1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## cve-2012-3535.dpatch by Michael Gilbert <mgilbert@debian.org>
4
## All lines beginning with `## DP:' are a description of the patch.
8
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' openjpeg-1.3+dfsg~/libopenjpeg/j2k.c openjpeg-1.3+dfsg/libopenjpeg/j2k.c
9
--- openjpeg-1.3+dfsg~/libopenjpeg/j2k.c 2012-10-13 17:39:04.000000000 -0400
10
+++ openjpeg-1.3+dfsg/libopenjpeg/j2k.c 2012-10-13 17:39:05.000000000 -0400
12
"of resolutions of this component\nModify the cp_reduce parameter.\n\n", compno);
13
j2k->state |= J2K_STATE_ERR;
15
+ if( tccp->numresolutions > J2K_MAXRLVLS ) {
16
+ opj_event_msg(j2k->cinfo, EVT_ERROR, "Error decoding, truncating.\n");
17
+ j2k->state |= J2K_STATE_ERR;
18
+ tccp->numresolutions = J2K_MAXRLVLS;
21
tccp->cblkw = cio_read(cio, 1) + 2; /* SPcox (E) */
22
tccp->cblkh = cio_read(cio, 1) + 2; /* SPcox (F) */
23
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' openjpeg-1.3+dfsg~/libopenjpeg/t2.c openjpeg-1.3+dfsg/libopenjpeg/t2.c
24
--- openjpeg-1.3+dfsg~/libopenjpeg/t2.c 2012-10-13 17:38:59.000000000 -0400
25
+++ openjpeg-1.3+dfsg/libopenjpeg/t2.c 2012-10-13 17:40:46.053362086 -0400
29
cblk->data = (unsigned char*) opj_realloc(cblk->data, (cblk->len + seg->newlen) * sizeof(unsigned char*));
30
+ if ((cblk->len + seg->newlen) > 8192) {
33
memcpy(cblk->data + cblk->len, c, seg->newlen);
34
if (seg->numpasses == 0) {
35
seg->data = &cblk->data;