Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

opj_j2k_is_imf_compliant: Fix out of bounds access #1366

Merged
merged 1 commit into from
Jul 12, 2021

Conversation

sebras
Copy link
Contributor

@sebras sebras commented Jul 12, 2021

This was discovered when scanning the code using Coverity.

@sebras sebras changed the title Fix out of bounds access opj_j2k_is_imf_compliant: Fix out of bounds access Jul 12, 2021
@rouault
Copy link
Collaborator

rouault commented Jul 12, 2021

I'd prefer if you'd put the /* Validate sublevel */ logic as a else clause of the if (mainlevel > OPJ_IMF_MAINLEVEL_MAX). That should fix the out of bound access, while still allowing more warnings to be emitted

Previously when mainlevel was parsed == 12 openjpeg would generate
a warning, but then the sublevel value would be compared to an out
of bounds element in the tabMaxSubLevelFromMainLevel array. From
this commit OpenJPEG will only use mainlevel if in range.
@sebras sebras force-pushed the fix-out-of-bounds-access branch from fccfe02 to e0993d0 Compare July 12, 2021 13:38
@sebras
Copy link
Contributor Author

sebras commented Jul 12, 2021

@rouault Ok, that's easy enough. Done. :)

@rouault rouault merged commit 67f8a1e into uclouvain:master Jul 12, 2021
@sebras sebras deleted the fix-out-of-bounds-access branch July 12, 2021 15:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants