]> granicus.if.org Git - openjpeg/commitdiff
projects / openjpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65e5ff0)
additional test to avoid crash due to invalid image size, patch by Christopher Layne
authorAntonin Descampe <antonin@gmail.com>
Thu, 22 May 2008 12:34:29 +0000 (12:34 +0000)
committerAntonin Descampe <antonin@gmail.com>
Thu, 22 May 2008 12:34:29 +0000 (12:34 +0000)
ChangeLog patch | blob | history
libopenjpeg/j2k.c patch | blob | history

diff --git a/ChangeLog b/ChangeLog
index fd707f3fb7110b9c6aa60a93695842813e26b4e9..f7004f2fe8aae6f00219552c08c5cd72c1caaf64 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ What's New for OpenJPEG
 ! : changed
 + : added
 
+May 22, 2008
+* [antonin] additional test to avoid crash due to invalid image size, patch by Christopher Layne
+
 May 20, 2008
 * [antonin] memory leak fixed in openjpeg.c (opj_destroy_cstr_info()), patch by Carsten Juttner
 
diff --git a/libopenjpeg/j2k.c b/libopenjpeg/j2k.c
index 8e7b1ce081f2ca101cc7daa3a077b280d8c3bfd6..bd4a1bd6bb916b70e91fa6e138b9592b3eccebc3 100644 (file)
--- a/libopenjpeg/j2k.c
+++ b/libopenjpeg/j2k.c
@@ -467,6 +467,13 @@ static void j2k_read_siz(opj_j2k_t *j2k) {
        cp->tx0 = cio_read(cio, 4);             /* XT0siz */
        cp->ty0 = cio_read(cio, 4);             /* YT0siz */
        
+       if ((image->x0<0)||(image->x1<0)||(image->y0<0)||(image->y1<0)) {
+               opj_event_msg(j2k->cinfo, EVT_ERROR,
+                                                                       "%s: invalid image size (x0:%d, x1:%d, y0:%d, y1:%d)\n",
+                                                                       image->x0,image->x1,image->y0,image->y1);
+               return;
+       }
+       
        image->numcomps = cio_read(cio, 2);     /* Csiz */
 
 #ifdef USE_JPWL
Unnamed repository; edit this file 'description' to name the repository.