diff options
author | Daniel Sabogal <dsabogalcc@gmail.com> | 2016-09-15 12:53:23 -0400 |
---|---|---|
committer | Jakub Jirutka <jakub@jirutka.cz> | 2016-09-21 01:21:20 +0200 |
commit | cc30e48f2395b7893ffd566af92c1354494a1060 (patch) | |
tree | 6d20d0ccf349c8325d6739ae0df07b26afbdb417 /main/openjpeg/CVE-2016-7163-2.patch | |
parent | f4a083bd7a02c3fce05d1732453469acdb1c0e62 (diff) | |
download | aports-cc30e48f2395b7893ffd566af92c1354494a1060.tar.bz2 aports-cc30e48f2395b7893ffd566af92c1354494a1060.tar.xz |
main/openjpeg: security fix (CVE-2016-7163)
Diffstat (limited to 'main/openjpeg/CVE-2016-7163-2.patch')
-rw-r--r-- | main/openjpeg/CVE-2016-7163-2.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/main/openjpeg/CVE-2016-7163-2.patch b/main/openjpeg/CVE-2016-7163-2.patch new file mode 100644 index 0000000000..71af3d7561 --- /dev/null +++ b/main/openjpeg/CVE-2016-7163-2.patch @@ -0,0 +1,26 @@ +From ef01f18dfc6780b776d0674ed3e7415c6ef54d24 Mon Sep 17 00:00:00 2001 +From: Matthieu Darbois <mayeut@users.noreply.github.com> +Date: Thu, 8 Sep 2016 07:34:46 +0200 +Subject: [PATCH] Cast to size_t before multiplication + +Need to cast to size_t before multiplication otherwise overflow check is useless. +--- + src/lib/openjp2/pi.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/openjp2/pi.c b/src/lib/openjp2/pi.c +index 36e2ff0..809b33d 100644 +--- a/src/lib/openjp2/pi.c ++++ b/src/lib/openjp2/pi.c +@@ -1241,7 +1241,7 @@ opj_pi_iterator_t *opj_pi_create_decode(opj_image_t *p_image, + l_current_pi->include = 00; + if (l_step_l <= (SIZE_MAX / (l_tcp->numlayers + 1U))) + { +- l_current_pi->include = (OPJ_INT16*) opj_calloc((l_tcp->numlayers +1) * l_step_l, sizeof(OPJ_INT16)); ++ l_current_pi->include = (OPJ_INT16*) opj_calloc((size_t)(l_tcp->numlayers + 1U) * l_step_l, sizeof(OPJ_INT16)); + } + + if +-- +2.10.0 + |