rpms / jasper

Clone
Source Code
GIT

Blame SOURCES/jasper-CVE-2016-8690-CVE-2016-8884-CVE-2016-8885.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   3acafb6a37350c03d9ffc3b5171c2bb651b1f7ce
  2.   SOURCES
  3.   jasper-CVE-2016-8690-CVE-2016-8884-CVE-2016-8885.patch
Blob History Raw
94b862 
Backport form the upstream commit:
94b862
94b862 
From 5d66894d2313e3f3469f19066e149e08ff076698 Mon Sep 17 00:00:00 2001
94b862 
From: Michael Adams <mdadams@ece.uvic.ca>
94b862 
Date: Wed, 19 Oct 2016 20:13:06 -0700
94b862 
Subject: [PATCH] Fixed a problem with a null pointer dereference in the BMP
94b862 
 decoder.
94b862
94b862 
diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c
94b862 
--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c	2017-03-23 22:50:09.000000000 +0100
94b862 
+++ jasper-1.900.1/src/libjasper/base/jas_seq.c	2017-03-23 23:01:30.000000000 +0100
94b862 
@@ -102,6 +102,10 @@ jas_matrix_t *jas_matrix_create(int numr
94b862 
 	jas_matrix_t *matrix;
94b862 
 	int i;
94b862
94b862 
+	if (numrows < 0 || numcols < 0) {
94b862 
+		return 0;
94b862 
+	}
94b862 
+
94b862 
 	if (!(matrix = jas_malloc(sizeof(jas_matrix_t)))) {
94b862 
 		return 0;
94b862 
 	}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation