packages/OpenEXR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenEXR/CVE-2021-20300.patch
hundred-ci 7aac8ec197 fix CVE-2021-20300 CVE-2021-20302 CVE-2021-3933 
(cherry picked from commit 039a67120ac7283a3a2592a2a78a044b2105334c)
2022-07-18 09:51:14 +08:00

15 lines
511 B
Diff
Raw Permalink Blame History

diff -Naru openexr-2.2.0/IlmImf/ImfHuf.cpp openexr-2.2.0-new/IlmImf/ImfHuf.cpp
--- openexr-2.2.0/IlmImf/ImfHuf.cpp 2022-07-15 11:20:21.474483000 +0800
+++ openexr-2.2.0-new/IlmImf/ImfHuf.cpp 2022-07-15 11:21:53.484077000 +0800
@@ -1068,7 +1068,9 @@
const char *ptr = compressed + 20;
- if ( ptr + (nBits+7 )/8 > compressed+nCompressed)
+ uint64_t nBytes = (static_cast<uint64_t>(nBits)+7) / 8 ;
+
+ if ( ptr + nBytes > compressed+nCompressed)
{
notEnoughData();
return;
Reference in New Issue View Git Blame Copy Permalink