Fix multiple potential vulnerabilities and bugs#1168
Fix multiple potential vulnerabilities and bugs#1168rouault merged 8 commits intouclouvain:masterfrom
Conversation
Signed-off-by: Young_X <YangX92@hotmail.com>
Signed-off-by: Young_X <YangX92@hotmail.com>
…clouvain#987) Signed-off-by: Young_X <YangX92@hotmail.com>
| cmap_index = get_ushort(*(unsigned short*)(&tga[3])); | ||
| cmap_index = get_tga_ushort(*(unsigned short*)(&tga[3])); | ||
| cmap_len = get_ushort(*(unsigned short*)(&tga[5])); | ||
| cmap_len = get_tga_ushort(*(unsigned short*)(&tga[5])); |
There was a problem hiding this comment.
I suspect this doesn't compile... Line 135 should be removed as it is effectively overrideen by line 136. Similar instances below
There was a problem hiding this comment.
I have fixed that by make a new pr.
rouault
changed the title
Signed-off-by: Young_X <YangX92@hotmail.com>
… function opj_get_encoding_parameters Signed-off-by: Young_X <YangX92@hotmail.com>
… to avoid potential int overflow Signed-off-by: Young_X <YangX92@hotmail.com>
…E-2018-14423 Signed-off-by: Young_X <YangX92@hotmail.com>
and fixes unaligned load Signed-off-by: Young Xiao <YangX92@hotmail.com>
|
Ping |
rouault
left a comment
rouault
left a comment
There was a problem hiding this comment.
I believe this commit is OK.But when looking a bit the context, the cast to OPJ_INT32 and the type of the p_tx0, etc argument is suspicious. They shoud likely be OPJ_UINT32 and in the opj_pi_update_encode_poc_and_final() and opj_pi_update_encode_not_poc() functions as well
rouault
changed the title
@rouault it seems commit e1740e7 was supposed to fix CVE-2018-20846, which is about out-of-bound accesses in pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl . With that commit reverted, is there a patch for that CVE? Thanks. |
no |
4 participants
Fix multiple potential vulnerabilities and bugs