Resolves: #1314473 - CVE-2016-2116 - memory leak in jas_iccprof_createfrombuf causing memory consumption

2016-08-12 07:33:04 +02:00 · 2016-08-12 07:33:04 +02:00 · 18db5b8792
commit 18db5b8792
parent 08fef99cd7
2 changed files with 16 additions and 0 deletions
--- a/jasper-CVE-2016-2116.patch
+++ b/jasper-CVE-2016-2116.patch
@ -0,0 +1,12 @@
 diff -urNp jasper-1.900.1.orig/src/libjasper/base/jas_icc.c jasper-1.900.1.new/src/libjasper/base/jas_icc.c
 --- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c	2016-08-12 07:22:38.792914598 +0200
 +++ jasper-1.900.1.new/src/libjasper/base/jas_icc.c	2016-08-12 07:26:50.389129799 +0200
@@ -1692,6 +1692,8 @@ jas_iccprof_t *jas_iccprof_createfrombuf
 	jas_stream_close(in);
 	return prof;
 error:
 +	if (in)
 +		jas_stream_close(in);
 	return 0;
 }
--- a/jasper.spec
+++ b/jasper.spec
@ -41,6 +41,7 @@ Patch14: jasper-CVE-2015-5203.patch
 Patch15: jasper-CVE-2015-5221.patch
 Patch16: jasper-CVE-2016-1867.patch
 Patch17: jasper-CVE-2016-1577.patch
 Patch18: jasper-CVE-2016-2116.patch
 # Issues found by static analysis of code
 Patch110: jasper-1.900.1-Coverity-BAD_SIZEOF.patch
@ -112,6 +113,7 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 %patch15 -p1 -b .CVE-2015-5221
 %patch16 -p1 -b .CVE-2016-1867
 %patch17 -p1 -b .CVE-2016-1577
 %patch18 -p1 -b .CVE-2016-2116
 %patch110 -p1 -b .BAD_SIZEOF
 %patch111 -p1 -b .CHECKED_RETURN
@ -194,6 +196,8 @@ make check
 - CVE-2015-5221 - Use-after-free and double-free flaws (#1255714)
 - CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function (#1298138)
 - CVE-2016-1577 - double free vulnerability in jas_iccattrval_destroy (#1314468)
 - CVE-2016-2116 - memory leak in jas_iccprof_createfrombuf causing 
 		  memory consumption (#1314473)
 * Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.900.1-32
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild