summary refs log tree commit diff
path: root/gnu/packages/patches/jasper-CVE-2007-2721.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/jasper-CVE-2007-2721.patch')
-rw-r--r--gnu/packages/patches/jasper-CVE-2007-2721.patch20
1 files changed, 0 insertions, 20 deletions
diff --git a/gnu/packages/patches/jasper-CVE-2007-2721.patch b/gnu/packages/patches/jasper-CVE-2007-2721.patch
deleted file mode 100644
index 9838247894..0000000000
--- a/gnu/packages/patches/jasper-CVE-2007-2721.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Fix CVE-2007-2721 (heap corruption in jpc_qcx_getcompparms()).
-
-Copied from Fedora.
-
-http://pkgs.fedoraproject.org/cgit/rpms/jasper.git/tree/patch-libjasper-stepsizes-overflow.diff
-
---- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c	2007-01-19 22:43:07.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c	2007-04-06 01:29:02.000000000 +0200
-@@ -982,7 +982,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc
- 		compparms->numstepsizes = (len - n) / 2;
- 		break;
- 	}
--	if (compparms->numstepsizes > 0) {
-+	if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) {
-+		jpc_qcx_destroycompparms(compparms);
-+                return -1;
-+        } else if (compparms->numstepsizes > 0) {
- 		compparms->stepsizes = jas_malloc(compparms->numstepsizes *
- 		  sizeof(uint_fast16_t));
- 		assert(compparms->stepsizes);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-28 10:48:28 +0000