packages/openjpeg2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!4 fix CVE-2020-15389

Browse Source 
Merge pull request !4 from zhangnaru/local-2
This commit is contained in:
openeuler-ci-bot 2020-07-28 09:52:28 +08:00 committed by Gitee
commit e62bcb7c1d
2 changed files with 43 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
CVE-2020-15389.patch Normal file
View File

@ -0,0 +1,38 @@
From cf56972d371a0557f30d5de64b4b9d2e87c74a6a Mon Sep 17 00:00:00 2001
From: zhangnaru <zhangnaru@huawei.com>
Date: Sat, 25 Jul 2020 10:48:34 +0800
Subject: [PATCH] CVE-2020-15389
---
src/bin/jp2/opj_decompress.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
index 4b9583b..af1661e 100644
--- a/src/bin/jp2/opj_decompress.c
+++ b/src/bin/jp2/opj_decompress.c
@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original)
int main(int argc, char **argv)
{
opj_decompress_parameters parameters; /* decompression parameters */
- opj_image_t* image = NULL;
- opj_stream_t *l_stream = NULL; /* Stream */
- opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
- opj_codestream_index_t* cstr_index = NULL;
OPJ_INT32 num_images, imageno;
img_fol_t img_fol;
@@ -1393,6 +1389,10 @@ int main(int argc, char **argv)
/*Decoding image one by one*/
for (imageno = 0; imageno < num_images ; imageno++) {
+ opj_image_t* image = NULL;
+ opj_stream_t *l_stream = NULL; /* stream */
+ opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
+ opj_codestream_index_t* cstr_index = NULL;
if (!parameters.quiet) {
fprintf(stderr, "\n");
--
2.23.0

6
openjpeg2.spec
View File

@ -1,6 +1,6 @@
Name: openjpeg2
Version: 2.3.1
Release: 2
Release: 3
Summary: C-Library for JPEG 2000
License: BSD and MIT
URL: https://github.com/uclouvain/openjpeg
@ -11,6 +11,7 @@ Patch1: openjpeg2_opj2.patch
Patch6000: CVE-2016-10505.patch
Patch6001: CVE-2016-7445.patch
Patch6002: CVE-2020-15389.patch
BuildRequires: cmake gcc-c++ make zlib-devel libpng-devel libtiff-devel lcms2-devel doxygen
@ -86,6 +87,9 @@ mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.
%{_mandir}/man3/*.3*
%changelog
* Sat Jul 25 2020 zhangnaru <zhangnaru@huawei.com> -2.3.1-3
- fix CVE-2020-15389
* Thu Sep 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.3.1-2
- fix CVE-2016-10505 and CVE-2016-7445