aboutsummaryrefslogtreecommitdiffstats
path: root/main/openjpeg/CVE-2017-14152.patch
diff options
context:
space:
mode:
authorFrancesco Colista <fcolista@alpinelinux.org>2017-09-21 08:18:29 +0000
committerFrancesco Colista <fcolista@alpinelinux.org>2017-09-21 10:18:46 +0000
commit177eb88fc8668b0fd560c1836cd05bb17c29cad7 (patch)
tree67561258e17ba2931a835814ea12bfa4787e43e0 /main/openjpeg/CVE-2017-14152.patch
parent6113fd53b8d6aa8846f017a77ea8482c9d44469b (diff)
downloadaports-177eb88fc8668b0fd560c1836cd05bb17c29cad7.tar.bz2
aports-177eb88fc8668b0fd560c1836cd05bb17c29cad7.tar.xz
main/openjpeg: security upgrade to 2.2.0 and fixes
- CVE-2017-14040 - CVE-2017-14041 - CVE-2017-14151 - CVE-2017-14152 - CVE-2017-14164 Fixes partially #7829. Not yet fixed CVE-2017-14039 since patch is not available for 2.2.0
Diffstat (limited to 'main/openjpeg/CVE-2017-14152.patch')
-rw-r--r--main/openjpeg/CVE-2017-14152.patch35
1 files changed, 35 insertions, 0 deletions
diff --git a/main/openjpeg/CVE-2017-14152.patch b/main/openjpeg/CVE-2017-14152.patch
new file mode 100644
index 0000000000..d165090a1a
--- /dev/null
+++ b/main/openjpeg/CVE-2017-14152.patch
@@ -0,0 +1,35 @@
+From 4241ae6fbbf1de9658764a80944dc8108f2b4154 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Tue, 15 Aug 2017 11:55:58 +0200
+Subject: [PATCH] Fix assertion in debug mode / heap-based buffer overflow in
+ opj_write_bytes_LE for Cinema profiles with numresolutions = 1 (#985)
+
+---
+ src/lib/openjp2/j2k.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
+index a2521ebbc..54b490a8c 100644
+--- a/src/lib/openjp2/j2k.c
++++ b/src/lib/openjp2/j2k.c
+@@ -6573,10 +6573,16 @@ static void opj_j2k_set_cinema_parameters(opj_cparameters_t *parameters,
+
+ /* Precincts */
+ parameters->csty |= 0x01;
+- parameters->res_spec = parameters->numresolution - 1;
+- for (i = 0; i < parameters->res_spec; i++) {
+- parameters->prcw_init[i] = 256;
+- parameters->prch_init[i] = 256;
++ if (parameters->numresolution == 1) {
++ parameters->res_spec = 1;
++ parameters->prcw_init[0] = 128;
++ parameters->prch_init[0] = 128;
++ } else {
++ parameters->res_spec = parameters->numresolution - 1;
++ for (i = 0; i < parameters->res_spec; i++) {
++ parameters->prcw_init[i] = 256;
++ parameters->prch_init[i] = 256;
++ }
+ }
+
+ /* The progression order shall be CPRL */