Add openjpeg2-cve-2023-39327-limit-iterations.patch

2026-01-23 22:45:46 +01:00
3 changed files with 40 additions and 1 deletions
--- a/openjpeg2-cve-2023-39327-limit-iterations.patch
+++ b/openjpeg2-cve-2023-39327-limit-iterations.patch
@@ -0,0 +1,31 @@
+diff --git a/src/lib/openjp2/t2.c b/src/lib/openjp2/t2.c
+index 4e8cf6018..ad39cd741 100644
+--- a/src/lib/openjp2/t2.c
+++ b/src/lib/openjp2/t2.c
+@@ -441,6 +441,8 @@ OPJ_BOOL opj_t2_decode_packets(opj_tcd_t* tcd,
+          * and no l_img_comp->resno_decoded are computed
+          */
+         OPJ_BOOL* first_pass_failed = NULL;
+        OPJ_UINT32 l_packet_count = 0;
+        OPJ_UINT32 l_max_packets = 100000;
+ 
+         if (l_current_pi->poc.prg == OPJ_PROG_UNKNOWN) {
+             /* TODO ADE : add an error */
+@@ -457,6 +459,17 @@ OPJ_BOOL opj_t2_decode_packets(opj_tcd_t* tcd,
+ 
+         while (opj_pi_next(l_current_pi)) {
+             OPJ_BOOL skip_packet = OPJ_FALSE;
+            
+            /* CVE-2023-39327: Check for excessive packet iterations */
+            if (++l_packet_count > l_max_packets) {
+                opj_event_msg(p_manager, EVT_ERROR,
+                              "Excessive packet iterations detected (>%u). Possible malformed stream.\n",
+                              l_max_packets);
+                opj_pi_destroy(l_pi, l_nb_pocs);
+                opj_free(first_pass_failed);
+                return OPJ_FALSE;
+            }
+            
+             JAS_FPRINTF(stderr,
+                         "packet offset=00000166 prg=%d cmptno=%02d rlvlno=%02d prcno=%03d lyrno=%02d\n\n",
+                         l_current_pi->poc.prg1, l_current_pi->compno, l_current_pi->resno,
--- a/openjpeg2.changes
+++ b/openjpeg2.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Fri Jan 23 20:16:08 UTC 2026 - Hans Petter Jansson <hpj@suse.com>
+
+- Add openjpeg2-cve-2023-39327-limit-iterations.patch (CVE-2023-39327,
+  bsc#1227412).
+
 -------------------------------------------------------------------
 Mon Dec 16 11:15:35 UTC 2024 - Michael Vetter <mvetter@suse.com>

--- a/openjpeg2.spec
+++ b/openjpeg2.spec
@@ -27,6 +27,8 @@ Group:          Productivity/Graphics/Other
 URL:            https://www.openjpeg.org/
 Source0:        https://github.com/uclouvain/openjpeg/archive/v%{version}.tar.gz#/openjpeg-%{version}.tar.gz
 Source1:        baselibs.conf
+# PATCH-FIX-UPSTREAM openjpeg2-cve-2023-39327-limit-iterations.patch bsc#1227412 hpj@suse.com
+Patch01:        openjpeg2-cve-2023-39327-limit-iterations.patch
 BuildRequires:  cmake > 3.5
 BuildRequires:  doxygen
 BuildRequires:  fdupes
@@ -87,7 +89,7 @@ The OpenJPEG library is an open-source JPEG 2000 codec written in C language.
 This package provides the API documentation for %{name}.

 %prep
-%autosetup -n openjpeg-%{version} -p0
+%autosetup -n openjpeg-%{version} -p1

 # do not embed timestamps into html documentation
 sed -i 's|^HTML_TIMESTAMP[ =].*$|HTML_TIMESTAMP = NO|' doc/Doxyfile.dox.cmake.in