Note:
This project will be discontinued after December 13, 2021. [more]
2018-03-02
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.
Products | Openjpeg |
Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
First patch |
https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5 |
Patches | https://github.com/uclouvain/openjpeg/commit/cc3824767bde397fedb8a1ae4786a222ba860c8d |
Relevant file/s | ./src/bin/mj2/opj_mj2_extract.c (modified, +6, -1) |
Links | https://github.com/uclouvain/openjpeg/issues/1088 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: