HCoop / jackhill / guix / guix.git / blame
| Commit | Line | Data |
|---|---|---|
| d536113d KK |
1 | http://openwall.com/lists/oss-security/2017/08/28/4 |
| 2 | https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch | |
| 3 | ||
| 4 | From e5285319229a5d77bf316bb0d3a6cbd3cb8666d9 Mon Sep 17 00:00:00 2001 | |
| 5 | From: Even Rouault <even.rouault@spatialys.com> | |
| 6 | Date: Fri, 18 Aug 2017 13:39:20 +0200 | |
| 7 | Subject: [PATCH] pgxtoimage(): fix write stack buffer overflow (#997) | |
| 8 | ||
| 9 | --- | |
| 10 | src/bin/jp2/convert.c | 2 +- | |
| 11 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
| 12 | ||
| 13 | diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c | |
| 14 | index 5459f7d44..e606c9be7 100644 | |
| 15 | --- a/src/bin/jp2/convert.c | |
| 16 | +++ b/src/bin/jp2/convert.c | |
| 17 | @@ -1185,7 +1185,7 @@ opj_image_t* pgxtoimage(const char *filename, opj_cparameters_t *parameters) | |
| 18 | } | |
| 19 | ||
| 20 | fseek(f, 0, SEEK_SET); | |
| 21 | - if (fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d", temp, &endian1, | |
| 22 | + if (fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d", temp, &endian1, | |
| 23 | &endian2, signtmp, &prec, temp, &w, temp, &h) != 9) { | |
| 24 | fclose(f); | |
| 25 | fprintf(stderr, |