diff options
Diffstat (limited to 'media-libs/jbig2dec/files/jbig2dec-0.18-overflow-IAID.patch')
-rw-r--r-- | media-libs/jbig2dec/files/jbig2dec-0.18-overflow-IAID.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/media-libs/jbig2dec/files/jbig2dec-0.18-overflow-IAID.patch b/media-libs/jbig2dec/files/jbig2dec-0.18-overflow-IAID.patch new file mode 100644 index 000000000000..7205c980fc28 --- /dev/null +++ b/media-libs/jbig2dec/files/jbig2dec-0.18-overflow-IAID.patch @@ -0,0 +1,36 @@ +https://github.com/ArtifexSoftware/jbig2dec/commit/f6d326878893dc92b45cbd18e25ab4d2b3a8db73 +---- +From f6d326878893dc92b45cbd18e25ab4d2b3a8db73 Mon Sep 17 00:00:00 2001 +From: Sebastian Rasmussen <sebras@gmail.com> +Date: Sun, 15 Sep 2019 18:12:31 +0200 +Subject: [PATCH] jbig2dec: Add overflow detection for IAID context size. + +--- + jbig2_arith_iaid.c | 13 +++++++++++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/jbig2_arith_iaid.c b/jbig2_arith_iaid.c +index 78dc830..bbc38a0 100644 +--- a/jbig2_arith_iaid.c ++++ b/jbig2_arith_iaid.c +@@ -44,9 +44,18 @@ struct _Jbig2ArithIaidCtx { + Jbig2ArithIaidCtx * + jbig2_arith_iaid_ctx_new(Jbig2Ctx *ctx, int SBSYMCODELEN) + { +- Jbig2ArithIaidCtx *result = jbig2_new(ctx, Jbig2ArithIaidCtx, 1); +- int ctx_size = 1 << SBSYMCODELEN; ++ Jbig2ArithIaidCtx *result; ++ size_t ctx_size; + ++ if (sizeof(ctx_size) * 8 <= SBSYMCODELEN) ++ { ++ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "requested IAID arithmetic coding state size too large"); ++ return NULL; ++ } ++ ++ ctx_size = 1 << SBSYMCODELEN; ++ ++ result = jbig2_new(ctx, Jbig2ArithIaidCtx, 1); + if (result == NULL) { + jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "failed to allocate IAID arithmetic coding state"); + return NULL; |