Backport form the upstream commit:
From 5d66894d2313e3f3469f19066e149e08ff076698 Mon Sep 17 00:00:00 2001
From: Michael Adams <mdadams@ece.uvic.ca>
Date: Wed, 19 Oct 2016 20:13:06 -0700
Subject: [PATCH] Fixed a problem with a null pointer dereference in the BMP
decoder.
diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c
--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c 2017-03-23 22:50:09.000000000 +0100
+++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2017-03-23 23:01:30.000000000 +0100
@@ -102,6 +102,10 @@ jas_matrix_t *jas_matrix_create(int numr
jas_matrix_t *matrix;
int i;
+ if (numrows < 0 || numcols < 0) {
+ return 0;
+ }
+
if (!(matrix = jas_malloc(sizeof(jas_matrix_t)))) {
return 0;
}