components/multimedia/jasper/patches/02-fix-filename-buffer-overflow.patch

   1 Description: Filename buffer overflow fix
   2  This patch fixes a security hole by a bad buffer size handling.
   3 Author: Roland Stigge <stigge@antcom.de>
   4 Bug-Debian: http://bugs.debian.org/645118
   5
   6 --- jasper-4.1.0/src/libjasper/include/jasper/jas_stream.h.orig 2023-11-05 07:24:51.000000000 +0100
   7 +++ jasper-4.1.0/src/libjasper/include/jasper/jas_stream.h      2023-11-07 07:25:12.340731017 +0100
   8 @@ -77,6 +77,7 @@
   9  #include <jasper/jas_config.h> /* IWYU pragma: export */
  10
  11  #include <stdio.h>
  12 +#include <limits.h>
  13  #if defined(JAS_HAVE_FCNTL_H)
  14  #include <fcntl.h>
  15  #endif
  16 @@ -100,6 +101,12 @@
  17  #define O_BINARY       0
  18  #endif
  19
  20 +#ifdef PATH_MAX
  21 +#define JAS_PATH_MAX PATH_MAX
  22 +#else
  23 +#define JAS_PATH_MAX 4096
  24 +#endif
  25 +
  26  /*
  27   * Stream open flags.
  28   */
  29 @@ -261,7 +268,7 @@
  30  #if defined(JAS_WASI_LIBC)
  31  #define L_tmpnam 4096
  32  #endif
  33 -       char pathname[L_tmpnam + 1];
  34 +       char pathname[JAS_PATH_MAX + 1];
  35  } jas_stream_fileobj_t;
  36
  37  /* Delete underlying file object upon stream close. */