From aa3cad9000d51a3aae7dd04933776c7efd7f3b87 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Thu, 10 Dec 2020 14:36:36 +0100 Subject: sync with Fedora Backport patches for CVE-2020-27824 and CVE-2020-27823 --- openjpeg2_CVE-2020-8112.patch | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) (limited to 'openjpeg2_CVE-2020-8112.patch') diff --git a/openjpeg2_CVE-2020-8112.patch b/openjpeg2_CVE-2020-8112.patch index 95cb809..dd6e1b9 100644 --- a/openjpeg2_CVE-2020-8112.patch +++ b/openjpeg2_CVE-2020-8112.patch @@ -1,20 +1,7 @@ -From 05f9b91e60debda0e83977e5e63b2e66486f7074 Mon Sep 17 00:00:00 2001 -From: Even Rouault -Date: Thu, 30 Jan 2020 00:59:57 +0100 -Subject: [PATCH] opj_tcd_init_tile(): avoid integer overflow - -That could lead to later assertion failures. - -Fixes #1231 / CVE-2020-8112 ---- - src/lib/openjp2/tcd.c | 20 ++++++++++++++++++-- - 1 file changed, 18 insertions(+), 2 deletions(-) - -diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c -index deecc4dff..aa419030a 100644 ---- a/src/lib/openjp2/tcd.c -+++ b/src/lib/openjp2/tcd.c -@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no, +diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c +--- openjpeg-2.3.1/src/lib/openjp2/tcd.c 2019-04-02 14:45:15.000000000 +0200 ++++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.662863239 +0100 +@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */ l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx; l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy; -- cgit