From 6732bf4d9b89c03557099a36e6a4a37a905182de Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Fri, 19 Mar 2021 14:46:08 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/jasper.git#7ea8e1cbc4ffc32d779e74d194ab8194e76e9616
---
 jasper-CVE-2021-3443.patch | 29 +++++++++++++++++++++++++++++
 jasper.spec                |  7 ++++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 jasper-CVE-2021-3443.patch

diff --git a/jasper-CVE-2021-3443.patch b/jasper-CVE-2021-3443.patch
new file mode 100644
index 0000000..cae6bc6
--- /dev/null
+++ b/jasper-CVE-2021-3443.patch
@@ -0,0 +1,29 @@
+From f94e7499a8b1471a4905c4f9c9e12e60fe88264b Mon Sep 17 00:00:00 2001
+From: Michael Adams <mdadams@ece.uvic.ca>
+Date: Sat, 13 Mar 2021 20:04:58 -0800
+Subject: [PATCH] Fixes #269. Added a check for an invalid component reference
+ in the JP2 decoder.
+
+---
+ src/libjasper/jp2/jp2_dec.c |   8 +++++++-
+ 1 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c
+index 2863d82..fe2e29d 100644
+--- a/src/libjasper/jp2/jp2_dec.c
++++ b/src/libjasper/jp2/jp2_dec.c
+@@ -451,7 +451,13 @@ jas_image_t *jp2_decode(jas_stream_t *in, const char *optstr)
+ 		}
+ 	} else {
+ 		for (i = 0; i < dec->numchans; ++i) {
+-			jas_image_setcmpttype(dec->image, dec->chantocmptlut[i],
++			unsigned compno = dec->chantocmptlut[i];
++			if (compno >= jas_image_numcmpts(dec->image)) {
++				jas_eprintf(
++				  "error: invalid component reference (%d)\n", compno);
++				goto error;
++			}
++			jas_image_setcmpttype(dec->image, compno,
+ 			  jp2_getct(jas_image_clrspc(dec->image), 0, i + 1));
+ 		}
+ 	}
diff --git a/jasper.spec b/jasper.spec
index 74fe5fa..173ad50 100644
--- a/jasper.spec
+++ b/jasper.spec
@@ -6,7 +6,7 @@
 Summary: Implementation of the JPEG-2000 standard, Part 1
 Name:    jasper
 Version: 2.0.26
-Release: 1%{?dist}
+Release: 2%{?dist}
 
 License: JasPer
 URL:     http://www.ece.uvic.ca/~frodo/jasper/
@@ -15,6 +15,7 @@ Source0: https://github.com/jasper-software/jasper/archive/version-%{version}.ta
 # skip hard-coded prefix/lib rpath
 Patch2: jasper-2.0.14-rpath.patch
 Patch3: jasper-freeglut.patch
+Patch4: jasper-CVE-2021-3443.patch
 
 # architecture related patches
 Patch100: jasper-2.0.2-test-ppc64-disable.patch
@@ -68,6 +69,7 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 # Need to disable one test to be able to build it on ppc64 arch
 # At ppc64 this test just stuck (nothing happend - no exception or error)
 %patch3 -p1 -b .freeglut
+%patch4 -p1 -b .CVE-2021-3443
 
 %if "%{_arch}" == "ppc64"
 %patch100 -p1 -b .test-ppc64-disable
@@ -128,6 +130,9 @@ make test -C builder
 
 
 %changelog
+* Tue Mar 16 2021 Josef Ridky <jridky@redhat.com> - 2.0.26-2
+- Fix CVE-2021-3443 (#1939233)
+
 * Wed Mar 10 2021 Josef Ridky <jridky@redhat.com> - 2.0.26-1
 - New upstream release 2.0.26 (#1935900)