ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-11-14 19:05:10 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix/gnu/packages/patches/openjpeg-CVE-2017-12982.patch
Efraim Flashner f00e328fd3
gnu: openjpeg: Fix CVE-2017-12982. 
* gnu/packages/image.scm (openjepg)[source]: Add patch.
* gnu/packages/patches/openjpeg-CVE-2017-12982.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2017-08-23 21:07:07 +03:00

28 lines
1 KiB
Diff
Raw Blame History

http://openwall.com/lists/oss-security/2017/08/21/1
https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch
From baf0c1ad4572daa89caa3b12985bdd93530f0dd7 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Mon, 14 Aug 2017 17:26:58 +0200
Subject: [PATCH] bmp_read_info_header(): reject bmp files with biBitCount == 0
(#983)
---
src/bin/jp2/convertbmp.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
index b49e7a080..2715fdf24 100644
--- a/src/bin/jp2/convertbmp.c
+++ b/src/bin/jp2/convertbmp.c
@@ -392,6 +392,10 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header)
header->biBitCount = (OPJ_UINT16)getc(IN);
header->biBitCount |= (OPJ_UINT16)((OPJ_UINT32)getc(IN) << 8);
+ if (header->biBitCount == 0) {
+ fprintf(stderr, "Error, invalid biBitCount %d\n", 0);
+ return OPJ_FALSE;
+ }
if (header->biSize >= 40U) {
header->biCompression = (OPJ_UINT32)getc(IN);
Reference in a new issue View git blame Copy permalink