rpms / openjpeg2

Clone
Source Code
GIT

Blame SOURCES/openjpeg2-CVE-2021-3575.patch

c7 c7-beta c8 c8-beta c8-containeronly-stream-flatpak c8s c9 c9-beta c9-containeronly-stream-flatpak
  1.   1c887f1a68e2138393ed88c2b68b0e2b6ae9a3e6
  2.   SOURCES
  3.   openjpeg2-CVE-2021-3575.patch
Blob History Raw
1c887f 
From 409907d89878222cf9dea80f0add8f73e9383834 Mon Sep 17 00:00:00 2001
1c887f 
From: Mehdi Sabwat <mehdisabwat@gmail.com>
1c887f 
Date: Fri, 7 May 2021 01:50:37 +0200
1c887f 
Subject: [PATCH] fix heap buffer overflow #1347
1c887f
1c887f 
---
1c887f 
 src/bin/common/color.c | 9 ++++++---
1c887f 
 1 file changed, 6 insertions(+), 3 deletions(-)
1c887f
1c887f 
diff --git a/src/bin/common/color.c b/src/bin/common/color.c
1c887f 
index 27f15f1..935fa44 100644
1c887f 
--- a/src/bin/common/color.c
1c887f 
+++ b/src/bin/common/color.c
1c887f 
@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *img)
1c887f
1c887f 
             sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
1c887f
1c887f 
-            ++y;
1c887f 
+            if (*y != img->comps[0].data[loopmaxh])
1c887f 
+                ++y;
1c887f 
             ++r;
1c887f 
             ++g;
1c887f 
             ++b;
1c887f 
-            ++cb;
1c887f 
-            ++cr;
1c887f 
+            if (*cb != img->comps[1].data[loopmaxh])
1c887f 
+                ++cb;
1c887f 
+            if (*cr != img->comps[2].data[loopmaxh])
1c887f 
+                ++cr;
1c887f 
         }
1c887f 
         if (j < maxw) {
1c887f 
             sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
1c887f 
--
1c887f 
2.31.1
1c887f

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation