diff options
-rw-r--r-- | third_party/libopenjpeg20/0028-upstream-check-size-in-opj_j2k_read_siz.patch | 22 | ||||
-rw-r--r-- | third_party/libopenjpeg20/README.pdfium | 1 | ||||
-rw-r--r-- | third_party/libopenjpeg20/j2k.c | 8 |
3 files changed, 30 insertions, 1 deletions
diff --git a/third_party/libopenjpeg20/0028-upstream-check-size-in-opj_j2k_read_siz.patch b/third_party/libopenjpeg20/0028-upstream-check-size-in-opj_j2k_read_siz.patch new file mode 100644 index 0000000000..22d5562a77 --- /dev/null +++ b/third_party/libopenjpeg20/0028-upstream-check-size-in-opj_j2k_read_siz.patch @@ -0,0 +1,22 @@ +diff --git a/third_party/libopenjpeg20/j2k.c b/third_party/libopenjpeg20/j2k.c +index e77edd22b..cb5a28373 100644 +--- a/third_party/libopenjpeg20/j2k.c ++++ b/third_party/libopenjpeg20/j2k.c +@@ -2117,10 +2117,16 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, + if( l_img_comp->dx < 1 || l_img_comp->dx > 255 || + l_img_comp->dy < 1 || l_img_comp->dy > 255 ) { + opj_event_msg(p_manager, EVT_ERROR, +- "Invalid values for comp = %d : dx=%u dy=%u\n (should be between 1 and 255 according the JPEG2000 norm)", ++ "Invalid values for comp = %d : dx=%u dy=%u (should be between 1 and 255 according to the JPEG2000 norm)\n", + i, l_img_comp->dx, l_img_comp->dy); + return OPJ_FALSE; + } ++ if( l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */ ++ opj_event_msg(p_manager, EVT_ERROR, ++ "Invalid values for comp = %d : prec=%u (should be between 1 and 38 according to the JPEG2000 norm)\n", ++ i, l_img_comp->prec); ++ return OPJ_FALSE; ++ } + + #ifdef USE_JPWL + if (l_cp->correct) { diff --git a/third_party/libopenjpeg20/README.pdfium b/third_party/libopenjpeg20/README.pdfium index ea8f5239ba..6c2a3c74ba 100644 --- a/third_party/libopenjpeg20/README.pdfium +++ b/third_party/libopenjpeg20/README.pdfium @@ -37,4 +37,5 @@ Local Modifications: 0025-opj_j2k_add_mct_null_data.patch: Check m_data != null before trying to read from it. 0026-use_opj_uint_ceildiv.patch: Remove (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)a, (OPJ_INT32) b). 0027-undefined-shift-opj_t1_decode_cblk.patch: upstream fix for a ubsan bug. +0028-upstream-check-size-in-opj_j2k_read_siz.patch: upstream patch in j2k.c. TODO(thestig): List all the other patches. diff --git a/third_party/libopenjpeg20/j2k.c b/third_party/libopenjpeg20/j2k.c index e77edd22b8..cb5a283732 100644 --- a/third_party/libopenjpeg20/j2k.c +++ b/third_party/libopenjpeg20/j2k.c @@ -2117,10 +2117,16 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, if( l_img_comp->dx < 1 || l_img_comp->dx > 255 || l_img_comp->dy < 1 || l_img_comp->dy > 255 ) { opj_event_msg(p_manager, EVT_ERROR, - "Invalid values for comp = %d : dx=%u dy=%u\n (should be between 1 and 255 according the JPEG2000 norm)", + "Invalid values for comp = %d : dx=%u dy=%u (should be between 1 and 255 according to the JPEG2000 norm)\n", i, l_img_comp->dx, l_img_comp->dy); return OPJ_FALSE; } + if( l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */ + opj_event_msg(p_manager, EVT_ERROR, + "Invalid values for comp = %d : prec=%u (should be between 1 and 38 according to the JPEG2000 norm)\n", + i, l_img_comp->prec); + return OPJ_FALSE; + } #ifdef USE_JPWL if (l_cp->correct) { |