CVE-2018-19541.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File jasper-CVE-2018-19541.patch of Package jasper
Index: jasper-1.900.14/src/libjasper/jp2/jp2_cod.c =================================================================== --- jasper-1.900.14.orig/src/libjasper/jp2/jp2_cod.c +++ jasper-1.900.14/src/libjasper/jp2/jp2_cod.c @@ -856,6 +856,11 @@ static int jp2_pclr_getdata(jp2_box_t *b jp2_getuint8(in, &pclr->numchans)) { return -1; } + + // verify in range data as per I.5.3.4 - Palette box + if (pclr->numchans < 1 || pclr->numlutents < 1 || pclr->numlutents > 1024) + return -1; + lutsize = pclr->numlutents * pclr->numchans; if (!(pclr->lutdata = jas_alloc2(lutsize, sizeof(int_fast32_t)))) { return -1;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor