aboutsummaryrefslogtreecommitdiffstats
path: root/main/openjpeg/CVE-2020-15389.patch
blob: f5737a3b245ec9295f511719408076e9e9da9f90 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Sun, 28 Jun 2020 14:19:59 +0200
Subject: [PATCH] opj_decompress: fix double-free on input directory with mix
 of valid and invalid images (CVE-2020-15389)

Fixes #1261

Credits to @Ruia-ruia for reporting and analysis.
---
 src/bin/jp2/opj_decompress.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
index 7eeb0952f..2634907f0 100644
--- a/src/bin/jp2/opj_decompress.c
+++ b/src/bin/jp2/opj_decompress.c
@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original)
 int main(int argc, char **argv)
 {
     opj_decompress_parameters parameters;           /* decompression parameters */
-    opj_image_t* image = NULL;
-    opj_stream_t *l_stream = NULL;              /* Stream */
-    opj_codec_t* l_codec = NULL;                /* Handle to a decompressor */
-    opj_codestream_index_t* cstr_index = NULL;
 
     OPJ_INT32 num_images, imageno;
     img_fol_t img_fol;
@@ -1393,6 +1389,10 @@ int main(int argc, char **argv)
 
     /*Decoding image one by one*/
     for (imageno = 0; imageno < num_images ; imageno++)  {
+        opj_image_t* image = NULL;
+        opj_stream_t *l_stream = NULL;              /* Stream */
+        opj_codec_t* l_codec = NULL;                /* Handle to a decompressor */
+        opj_codestream_index_t* cstr_index = NULL;
 
         if (!parameters.quiet) {
             fprintf(stderr, "\n");