Skip to content

Commit

Permalink
opj_decompress: fix double-free on input directory with mix of valid …
Browse files Browse the repository at this point in the history
…and invalid images (CVE-2020-15389)

Fixes uclouvain#1261

Credits to @Ruia-ruia for reporting and analysis.
  • Loading branch information
rouault committed Jun 30, 2020
1 parent 172c8ae commit e8e258a
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions src/bin/jp2/opj_decompress.c
Original file line number Diff line number Diff line change
Expand Up @@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original)
int main(int argc, char **argv)
{
opj_decompress_parameters parameters; /* decompression parameters */
opj_image_t* image = NULL;
opj_stream_t *l_stream = NULL; /* Stream */
opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
opj_codestream_index_t* cstr_index = NULL;

OPJ_INT32 num_images, imageno;
img_fol_t img_fol;
Expand Down Expand Up @@ -1393,6 +1389,10 @@ int main(int argc, char **argv)

/*Decoding image one by one*/
for (imageno = 0; imageno < num_images ; imageno++) {
opj_image_t* image = NULL;
opj_stream_t *l_stream = NULL; /* Stream */
opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
opj_codestream_index_t* cstr_index = NULL;

if (!parameters.quiet) {
fprintf(stderr, "\n");
Expand Down

0 comments on commit e8e258a

Please sign in to comment.