diff options
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch')
-rw-r--r-- | meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch b/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch new file mode 100644 index 0000000000..8aa9c15e33 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch @@ -0,0 +1,31 @@ +Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d] +CVE: CVE-2022-1122 + +While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits. + +From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001 +From: xiaoxiaoafeifei <lliangliang2007@163.com> +Date: Wed, 14 Jul 2021 09:35:13 +0800 +Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to + uninitialized pointer (fixes #1368) (#1369) + +--- + src/bin/jp2/opj_decompress.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +index 0e028735..18ead672 100644 +--- a/src/bin/jp2/opj_decompress.c ++++ b/src/bin/jp2/opj_decompress.c +@@ -1356,7 +1356,7 @@ int main(int argc, char **argv) + int it_image; + num_images = get_num_images(img_fol.imgdirpath); + +- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); ++ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t)); + if (!dirptr) { + destroy_parameters(¶meters); + return EXIT_FAILURE; +-- +2.25.1 + |