rhbz1082997_CVE-2014-0158.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

diff -rupN openjpeg-1.5.2/libopenjpeg/j2k.c openjpeg-1.5.2-new/libopenjpeg/j2k.c
--- openjpeg-1.5.2/libopenjpeg/j2k.c	2014-04-03 23:50:50.678143002 +0200
+++ openjpeg-1.5.2-new/libopenjpeg/j2k.c	2014-04-03 23:54:10.590761142 +0200
@@ -2139,7 +2139,14 @@ opj_image_t* j2k_decode_jpt_stream(opj_j
 	if (j2k->state == J2K_STATE_NEOC) {
 		j2k_read_eoc(j2k);
 	}
-	
+
+	if (j2k->state & J2K_STATE_ERR)
+	{
+		opj_event_msg(cinfo, EVT_ERROR, "Error in decoding tile\n");
+		opj_image_destroy(image);
+		return NULL;
+	}
+
 	if (j2k->state != J2K_STATE_MT) {
 		opj_event_msg(cinfo, EVT_WARNING, "Incomplete bitstream\n");
 	}