Exit upon invalid MTYP in CMAP box #34
Conversation
|
I don't quite understand. This doesn't check for NULL pointers. This just breaks from the loop and the function upon seeing the first invalid object. Previously, these invalid objects were ignored. Bailing out early may or may not be correct, but how does this prevent a NULL pointer dereference? |
|
@theta682 can you explain, please? |
|
Now I'm confused about it too. But I remember I reviewed this before. But this time only just created the PR because I saw that we still had it for the old repo without checking. And don't remember what I thought the last time I reviewed. The title might be misleading. But CVE-2018-19542 is fixed indeed through this. |
|
I saw that @theta682 recently started to watch our repo :) |
jubalh
changed the title
|
@MaxKellermann I changed the message. Let's review so we can merge the last two PRs in case mdadams merges our changes into his repo. |
Proposed by Timothy Lyanguzov as a fix for CVE-2018-19542 at jasper-software/jasper#200. It appears 8c4e995 fixes CVE-2018-19542 and CVE-2017-5499. We take this change anyway since it improves things although not directly fixes the CVE as proposed.
|
Sorry guys, I didn't read notifications. My change was intended to fix reported CVE. I don't know the code and I could not phrase the change properly. |
Patch by Timothy Lyanguzov timothy.lyanguzov@sap.com
originally proposed at jasper-software/jasper#200.
To fix jasper-software/jasper#182.
Instead of jasper-software/jasper#197 /
https://gist.github.com/apoleon/701d7db34d63faa16463935b1465c74e.
Fix #7