0010-fix-CVE-2016-1867.patch 883 Bytes
edit raw blame history



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16


From: http://pkgs.fedoraproject.org/cgit/rpms/jasper.git/plain/jasper-CVE-2016-1867.patch

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

diff -urNp jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2cod.c jasper-1.900.1.new/src/libjasper/jpc/jpc_t2cod.c
--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2cod.c	2016-08-11 14:34:31.795661973 +0200
+++ jasper-1.900.1.new/src/libjasper/jpc/jpc_t2cod.c	2016-08-12 07:02:40.044860209 +0200
@@ -429,7 +429,7 @@ static int jpc_pi_nextcprl(register jpc_
 	}
 
 	for (pi->compno = pchg->compnostart, pi->picomp =
-	  &pi->picomps[pi->compno]; pi->compno < JAS_CAST(int, pchg->compnoend); ++pi->compno,
+	  &pi->picomps[pi->compno]; pi->compno < JAS_CAST(int, pchg->compnoend) && pi->compno < pi->numcomps; ++pi->compno,
 	  ++pi->picomp) {
 		pirlvl = pi->picomp->pirlvls;
 		pi->xstep = pi->picomp->hsamp * (1 << (pirlvl->prcwidthexpn +