projects
/
openjpeg.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
3fbe713
)
opj_pi_update_decode_poc(): limit layno1 to the number of layers (CVE-2016-1626 and...
author
Even Rouault
<even.rouault@spatialys.com>
Sat, 29 Jul 2017 17:03:13 +0000
(19:03 +0200)
committer
Even Rouault
<even.rouault@spatialys.com>
Sat, 29 Jul 2017 17:03:13 +0000
(19:03 +0200)
This has been recently fixed in a less elegant way per
80818c39f5bfbac37768fcee95b0ffeceaa77264
src/lib/openjp2/pi.c
patch
|
blob
|
history
diff --git
a/src/lib/openjp2/pi.c
b/src/lib/openjp2/pi.c
index c256349b68ac851fec92b43b9dacfd2834dccb13..df96ac2167d5e2c037b86d87d7591ab751b90d06 100644
(file)
--- a/
src/lib/openjp2/pi.c
+++ b/
src/lib/openjp2/pi.c
@@
-1213,7
+1213,8
@@
static void opj_pi_update_decode_poc(opj_pi_iterator_t * p_pi,
l_current_poc->resno1; /* Resolution Level Index #0 (End) */
l_current_pi->poc.compno1 =
l_current_poc->compno1; /* Component Index #0 (End) */
- l_current_pi->poc.layno1 = l_current_poc->layno1; /* Layer Index #0 (End) */
+ l_current_pi->poc.layno1 = opj_uint_min(l_current_poc->layno1,
+ p_tcp->numlayers); /* Layer Index #0 (End) */
l_current_pi->poc.precno1 = p_max_precision;
++l_current_pi;
++l_current_poc;