f8a0a1
From 89a5367d49b2556a2635dbb6d48d6a6b182a2c6c Mon Sep 17 00:00:00 2001
f8a0a1
From: Albert Astals Cid <aacid@kde.org>
f8a0a1
Date: Thu, 23 May 2019 00:54:29 +0200
f8a0a1
Subject: [PATCH] JPEG2000Stream: fail gracefully if not all components have
f8a0a1
 the same WxH
f8a0a1
f8a0a1
I think this is just a mistake, or at least the only file we have with
f8a0a1
this scenario is a fuzzed one
f8a0a1
---
f8a0a1
 poppler/JPEG2000Stream.cc | 8 +++++++-
f8a0a1
 1 file changed, 7 insertions(+), 1 deletion(-)
f8a0a1
f8a0a1
diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
f8a0a1
index 15bbcae4..0eea3a2d 100644
f8a0a1
--- a/poppler/JPEG2000Stream.cc
f8a0a1
+++ b/poppler/JPEG2000Stream.cc
f8a0a1
@@ -4,7 +4,7 @@
f8a0a1
 //
f8a0a1
 // A JPX stream decoder using OpenJPEG
f8a0a1
 //
f8a0a1
-// Copyright 2008-2010, 2012, 2017, 2018 Albert Astals Cid <aacid@kde.org>
f8a0a1
+// Copyright 2008-2010, 2012, 2017-2019 Albert Astals Cid <aacid@kde.org>
f8a0a1
 // Copyright 2011 Daniel Glöckner <daniel-gl@gmx.net>
f8a0a1
 // Copyright 2014, 2016 Thomas Freitag <Thomas.Freitag@alfa.de>
f8a0a1
 // Copyright 2013, 2014 Adrian Johnson <ajohnson@redneon.com>
f8a0a1
@@ -253,6 +253,12 @@ void JPXStream::init()
f8a0a1
         close();
f8a0a1
         break;
f8a0a1
       }
f8a0a1
+      const int componentPixels = priv->image->comps[component].w * priv->image->comps[component].h;
f8a0a1
+      if (componentPixels != priv->npixels) {
f8a0a1
+        error(errSyntaxWarning, -1, "Component {0:d} has different WxH than component 0", component);
f8a0a1
+        close();
f8a0a1
+        break;
f8a0a1
+      }
f8a0a1
       unsigned char *cdata = (unsigned char *)priv->image->comps[component].data;
f8a0a1
       int adjust = 0;
f8a0a1
       int depth = priv->image->comps[component].prec;
f8a0a1
-- 
f8a0a1
2.21.0
f8a0a1