1*4882a593SmuzhiyunUpstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d] 2*4882a593SmuzhiyunCVE: CVE-2022-1122 3*4882a593Smuzhiyun 4*4882a593SmuzhiyunWhile this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits. 5*4882a593Smuzhiyun 6*4882a593SmuzhiyunFrom 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001 7*4882a593SmuzhiyunFrom: xiaoxiaoafeifei <lliangliang2007@163.com> 8*4882a593SmuzhiyunDate: Wed, 14 Jul 2021 09:35:13 +0800 9*4882a593SmuzhiyunSubject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to 10*4882a593Smuzhiyun uninitialized pointer (fixes #1368) (#1369) 11*4882a593Smuzhiyun 12*4882a593Smuzhiyun--- 13*4882a593Smuzhiyun src/bin/jp2/opj_decompress.c | 2 +- 14*4882a593Smuzhiyun 1 file changed, 1 insertion(+), 1 deletion(-) 15*4882a593Smuzhiyun 16*4882a593Smuzhiyundiff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c 17*4882a593Smuzhiyunindex 0e028735..18ead672 100644 18*4882a593Smuzhiyun--- a/src/bin/jp2/opj_decompress.c 19*4882a593Smuzhiyun+++ b/src/bin/jp2/opj_decompress.c 20*4882a593Smuzhiyun@@ -1356,7 +1356,7 @@ int main(int argc, char **argv) 21*4882a593Smuzhiyun int it_image; 22*4882a593Smuzhiyun num_images = get_num_images(img_fol.imgdirpath); 23*4882a593Smuzhiyun 24*4882a593Smuzhiyun- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); 25*4882a593Smuzhiyun+ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t)); 26*4882a593Smuzhiyun if (!dirptr) { 27*4882a593Smuzhiyun destroy_parameters(¶meters); 28*4882a593Smuzhiyun return EXIT_FAILURE; 29*4882a593Smuzhiyun-- 30*4882a593Smuzhiyun2.25.1 31*4882a593Smuzhiyun 32