fix CVE-2021-27845

CVE-2021-27845.patch

@@ -0,0 +1,26 @@
+From fd564ee3377d9fc2484c657e4f464a3fb9764d31 Mon Sep 17 00:00:00 2001
+From: Max Kellermann <max.kellermann@gmail.com>
+Date: Mon, 29 Jun 2020 13:47:09 +0200
+Subject: [PATCH] jpc_enc: validate raw_size, prevent division by zero in
+ cp_create()
+
+Closes https://github.com/mdadams/jasper/issues/194 (part 1)
+---
+ src/libjasper/jpc/jpc_enc.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/libjasper/jpc/jpc_enc.c b/src/libjasper/jpc/jpc_enc.c
+index d60a4471..3b6b1e81 100644
+--- a/src/libjasper/jpc/jpc_enc.c
++++ b/src/libjasper/jpc/jpc_enc.c
+@@ -428,6 +428,10 @@ static jpc_enc_cp_t *cp_create(const char *optstr, jas_image_t *image)
+ 	}
+ 
+ 	cp->rawsize = jas_image_rawsize(image);
++	if (cp->rawsize == 0) {
++		/* prevent division by zero in cp_create() */
++		goto error;
++	}
+ 	cp->totalsize = UINT_FAST32_MAX;
+ 
+ 	tcp = &cp->tcp;

jasper.spec

@@ -1,6 +1,6 @@
 Name:                jasper
 Version:             2.0.14
-Release:             9
+Release:             10
 Summary:             Reference implementation of the codec specified in the JPEG-2000 standard, Part 1
 License:             JasPer
 URL:                 http://www.ece.uvic.ca/~frodo/jasper/
@@ -18,6 +18,7 @@ Patch0009:           CVE-2018-19540.patch
 Patch0010:           CVE-2018-19541.patch
 Patch0011:           CVE-2018-20570.patch
 Patch0012:           CVE-2018-20622.patch
+Patch0013:           CVE-2021-27845.patch
 
 BuildRequires:       cmake freeglut-devel libGLU-devel libjpeg-devel libXmu-devel libXi-devel
 BuildRequires:       pkgconfig doxygen mesa-libGL-devel
@@ -97,6 +98,9 @@ make test -C builder
 %doc README
 
 %changelog
+* Wed Sep 8 2021 liwu <liwu13@huawei.com> - 2.0.14-10
+- fix CVE-2021-27845
+
 * Wed Sep 16 2020 wutao <wutao61@huawei.com> - 2.0.14-9
 - fix folllowing CVE in this revision
   CVE-2018-18873