openjpeg2/backport-CVE-2020-27843.patch

From 38d661a3897052c7ff0b39b30c29cb067e130121 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Wed, 2 Dec 2020 13:13:26 +0100
Subject: [PATCH] opj_t2_encode_packet(): avoid out of bound access of #1297,
 but likely not the proper fix

---
 src/lib/openjp2/t2.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/lib/openjp2/t2.c b/src/lib/openjp2/t2.c
index e452edd19..55f07c0ca 100644
--- a/src/lib/openjp2/t2.c
+++ b/src/lib/openjp2/t2.c
@@ -815,6 +815,15 @@ static OPJ_BOOL opj_t2_encode_packet(OPJ_UINT32 tileno,
             continue;
         }
 
+        /* Avoid out of bounds access of https://github.com/uclouvain/openjpeg/issues/1297 */
+        /* but likely not a proper fix. */
+        if (precno >= res->pw * res->ph) {
+            opj_event_msg(p_manager, EVT_ERROR,
+                          "opj_t2_encode_packet(): accessing precno=%u >= %u\n",
+                          precno, res->pw * res->ph);
+            return OPJ_FALSE;
+        }
+
         prc = &band->precincts[precno];
         l_nb_blocks = prc->cw * prc->ch;
         cblk = prc->cblks.enc;