jasper/jasper-2.0.14-CVE-2021-26927.patch

48 lines
2.0 KiB
Diff
Raw Normal View History

diff -urNp a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c
--- a/src/libjasper/jp2/jp2_dec.c 2021-06-01 13:32:59.330396797 +0200
+++ b/src/libjasper/jp2/jp2_dec.c 2021-06-01 13:46:16.982925961 +0200
@@ -230,7 +230,8 @@ jas_image_t *jp2_decode(jas_stream_t *in
the value specified in the code stream? */
if (dec->ihdr->data.ihdr.numcmpts != JAS_CAST(jas_uint,
jas_image_numcmpts(dec->image))) {
- jas_eprintf("warning: number of components mismatch\n");
+ jas_eprintf("error: number of components mismatch (IHDR)\n");
+ goto error;
}
/* At least one component must be present. */
@@ -253,7 +254,8 @@ jas_image_t *jp2_decode(jas_stream_t *in
with the data in the code stream? */
if ((samedtype && dec->ihdr->data.ihdr.bpc != JP2_DTYPETOBPC(dtype)) ||
(!samedtype && dec->ihdr->data.ihdr.bpc != JP2_IHDR_BPCNULL)) {
- jas_eprintf("warning: component data type mismatch\n");
+ jas_eprintf("error: component data type mismatch (IHDR)\n");
+ goto error;
}
/* Is the compression type supported? */
@@ -265,9 +267,10 @@ jas_image_t *jp2_decode(jas_stream_t *in
if (dec->bpcc) {
/* Is the number of components indicated in the BPCC box
consistent with the code stream data? */
- if (dec->bpcc->data.bpcc.numcmpts != JAS_CAST(jas_uint, jas_image_numcmpts(
- dec->image))) {
- jas_eprintf("warning: number of components mismatch\n");
+ if (dec->bpcc->data.bpcc.numcmpts !=
+ JAS_CAST(jas_uint, jas_image_numcmpts(dec->image))) {
+ jas_eprintf("error: number of components mismatch (BPCC)\n");
+ goto error;
}
/* Is the component data type information indicated in the BPCC
box consistent with the code stream data? */
@@ -276,7 +279,8 @@ jas_image_t *jp2_decode(jas_stream_t *in
++i) {
if (jas_image_cmptdtype(dec->image, i) !=
JP2_BPCTODTYPE(dec->bpcc->data.bpcc.bpcs[i])) {
- jas_eprintf("warning: component data type mismatch\n");
+ jas_eprintf("error: component data type mismatch (BPCC)\n");
+ goto error;
}
}
} else {