mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
jasper: patch CVE-2025-8837
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8837 Pick the patch from the details of the above link. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
This commit is contained in:
Gyorgy Sarvari
committed by
Anuj Mittal
Anuj Mittal
parent
10196085ab
commit
adf3b111c3
@@ -0,0 +1,62 @@
|
||||
From d3f6b098f83326222a2576f938ddff93338c60be Mon Sep 17 00:00:00 2001
|
||||
From: Michael Adams <mdadams@ece.uvic.ca>
|
||||
Date: Tue, 5 Aug 2025 20:46:48 -0700
|
||||
Subject: [PATCH] Fixes #402, #403.
|
||||
|
||||
JPEG-2000 (JPC) Decoder:
|
||||
- Added the setting of several pointers to null in some cleanup code
|
||||
after the pointed-to memory was freed. This pointer nulling is not
|
||||
needed normally, but it is needed when certain debugging logs are
|
||||
enabled (so that the debug code understands that the memory associated
|
||||
with the aforementioned pointers has been freed).
|
||||
|
||||
CVE: CVE-2025-8837
|
||||
Upstream-Status: Backport [https://github.com/jasper-software/jasper/commit/8308060d3fbc1da10353ac8a95c8ea60eba9c25a]
|
||||
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||
---
|
||||
src/libjasper/jpc/jpc_dec.c | 13 ++++++++-----
|
||||
1 file changed, 8 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/libjasper/jpc/jpc_dec.c b/src/libjasper/jpc/jpc_dec.c
|
||||
index e76aa40..929f7ae 100644
|
||||
--- a/src/libjasper/jpc/jpc_dec.c
|
||||
+++ b/src/libjasper/jpc/jpc_dec.c
|
||||
@@ -1134,23 +1134,23 @@ static int jpc_dec_tilefini(jpc_dec_t *dec, jpc_dec_tile_t *tile)
|
||||
|
||||
if (tile->cp) {
|
||||
jpc_dec_cp_destroy(tile->cp);
|
||||
- //tile->cp = 0;
|
||||
+ tile->cp = 0;
|
||||
}
|
||||
if (tile->tcomps) {
|
||||
jas_free(tile->tcomps);
|
||||
- //tile->tcomps = 0;
|
||||
+ tile->tcomps = 0;
|
||||
}
|
||||
if (tile->pi) {
|
||||
jpc_pi_destroy(tile->pi);
|
||||
- //tile->pi = 0;
|
||||
+ tile->pi = 0;
|
||||
}
|
||||
if (tile->pkthdrstream) {
|
||||
jas_stream_close(tile->pkthdrstream);
|
||||
- //tile->pkthdrstream = 0;
|
||||
+ tile->pkthdrstream = 0;
|
||||
}
|
||||
if (tile->pptstab) {
|
||||
jpc_ppxstab_destroy(tile->pptstab);
|
||||
- //tile->pptstab = 0;
|
||||
+ tile->pptstab = 0;
|
||||
}
|
||||
|
||||
tile->state = JPC_TILE_DONE;
|
||||
@@ -2286,6 +2286,9 @@ static int jpc_dec_dump(const jpc_dec_t *dec)
|
||||
const jpc_dec_tile_t *tile;
|
||||
for (tileno = 0, tile = dec->tiles; tileno < dec->numtiles;
|
||||
++tileno, ++tile) {
|
||||
+ if (!tile->tcomps) {
|
||||
+ continue;
|
||||
+ }
|
||||
assert(!dec->numcomps || tile->tcomps);
|
||||
unsigned compno;
|
||||
const jpc_dec_tcomp_t *tcomp;
|
||||
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a80440d1d8f17d041c71c7271d6e06eb"
|
||||
SRC_URI = "git://github.com/jasper-software/jasper.git;protocol=https;branch=master \
|
||||
file://0001-Fixes-400.patch \
|
||||
file://0001-Fixes-401.patch \
|
||||
file://0001-Fixes-402-403.patch \
|
||||
"
|
||||
SRCREV = "917f7708b755d8434f70618108c1a76f1b6a0a82"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user