From 59361ebf6190923a3db310275c243d5051477c22 Mon Sep 17 00:00:00 2001
From: Marek Kasik <mkasik@redhat.com>
Date: Thu, 30 May 2019 15:19:02 +0200
Subject: [PATCH] Different components size of JPEG2000Stream fix

Resolves: #1713585
---
 poppler-0.73.0-jpeg2000-component-size.patch | 41 ++++++++++++++++++++
 poppler.spec                                 | 10 ++++-
 2 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 poppler-0.73.0-jpeg2000-component-size.patch

diff --git a/poppler-0.73.0-jpeg2000-component-size.patch b/poppler-0.73.0-jpeg2000-component-size.patch
new file mode 100644
index 0000000..2ad86a8
--- /dev/null
+++ b/poppler-0.73.0-jpeg2000-component-size.patch
@@ -0,0 +1,41 @@
+From 89a5367d49b2556a2635dbb6d48d6a6b182a2c6c Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Thu, 23 May 2019 00:54:29 +0200
+Subject: [PATCH] JPEG2000Stream: fail gracefully if not all components have
+ the same WxH
+
+I think this is just a mistake, or at least the only file we have with
+this scenario is a fuzzed one
+---
+ poppler/JPEG2000Stream.cc | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/poppler/JPEG2000Stream.cc b/poppler/JPEG2000Stream.cc
+index 15bbcae4..0eea3a2d 100644
+--- a/poppler/JPEG2000Stream.cc
++++ b/poppler/JPEG2000Stream.cc
+@@ -4,7 +4,7 @@
+ //
+ // A JPX stream decoder using OpenJPEG
+ //
+-// Copyright 2008-2010, 2012, 2017, 2018 Albert Astals Cid <aacid@kde.org>
++// Copyright 2008-2010, 2012, 2017-2019 Albert Astals Cid <aacid@kde.org>
+ // Copyright 2011 Daniel Glöckner <daniel-gl@gmx.net>
+ // Copyright 2014, 2016 Thomas Freitag <Thomas.Freitag@alfa.de>
+ // Copyright 2013, 2014 Adrian Johnson <ajohnson@redneon.com>
+@@ -253,6 +253,12 @@ void JPXStream::init()
+         close();
+         break;
+       }
++      const int componentPixels = priv->image->comps[component].w * priv->image->comps[component].h;
++      if (componentPixels != priv->npixels) {
++        error(errSyntaxWarning, -1, "Component {0:d} has different WxH than component 0", component);
++        close();
++        break;
++      }
+       unsigned char *cdata = (unsigned char *)priv->image->comps[component].data;
+       int adjust = 0;
+       int depth = priv->image->comps[component].prec;
+-- 
+2.21.0
+
diff --git a/poppler.spec b/poppler.spec
index eddd6f5..b0740ed 100644
--- a/poppler.spec
+++ b/poppler.spec
@@ -4,7 +4,7 @@
 Summary: PDF rendering library
 Name:    poppler
 Version: 0.73.0
-Release: 9%{?dist}
+Release: 10%{?dist}
 License: (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
 URL:     http://poppler.freedesktop.org/
 Source0: http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@@ -41,6 +41,9 @@ Patch13: poppler-0.73.0-rescale-filter.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1699862
 Patch14: poppler-0.73.0-scan-fonts.patch
 
+# https://bugzilla.redhat.com/show_bug.cgi?id=1713582
+Patch15: poppler-0.73.0-jpeg2000-component-size.patch
+
 BuildRequires: cmake
 BuildRequires: gcc-c++
 BuildRequires: gettext-devel
@@ -271,6 +274,11 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
 %{_mandir}/man1/*
 
 %changelog
+* Wed May 29 2019 Marek Kasik <mkasik@redhat.com> - 0.73.0-10
+- Fail gracefully if not all components of JPEG2000Stream
+- have the same size
+- Resolves: #1713585
+
 * Wed Apr 17 2019 Marek Kasik <mkasik@redhat.com> - 0.73.0-9
 - Fix infinite loop in broken files
 - Resolves: #1699863