diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-03-11 15:10:06 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-03-11 15:10:06 +0000 |
| commit | 244e4d797e740c7fedf8e3e9df9d9d85859b11b4 (patch) | |
| tree | ba40e63c7766138eaa7a69732a1e53f0245ce86d /main/jasper/CVE-2016-2089.patch | |
| parent | ef66a83f94e9a7f83c00f3487a85387c576a8d52 (diff) | |
| download | aports-244e4d797e740c7fedf8e3e9df9d9d85859b11b4.tar.bz2 aports-244e4d797e740c7fedf8e3e9df9d9d85859b11b4.tar.xz | |
Diffstat (limited to 'main/jasper/CVE-2016-2089.patch')
| -rw-r--r-- | main/jasper/CVE-2016-2089.patch | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/main/jasper/CVE-2016-2089.patch b/main/jasper/CVE-2016-2089.patch new file mode 100644 index 0000000000..f978958330 --- /dev/null +++ b/main/jasper/CVE-2016-2089.patch @@ -0,0 +1,83 @@ +diff -pru jasper-1.900.1.orig/src/libjasper/base/jas_image.c jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_image.c 2016-02-01 14:53:56.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2016-02-01 21:49:58.746006339 +0100 +@@ -433,6 +433,10 @@ int jas_image_readcmpt(jas_image_t *imag + return -1; + } + ++ if (!data->rows_) { ++ return -1; ++ } ++ + if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != width) { + if (jas_matrix_resize(data, height, width)) { + return -1; +@@ -486,6 +490,10 @@ int jas_image_writecmpt(jas_image_t *ima + return -1; + } + ++ if (!data->rows_) { ++ return -1; ++ } ++ + if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != width) { + return -1; + } +diff -pru jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c 2016-02-01 14:53:56.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2016-02-01 21:53:45.149193159 +0100 +@@ -266,6 +266,10 @@ void jas_matrix_divpow2(jas_matrix_t *ma + int rowstep; + jas_seqent_t *data; + ++ if (!matrix->rows_) { ++ return; ++ } ++ + rowstep = jas_matrix_rowstep(matrix); + for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i, + rowstart += rowstep) { +@@ -286,6 +290,10 @@ void jas_matrix_clip(jas_matrix_t *matri + jas_seqent_t *data; + int rowstep; + ++ if (!matrix->rows_) { ++ return; ++ } ++ + rowstep = jas_matrix_rowstep(matrix); + for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i, + rowstart += rowstep) { +@@ -310,6 +318,10 @@ void jas_matrix_asr(jas_matrix_t *matrix + int rowstep; + jas_seqent_t *data; + ++ if (!matrix->rows_) { ++ return; ++ } ++ + assert(n >= 0); + rowstep = jas_matrix_rowstep(matrix); + for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i, +@@ -329,6 +341,10 @@ void jas_matrix_asl(jas_matrix_t *matrix + int rowstep; + jas_seqent_t *data; + ++ if (!matrix->rows_) { ++ return; ++ } ++ + rowstep = jas_matrix_rowstep(matrix); + for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i, + rowstart += rowstep) { +@@ -371,6 +387,10 @@ void jas_matrix_setall(jas_matrix_t *mat + int rowstep; + jas_seqent_t *data; + ++ if (!matrix->rows_) { ++ return; ++ } ++ + rowstep = jas_matrix_rowstep(matrix); + for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i, + rowstart += rowstep) { |