|
 |
3dc527 |
From 89a5367d49b2556a2635dbb6d48d6a6b182a2c6c Mon Sep 17 00:00:00 2001
|
|
|
3dc527 |
From: Albert Astals Cid <aacid@kde.org>
|
|
|
3dc527 |
Date: Thu, 23 May 2019 00:54:29 +0200
|
|
|
3dc527 |
Subject: [PATCH] JPEG2000Stream: fail gracefully if not all components have
|
|
|
3dc527 |
the same WxH
|
|
|
3dc527 |
|
|
|
3dc527 |
I think this is just a mistake, or at least the only file we have with
|
|
|
3dc527 |
this scenario is a fuzzed one
|
|
|
3dc527 |
---
|
|
|
3dc527 |
poppler/JPEG2000Stream.cc | 8 +++++++-
|
|
|
3dc527 |
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
3dc527 |
|
|
|
3dc527 |
diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
|
|
|
3dc527 |
index 15bbcae4..0eea3a2d 100644
|
|
|
3dc527 |
--- a/poppler/JPEG2000Stream.cc
|
|
|
3dc527 |
+++ b/poppler/JPEG2000Stream.cc
|
|
|
3dc527 |
@@ -4,7 +4,7 @@
|
|
|
3dc527 |
//
|
|
|
3dc527 |
// A JPX stream decoder using OpenJPEG
|
|
|
3dc527 |
//
|
|
|
3dc527 |
-// Copyright 2008-2010, 2012 Albert Astals Cid <aacid@kde.org>
|
|
|
3dc527 |
+// Copyright 2008-2010, 2012, 2019 Albert Astals Cid <aacid@kde.org>
|
|
|
3dc527 |
// Copyright 2011 Daniel Glöckner <daniel-gl@gmx.net>
|
|
|
3dc527 |
// Copyright 2013 Adrian Johnson <ajohnson@redneon.com>
|
|
|
3dc527 |
//
|
|
|
3dc527 |
@@ -253,6 +253,12 @@ void JPXStream::init()
|
|
|
3dc527 |
close();
|
|
|
3dc527 |
break;
|
|
|
3dc527 |
}
|
|
|
3dc527 |
+ const int componentPixels = image->comps[component].w * image->comps[component].h;
|
|
|
3dc527 |
+ if (componentPixels != npixels) {
|
|
|
3dc527 |
+ error(errSyntaxWarning, -1, "Component {0:d} has different WxH than component 0", component);
|
|
|
3dc527 |
+ close();
|
|
|
3dc527 |
+ break;
|
|
|
3dc527 |
+ }
|
|
|
3dc527 |
unsigned char *cdata = (unsigned char *)image->comps[component].data;
|
|
|
3dc527 |
int adjust = 0;
|
|
|
3dc527 |
if (image->comps[component].prec > 8)
|
|
|
3dc527 |
--
|
|
|
3dc527 |
2.21.0
|
|
|
3dc527 |
|