jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
void-packages/srcpkgs/jasper/patches/libjasper-stepsizes-overflow.patch
Michael Gehring 4c035183ea jasper: various security fixes (Alpine patches) 
CVE-2008-3520 CVE-2008-3522 CVE-2014-8137 CVE-2014-8138
CVE-2014-8157 CVE-2014-8158 CVE-2014-9029 CVE-2015-5203
CVE-2016-1577 CVE-2016-2089 CVE-2016-2116
2016-05-04 17:46:35 +02:00

14 lines
626 B
Diff
Raw Blame History

--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c 2007-01-19 22:43:07.000000000 +0100
+++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2007-04-06 01:29:02.000000000 +0200
@@ -982,7 +982,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc
compparms->numstepsizes = (len - n) / 2;
break;
}
- if (compparms->numstepsizes > 0) {
+ if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) {
+ jpc_qcx_destroycompparms(compparms);
+ return -1;
+ } else if (compparms->numstepsizes > 0) {
compparms->stepsizes = jas_malloc(compparms->numstepsizes *
sizeof(uint_fast16_t));
assert(compparms->stepsizes);
Reference in a new issue View git blame Copy permalink