aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-27842.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-27842.patch')
-rw-r--r--meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-27842.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-27842.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-27842.patch
new file mode 100644
index 0000000000..6984aa8602
--- /dev/null
+++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-27842.patch
@@ -0,0 +1,31 @@
+From fbd30b064f8f9607d500437b6fedc41431fd6cdc Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Tue, 1 Dec 2020 19:51:35 +0100
+Subject: [PATCH] opj_t2_encode_packet(): avoid out of bound access of #1294,
+ but likely not the proper fix
+
+Upstream-Status: Backport [https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/openjpeg2/2.3.1-1ubuntu4.20.04.1/openjpeg2_2.3.1-1ubuntu4.20.04.1.debian.tar.xz]
+CVE: CVE-2020-27842
+Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
+---
+ src/lib/openjp2/t2.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+--- a/src/lib/openjp2/t2.c
++++ b/src/lib/openjp2/t2.c
+@@ -711,6 +711,15 @@ static OPJ_BOOL opj_t2_encode_packet(OPJ
+ continue;
+ }
+
++ /* Avoid out of bounds access of https://github.com/uclouvain/openjpeg/issues/1294 */
++ /* but likely not a proper fix. */
++ if (precno >= res->pw * res->ph) {
++ opj_event_msg(p_manager, EVT_ERROR,
++ "opj_t2_encode_packet(): accessing precno=%u >= %u\n",
++ precno, res->pw * res->ph);
++ return OPJ_FALSE;
++ }
++
+ prc = &band->precincts[precno];
+ opj_tgt_reset(prc->incltree);
+ opj_tgt_reset(prc->imsbtree);
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-16 17:52:48 +0000