package/jasper/0009-fix-CVE-2016-1577.patch - buildroot - Git at Google

 Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
 Author: Tyler Hicks <tyhicks () canonical com>
 Bug-Ubuntu: https://launchpad.net/bugs/1547865

 From: http://seclists.org/oss-sec/2016/q1/att-507/CVE-2016-1577.patch

 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

 --- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c
 +++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c
 @@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre
  				if (jas_iccprof_setattr(prof, tagtabent->tag, attrval))
  					goto error;
  				jas_iccattrval_destroy(attrval);
 +				attrval = 0;
  			} else {
  #if 0
  				jas_eprintf("warning: skipping unknown tag type\n");
	Description: CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
	Author: Tyler Hicks <tyhicks () canonical com>
	Bug-Ubuntu: https://launchpad.net/bugs/1547865

	From: http://seclists.org/oss-sec/2016/q1/att-507/CVE-2016-1577.patch

	Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

	--- jasper-1.900.1-debian1.orig/src/libjasper/base/jas_icc.c
	+++ jasper-1.900.1-debian1/src/libjasper/base/jas_icc.c
	@@ -300,6 +300,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre
	if (jas_iccprof_setattr(prof, tagtabent->tag, attrval))
	goto error;
	jas_iccattrval_destroy(attrval);
	+ attrval = 0;
	} else {
	#if 0
	jas_eprintf("warning: skipping unknown tag type\n");