summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CVE-2021-29338.patch147
-rw-r--r--heap-buffer-overflow.patch22
-rw-r--r--openjpeg2-static.spec48
-rw-r--r--openjpeg2_CVE-2020-27814.patch16
-rw-r--r--openjpeg2_CVE-2020-27823.patch26
-rw-r--r--openjpeg2_CVE-2020-27824.patch23
-rw-r--r--openjpeg2_CVE-2020-6851.patch18
-rw-r--r--openjpeg2_CVE-2020-8112.patch30
-rw-r--r--openjpeg2_opj2.patch6
9 files changed, 193 insertions, 143 deletions
diff --git a/CVE-2021-29338.patch b/CVE-2021-29338.patch
new file mode 100644
index 0000000..373f6d6
--- /dev/null
+++ b/CVE-2021-29338.patch
@@ -0,0 +1,147 @@
+diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/opj_compress.c openjpeg-2.4.0-new/src/bin/jp2/opj_compress.c
+--- openjpeg-2.4.0/src/bin/jp2/opj_compress.c 2020-12-28 21:59:39.000000000 +0100
++++ openjpeg-2.4.0-new/src/bin/jp2/opj_compress.c 2021-05-27 23:46:46.916130437 +0200
+@@ -543,8 +543,8 @@ static char * get_file_name(char *name)
+ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+ opj_cparameters_t *parameters)
+ {
+- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
+- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
++ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
++ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
+ char *temp_p, temp1[OPJ_PATH_LEN] = "";
+
+ strcpy(image_filename, dirptr->filename[imageno]);
+@@ -553,7 +553,7 @@ static char get_next_file(int imageno, d
+ if (parameters->decod_format == -1) {
+ return 1;
+ }
+- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
++ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
+ if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
+ infilename) != 0) {
+ return 1;
+@@ -566,7 +566,7 @@ static char get_next_file(int imageno, d
+ sprintf(temp1, ".%s", temp_p);
+ }
+ if (img_fol->set_out_format == 1) {
+- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
++ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+ img_fol->out_format);
+ if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
+ outfilename) != 0) {
+@@ -1910,9 +1910,9 @@ int main(int argc, char **argv)
+ num_images = get_num_images(img_fol.imgdirpath);
+ dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
+ if (dirptr) {
+- dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
++ dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
+ char)); /* Stores at max 10 image file names*/
+- dirptr->filename = (char**) malloc(num_images * sizeof(char*));
++ dirptr->filename = (char**) calloc(num_images, sizeof(char*));
+ if (!dirptr->filename_buf) {
+ ret = 0;
+ goto fin;
+diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/opj_decompress.c openjpeg-2.4.0-new/src/bin/jp2/opj_decompress.c
+--- openjpeg-2.4.0/src/bin/jp2/opj_decompress.c 2020-12-28 21:59:39.000000000 +0100
++++ openjpeg-2.4.0-new/src/bin/jp2/opj_decompress.c 2021-05-27 23:46:46.916130437 +0200
+@@ -455,13 +455,13 @@ const char* path_separator = "/";
+ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+ opj_decompress_parameters *parameters)
+ {
+- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
+- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
++ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
++ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
+ char *temp_p, temp1[OPJ_PATH_LEN] = "";
+
+ strcpy(image_filename, dirptr->filename[imageno]);
+ fprintf(stderr, "File Number %d \"%s\"\n", imageno, image_filename);
+- sprintf(infilename, "%s%s%s", img_fol->imgdirpath, path_separator,
++ snprintf(infilename, OPJ_PATH_LEN * 2, "%s%s%s", img_fol->imgdirpath, path_separator,
+ image_filename);
+ parameters->decod_format = infile_format(infilename);
+ if (parameters->decod_format == -1) {
+@@ -479,7 +479,7 @@ char get_next_file(int imageno, dircnt_t
+ sprintf(temp1, ".%s", temp_p);
+ }
+ if (img_fol->set_out_format == 1) {
+- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
++ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+ img_fol->out_format);
+ if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
+ outfilename) != 0) {
+@@ -1357,14 +1357,13 @@ int main(int argc, char **argv)
+ return EXIT_FAILURE;
+ }
+ /* Stores at max 10 image file names */
+- dirptr->filename_buf = (char*)malloc(sizeof(char) *
+- (size_t)num_images * OPJ_PATH_LEN);
++ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
+ if (!dirptr->filename_buf) {
+ failed = 1;
+ goto fin;
+ }
+
+- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
++ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
+
+ if (!dirptr->filename) {
+ failed = 1;
+diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/opj_dump.c openjpeg-2.4.0-new/src/bin/jp2/opj_dump.c
+--- openjpeg-2.4.0/src/bin/jp2/opj_dump.c 2020-12-28 21:59:39.000000000 +0100
++++ openjpeg-2.4.0-new/src/bin/jp2/opj_dump.c 2021-05-27 23:46:46.917130437 +0200
+@@ -201,8 +201,8 @@ static int get_file_format(const char *f
+ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+ opj_dparameters_t *parameters)
+ {
+- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
+- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
++ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
++ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
+ char *temp_p, temp1[OPJ_PATH_LEN] = "";
+
+ strcpy(image_filename, dirptr->filename[imageno]);
+@@ -211,7 +211,7 @@ static char get_next_file(int imageno, d
+ if (parameters->decod_format == -1) {
+ return 1;
+ }
+- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
++ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
+ if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
+ infilename) != 0) {
+ return 1;
+@@ -224,7 +224,7 @@ static char get_next_file(int imageno, d
+ sprintf(temp1, ".%s", temp_p);
+ }
+ if (img_fol->set_out_format == 1) {
+- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
++ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+ img_fol->out_format);
+ if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
+ outfilename) != 0) {
+@@ -457,7 +457,7 @@ int main(int argc, char *argv[])
+ opj_codestream_info_v2_t* cstr_info = NULL;
+ opj_codestream_index_t* cstr_index = NULL;
+
+- OPJ_INT32 num_images, imageno;
++ int num_images, imageno;
+ img_fol_t img_fol;
+ dircnt_t *dirptr = NULL;
+
+@@ -486,13 +486,13 @@ int main(int argc, char *argv[])
+ if (!dirptr) {
+ return EXIT_FAILURE;
+ }
+- dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
++ dirptr->filename_buf = (char*) calloc((size_t) num_images, OPJ_PATH_LEN * sizeof(
+ char)); /* Stores at max 10 image file names*/
+ if (!dirptr->filename_buf) {
+ free(dirptr);
+ return EXIT_FAILURE;
+ }
+- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
++ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
+
+ if (!dirptr->filename) {
+ goto fails;
diff --git a/heap-buffer-overflow.patch b/heap-buffer-overflow.patch
new file mode 100644
index 0000000..6dcd51a
--- /dev/null
+++ b/heap-buffer-overflow.patch
@@ -0,0 +1,22 @@
+diff -rupN --no-dereference openjpeg-2.4.0/src/bin/common/color.c openjpeg-2.4.0-new/src/bin/common/color.c
+--- openjpeg-2.4.0/src/bin/common/color.c 2020-12-28 21:59:39.000000000 +0100
++++ openjpeg-2.4.0-new/src/bin/common/color.c 2021-05-27 23:46:46.961130438 +0200
+@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *
+
+ sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
+
+- ++y;
++ if (*y != img->comps[0].data[loopmaxh])
++ ++y;
+ ++r;
+ ++g;
+ ++b;
+- ++cb;
+- ++cr;
++ if (*cb != img->comps[1].data[loopmaxh])
++ ++cb;
++ if (*cr != img->comps[2].data[loopmaxh])
++ ++cr;
+ }
+ if (j < maxw) {
+ sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
diff --git a/openjpeg2-static.spec b/openjpeg2-static.spec
index 2ee7543..f0339cc 100644
--- a/openjpeg2-static.spec
+++ b/openjpeg2-static.spec
@@ -10,8 +10,8 @@
%global _target_platform %{_vendor}-%{_target_os}
Name: openjpeg2-static
-Version: 2.3.1
-Release: 9%{?dist}
+Version: 2.4.0
+Release: 1%{?dist}
Summary: C-Library for JPEG 2000
# windirent.h is MIT, the rest is BSD
@@ -25,21 +25,13 @@ Source1: data.tar.xz
# Rename tool names to avoid conflicts with openjpeg-1.x
Patch0: openjpeg2_opj2.patch
-# Backport patch for CVE 2020-6851
-# https://github.com/uclouvain/openjpeg/issues/1228
-Patch1: openjpeg2_CVE-2020-6851.patch
-# Backport patch for CVE 2020-8112
-# https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
-Patch2: openjpeg2_CVE-2020-8112.patch
-# Backport patch for CVE-2020-27814
-# https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc
-Patch3: openjpeg2_CVE-2020-27814.patch
-# Backport patch for CVE-2020-27824
-# https://github.com/uclouvain/openjpeg/pull/1292/commits/6daf5f3e1ec6eff03b7982889874a3de6617db8d
-Patch4: openjpeg2_CVE-2020-27824.patch
-# Backport patch for CVE-2020-27823
-# https://github.com/uclouvain/openjpeg/commit/b2072402b7e14d22bba6fb8cde2a1e9996e9a919
-Patch5: openjpeg2_CVE-2020-27823.patch
+# Backport proposed patch for CVE-2021-29338
+# See https://github.com/uclouvain/openjpeg/issues/1338
+# and https://github.com/uclouvain/openjpeg/pull/1346
+Patch1: CVE-2021-29338.patch
+# Backport proposed patch for heap buffer overflow (#1957616)
+# See https://github.com/uclouvain/openjpeg/issues/1347
+Patch2: heap-buffer-overflow.patch
BuildRequires: cmake
@@ -224,9 +216,6 @@ OpenJPEG2 JP3D module command line tools
%patch0 -p1
%patch1 -p1
%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
# Remove all third party libraries just to be sure
find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \;
@@ -247,7 +236,7 @@ export CFLAGS="%{optflags} -fPIC"
-DBUILD_STATIC_LIBS=ON \
-DBUILD_SHARED_LIBS=OFF \
%{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data} \
- ..
+ -B . -S ..
popd
%make_build VERBOSE=1 -C %{_target_platform}
@@ -290,15 +279,15 @@ make test -C %{_target_platform}
%{!?_licensedir:%global license %doc}
%license LICENSE
%doc AUTHORS.md NEWS.md README.md THANKS.md
-%{_mandir}/man3/libopenjp2.3*
+%{_mandir}/man3/libopenjp2.*
%files devel
-%dir %{_includedir}/openjpeg-2.3/
-%{_includedir}/openjpeg-2.3/openjpeg.h
-%{_includedir}/openjpeg-2.3/opj_config.h
-%{_includedir}/openjpeg-2.3/opj_stdint.h
+%dir %{_includedir}/openjpeg-2.4/
+%{_includedir}/openjpeg-2.4/openjpeg.h
+%{_includedir}/openjpeg-2.4/opj_config.h
+%{_includedir}/openjpeg-2.4/opj_stdint.h
%{_libdir}/libopenjp2.a
-%{_libdir}/openjpeg-2.3/
+%{_libdir}/openjpeg-2.4/
%{_libdir}/pkgconfig/libopenjp2.pc
%files devel-docs
@@ -358,6 +347,11 @@ make test -C %{_target_platform}
%changelog
+* Mon May 31 2021 Remi Collet <remi@remirepo.net> - 2.4.0-1
+- sync with Fedora
+- Update to 2.4.0
+- Apply proposed patches for CVE-2021-29338 and a heap buffer overflow (#1957616)
+
* Thu Feb 13 2020 Remi Collet <remi@remirepo.net> - 2.3.1-9
- sync with Fedora
- Backport patches for CVE-2020-27824 and CVE-2020-27823
diff --git a/openjpeg2_CVE-2020-27814.patch b/openjpeg2_CVE-2020-27814.patch
deleted file mode 100644
index cbb8007..0000000
--- a/openjpeg2_CVE-2020-27814.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
---- openjpeg-2.3.1/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.701863373 +0100
-+++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.704863383 +0100
-@@ -1235,9 +1235,11 @@ static OPJ_BOOL opj_tcd_code_block_enc_a
-
- /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
- /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
-+ /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
-+ /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
- /* TODO: is there a theoretical upper-bound for the compressed code */
- /* block size ? */
-- l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
-+ l_data_size = 26 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
- (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
-
- if (l_data_size > p_code_block->data_size) {
diff --git a/openjpeg2_CVE-2020-27823.patch b/openjpeg2_CVE-2020-27823.patch
deleted file mode 100644
index 02fa0ac..0000000
--- a/openjpeg2_CVE-2020-27823.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From b2072402b7e14d22bba6fb8cde2a1e9996e9a919 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Mon, 30 Nov 2020 22:31:51 +0100
-Subject: [PATCH] pngtoimage(): fix wrong computation of x1,y1 if -d option is
- used, that would result in a heap buffer overflow (fixes #1284)
-
----
- src/bin/jp2/convertpng.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertpng.c b/src/bin/jp2/convertpng.c
-index 328c91beb..00f596e27 100644
---- a/src/bin/jp2/convertpng.c
-+++ b/src/bin/jp2/convertpng.c
-@@ -223,9 +223,9 @@ opj_image_t *pngtoimage(const char *read_idf, opj_cparameters_t * params)
- image->x0 = (OPJ_UINT32)params->image_offset_x0;
- image->y0 = (OPJ_UINT32)params->image_offset_y0;
- image->x1 = (OPJ_UINT32)(image->x0 + (width - 1) * (OPJ_UINT32)
-- params->subsampling_dx + 1 + image->x0);
-+ params->subsampling_dx + 1);
- image->y1 = (OPJ_UINT32)(image->y0 + (height - 1) * (OPJ_UINT32)
-- params->subsampling_dy + 1 + image->y0);
-+ params->subsampling_dy + 1);
-
- row32s = (OPJ_INT32 *)malloc((size_t)width * nr_comp * sizeof(OPJ_INT32));
- if (row32s == NULL) {
diff --git a/openjpeg2_CVE-2020-27824.patch b/openjpeg2_CVE-2020-27824.patch
deleted file mode 100644
index 8301f7e..0000000
--- a/openjpeg2_CVE-2020-27824.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From 6daf5f3e1ec6eff03b7982889874a3de6617db8d Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Mon, 30 Nov 2020 22:37:07 +0100
-Subject: [PATCH] Encoder: avoid global buffer overflow on irreversible
- conversion when too many decomposition levels are specified (fixes #1286)
-
----
- src/lib/openjp2/dwt.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/dwt.c b/src/lib/openjp2/dwt.c
-index ee9eb5e63..4164ba090 100644
---- a/src/lib/openjp2/dwt.c
-+++ b/src/lib/openjp2/dwt.c
-@@ -1976,7 +1976,7 @@ void opj_dwt_calc_explicit_stepsizes(opj_tccp_t * tccp, OPJ_UINT32 prec)
- if (tccp->qntsty == J2K_CCP_QNTSTY_NOQNT) {
- stepsize = 1.0;
- } else {
-- OPJ_FLOAT64 norm = opj_dwt_norms_real[orient][level];
-+ OPJ_FLOAT64 norm = opj_dwt_getnorm_real(level, orient);
- stepsize = (1 << (gain)) / norm;
- }
- opj_dwt_encode_stepsize((OPJ_INT32) floor(stepsize * 8192.0),
diff --git a/openjpeg2_CVE-2020-6851.patch b/openjpeg2_CVE-2020-6851.patch
deleted file mode 100644
index 5e2cfd7..0000000
--- a/openjpeg2_CVE-2020-6851.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/j2k.c openjpeg-2.3.1-new/src/lib/openjp2/j2k.c
---- openjpeg-2.3.1/src/lib/openjp2/j2k.c 2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/lib/openjp2/j2k.c 2020-11-28 23:29:38.618863089 +0100
-@@ -9236,6 +9236,14 @@ static OPJ_BOOL opj_j2k_update_image_dim
- l_img_comp = p_image->comps;
- for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
- OPJ_INT32 l_h, l_w;
-+ if (p_image->x0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->x1 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y1 > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(p_manager, EVT_ERROR,
-+ "Image coordinates above INT_MAX are not supported\n");
-+ return OPJ_FALSE;
-+ }
-
- l_img_comp->x0 = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)p_image->x0,
- (OPJ_INT32)l_img_comp->dx);
diff --git a/openjpeg2_CVE-2020-8112.patch b/openjpeg2_CVE-2020-8112.patch
deleted file mode 100644
index dd6e1b9..0000000
--- a/openjpeg2_CVE-2020-8112.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
---- openjpeg-2.3.1/src/lib/openjp2/tcd.c 2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.662863239 +0100
-@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile
- /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */
- l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
- l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
-- l_br_prc_x_end = opj_int_ceildivpow2(l_res->x1, (OPJ_INT32)l_pdx) << l_pdx;
-- l_br_prc_y_end = opj_int_ceildivpow2(l_res->y1, (OPJ_INT32)l_pdy) << l_pdy;
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->x1,
-+ (OPJ_INT32)l_pdx)) << l_pdx;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_x_end = (OPJ_INT32)tmp;
-+ }
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->y1,
-+ (OPJ_INT32)l_pdy)) << l_pdy;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_y_end = (OPJ_INT32)tmp;
-+ }
- /*fprintf(stderr, "\t\t\tprc_x_start=%d, prc_y_start=%d, br_prc_x_end=%d, br_prc_y_end=%d \n", l_tl_prc_x_start, l_tl_prc_y_start, l_br_prc_x_end ,l_br_prc_y_end );*/
-
- l_res->pw = (l_res->x0 == l_res->x1) ? 0U : (OPJ_UINT32)((
diff --git a/openjpeg2_opj2.patch b/openjpeg2_opj2.patch
index f4ecd0c..e38c818 100644
--- a/openjpeg2_opj2.patch
+++ b/openjpeg2_opj2.patch
@@ -1,6 +1,6 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt
---- openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt 2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt 2020-11-28 23:29:38.576862946 +0100
+diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt
+--- openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt 2020-12-28 21:59:39.000000000 +0100
++++ openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt 2021-05-27 23:46:46.878130437 +0200
@@ -44,6 +44,8 @@ endif()
# Loop over all executables:
foreach(exe opj_decompress opj_compress opj_dump)