Upstream patch for CVE-2012-3535.
--- libopenjpeg/j2k.c 2012-10-02 13:20:29.000000000 +0000
+++ libopenjpeg/j2k.c.oden 2012-10-02 13:20:43.000000000 +0000
@@ -720,6 +720,13 @@ static void j2k_read_cox(opj_j2k_t *j2k,
j2k->state |= J2K_STATE_ERR;
}
+ if( tccp->numresolutions > J2K_MAXRLVLS ) {
+ opj_event_msg(j2k->cinfo, EVT_ERROR, "Error decoding component %d.\nThe number of resolutions is too big: %d vs max= %d. Truncating.\n\n",
+ compno, tccp->numresolutions, J2K_MAXRLVLS);
+ j2k->state |= J2K_STATE_ERR;
+ tccp->numresolutions = J2K_MAXRLVLS;
+ }
+
tccp->cblkw = cio_read(cio, 1) + 2; /* SPcox (E) */
tccp->cblkh = cio_read(cio, 1) + 2; /* SPcox (F) */
tccp->cblksty = cio_read(cio, 1); /* SPcox (G) */
distrib
>
Mandriva
>
2011.0
>
i586
>
media
>
main-updates-src
>
by-pkgid
>
1bc3ea135010c7204f26a5e3d9d3a280
>
files
>
3
