mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-28 07:12:30 -05:00
90bcecc568
* gnu/packages/patches/jasper-CVE-2007-2721.patch, gnu/packages/patches/jasper-CVE-2008-3520.patch, gnu/packages/patches/jasper-CVE-2011-4516-and-CVE-2011-4517.patch, gnu/packages/patches/jasper-CVE-2014-8137.patch, gnu/packages/patches/jasper-CVE-2014-8138.patch, gnu/packages/patches/jasper-CVE-2014-8157.patch, gnu/packages/patches/jasper-CVE-2014-8158.patch, gnu/packages/patches/jasper-CVE-2014-9029.patch, gnu/packages/patches/jasper-CVE-2016-1867.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (jasper)[source]: Add patches.
19 lines
804 B
Diff
19 lines
804 B
Diff
Fix CVE-2014-8157 (dec->numtiles off-by-one check in jpc_dec_process_sot()).
|
|
|
|
Copied from Fedora.
|
|
|
|
http://pkgs.fedoraproject.org/cgit/rpms/jasper.git/tree/jasper-CVE-2014-8157.patch
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1179282
|
|
|
|
diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 jasper-1.900.1/src/libjasper/jpc/jpc_dec.c
|
|
--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 2015-01-19 16:59:36.000000000 +0100
|
|
+++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2015-01-19 17:07:41.609863268 +0100
|
|
@@ -489,7 +489,7 @@ static int jpc_dec_process_sot(jpc_dec_t
|
|
dec->curtileendoff = 0;
|
|
}
|
|
|
|
- if (JAS_CAST(int, sot->tileno) > dec->numtiles) {
|
|
+ if (JAS_CAST(int, sot->tileno) >= dec->numtiles) {
|
|
jas_eprintf("invalid tile number in SOT marker segment\n");
|
|
return -1;
|
|
}
|