walkero
/
openjpeg
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Gracefully reject codestreams with malformed SIZ markers 

Update #603
This commit is contained in:
Antonin Descampe 2015-09-30 09:00:50 +02:00
parent 3cee252347
commit 959ebdab5e
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libopenjpeg/j2k.c
View File

@ -432,13 +432,17 @@ static void j2k_read_siz(opj_j2k_t *j2k) {
opj_event_msg(j2k->cinfo, EVT_ERROR,
"invalid image size (x0:%d, x1:%d, y0:%d, y1:%d)\n",
image->x0,image->x1,image->y0,image->y1);
j2k->state |= J2K_STATE_ERR;
return;
}
n_comps = (len - 36 - 2 ) / 3;
assert( (len - 36 - 2 ) % 3 == 0 );
image->numcomps = cio_read(cio, 2); /* Csiz */
assert( n_comps == image->numcomps );
image->numcomps = cio_read(cio, 2); /* Csiz */
if (((len - 36 - 2 ) % 3 != 0)||(n_comps != image->numcomps)) {
opj_event_msg(j2k->cinfo, EVT_ERROR,"invalid SIZ marker value\n");
j2k->state |= J2K_STATE_ERR;
return;
}
/* testcase 4035.pdf.SIGSEGV.d8b.3375 */
if (image->x0 > image->x1 || image->y0 > image->y1) {