walkero
/
openjpeg
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Merge pull request #1148 from hlef/master 

CVE-2018-5785: fix issues with zero bitmasks
This commit is contained in:
Even Rouault 2018-09-22 23:54:12 +02:00 committed by GitHub
parent 8fc09e50e5 ca16fe5501
commit 0e6a5553cf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/bin/jp2/convertbmp.c
View File

@ -435,16 +435,31 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header)
header->biRedMask |= (OPJ_UINT32)getc(IN) << 16;
header->biRedMask |= (OPJ_UINT32)getc(IN) << 24;
if (!header->biRedMask) {
fprintf(stderr, "Error, invalid red mask value %d\n", header->biRedMask);
return OPJ_FALSE;
}
header->biGreenMask = (OPJ_UINT32)getc(IN);
header->biGreenMask |= (OPJ_UINT32)getc(IN) << 8;
header->biGreenMask |= (OPJ_UINT32)getc(IN) << 16;
header->biGreenMask |= (OPJ_UINT32)getc(IN) << 24;
if (!header->biGreenMask) {
fprintf(stderr, "Error, invalid green mask value %d\n", header->biGreenMask);
return OPJ_FALSE;
}
header->biBlueMask = (OPJ_UINT32)getc(IN);
header->biBlueMask |= (OPJ_UINT32)getc(IN) << 8;
header->biBlueMask |= (OPJ_UINT32)getc(IN) << 16;
header->biBlueMask |= (OPJ_UINT32)getc(IN) << 24;
if (!header->biBlueMask) {
fprintf(stderr, "Error, invalid blue mask value %d\n", header->biBlueMask);
return OPJ_FALSE;
}
header->biAlphaMask = (OPJ_UINT32)getc(IN);
header->biAlphaMask |= (OPJ_UINT32)getc(IN) << 8;
header->biAlphaMask |= (OPJ_UINT32)getc(IN) << 16;
@ -831,6 +846,12 @@ opj_image_t* bmptoimage(const char *filename, opj_cparameters_t *parameters)
bmpmask32toimage(pData, stride, image, 0x00FF0000U, 0x0000FF00U, 0x000000FFU,
0x00000000U);
} else if (Info_h.biBitCount == 32 && Info_h.biCompression == 3) { /* bitmask */
if ((Info_h.biRedMask == 0U) && (Info_h.biGreenMask == 0U) &&
(Info_h.biBlueMask == 0U)) {
Info_h.biRedMask = 0x00FF0000U;
Info_h.biGreenMask = 0x0000FF00U;
Info_h.biBlueMask = 0x000000FFU;
}
bmpmask32toimage(pData, stride, image, Info_h.biRedMask, Info_h.biGreenMask,
Info_h.biBlueMask, Info_h.biAlphaMask);
} else if (Info_h.biBitCount == 16 && Info_h.biCompression == 0) { /* RGBX */