Backport form the upstream commit:

From 5d66894d2313e3f3469f19066e149e08ff076698 Mon Sep 17 00:00:00 2001
From: Michael Adams <mdadams@ece.uvic.ca>
Date: Wed, 19 Oct 2016 20:13:06 -0700
Subject: [PATCH] Fixed a problem with a null pointer dereference in the BMP
 decoder.

diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c
--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c	2017-03-23 22:50:09.000000000 +0100
+++ jasper-1.900.1/src/libjasper/base/jas_seq.c	2017-03-23 23:01:30.000000000 +0100
@@ -102,6 +102,10 @@ jas_matrix_t *jas_matrix_create(int numr
 	jas_matrix_t *matrix;
 	int i;
 
+	if (numrows < 0 || numcols < 0) {
+		return 0;
+	}
+
 	if (!(matrix = jas_malloc(sizeof(jas_matrix_t)))) {
 		return 0;
 	}