| Patrick Williams | 03907ee | 2022-05-01 06:28:52 -0500 | [diff] [blame] | 1 | Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d] |
| 2 | CVE: CVE-2022-1122 |
| 3 | |
| 4 | While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits. |
| 5 | |
| 6 | From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001 |
| 7 | From: xiaoxiaoafeifei <lliangliang2007@163.com> |
| 8 | Date: Wed, 14 Jul 2021 09:35:13 +0800 |
| 9 | Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to |
| 10 | uninitialized pointer (fixes #1368) (#1369) |
| 11 | |
| 12 | --- |
| 13 | src/bin/jp2/opj_decompress.c | 2 +- |
| 14 | 1 file changed, 1 insertion(+), 1 deletion(-) |
| 15 | |
| 16 | diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c |
| 17 | index 0e028735..18ead672 100644 |
| 18 | --- a/src/bin/jp2/opj_decompress.c |
| 19 | +++ b/src/bin/jp2/opj_decompress.c |
| 20 | @@ -1356,7 +1356,7 @@ int main(int argc, char **argv) |
| 21 | int it_image; |
| 22 | num_images = get_num_images(img_fol.imgdirpath); |
| 23 | |
| 24 | - dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); |
| 25 | + dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t)); |
| 26 | if (!dirptr) { |
| 27 | destroy_parameters(¶meters); |
| 28 | return EXIT_FAILURE; |
| 29 | -- |
| 30 | 2.25.1 |
| 31 | |