From 980da43d8d388a67cac505e734423b2a5aa4cede Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Mon, 19 Sep 2016 10:03:36 +0100
Subject: [PATCH] CVE-2016-1867
---
src/libjasper/jpc/jpc_t2cod.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libjasper/jpc/jpc_t2cod.c b/src/libjasper/jpc/jpc_t2cod.c
index e734900..b80d332 100644
--- a/src/libjasper/jpc/jpc_t2cod.c
+++ b/src/libjasper/jpc/jpc_t2cod.c
@@ -429,7 +429,7 @@ static int jpc_pi_nextcprl(register jpc_pi_t *pi)
}
for (pi->compno = pchg->compnostart, pi->picomp =
- &pi->picomps[pi->compno]; pi->compno < JAS_CAST(int, pchg->compnoend); ++pi->compno,
+ &pi->picomps[pi->compno]; pi->compno < JAS_CAST(int, pchg->compnoend) && pi->compno < pi->numcomps; ++pi->compno,
++pi->picomp) {
pirlvl = pi->picomp->pirlvls;
pi->xstep = pi->picomp->hsamp * (1 << (pirlvl->prcwidthexpn +