0008-fix-CVE-2016-2116.patch
534 Bytes
Description: Prevent jas_stream_t memory leak in jas_iccprof_createfrombuf()
Author: Tyler Hicks <tyhicks () canonical com>
From: http://seclists.org/oss-sec/2016/q1/att-507/CVE-2016-2116.patch
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
--- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c
+++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c
@@ -1693,6 +1693,8 @@ jas_iccprof_t *jas_iccprof_createfrombuf
jas_stream_close(in);
return prof;
error:
+ if (in)
+ jas_stream_close(in);
return 0;
}