2 files changed, 32 insertions, 0 deletions
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch
new file mode 100644
index 0000000000..8aa9c15e33
--- /dev/null
+++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch
@@ -0,0 +1,31 @@
+Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d]
+CVE: CVE-2022-1122
+While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits.
+From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
+From: xiaoxiaoafeifei <lliangliang2007@163.com>
+Date: Wed, 14 Jul 2021 09:35:13 +0800
+Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to
+ uninitialized pointer (fixes #1368) (#1369)
+---
+ src/bin/jp2/opj_decompress.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
+index 0e028735..18ead672 100644
+--- a/src/bin/jp2/opj_decompress.c
+++ b/src/bin/jp2/opj_decompress.c
+@@ -1356,7 +1356,7 @@ int main(int argc, char **argv)
+         int it_image;
+         num_images = get_num_images(img_fol.imgdirpath);
+ 
+-        dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
+        dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
+         if (!dirptr) {
+             destroy_parameters(&parameters);
+             return EXIT_FAILURE;
+-- 
+2.25.1
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb
index b41bb9eb8a..f248619ec8 100644
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb
+++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb
@@ -10,6 +10,7 @@ SRC_URI = " \
    file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
    file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \
    file://CVE-2021-29338.patch \
+    file://CVE-2022-1122.patch \
 "
 SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505"
 S = "${WORKDIR}/git"

diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch new file mode 100644 index 0000000000..8aa9c15e33 --- /dev/null +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch
@@ -0,0 +1,31 @@
		1	Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d]
		2	CVE: CVE-2022-1122
		3
		4	While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits.
		5
		6	From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
		7	From: xiaoxiaoafeifei <lliangliang2007@163.com>
		8	Date: Wed, 14 Jul 2021 09:35:13 +0800
		9	Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to
		10	uninitialized pointer (fixes #1368) (#1369)
		11
		12	---
		13	src/bin/jp2/opj_decompress.c \| 2 +-
		14	1 file changed, 1 insertion(+), 1 deletion(-)
		15
		16	diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
		17	index 0e028735..18ead672 100644
		18	--- a/src/bin/jp2/opj_decompress.c
		19	+++ b/src/bin/jp2/opj_decompress.c
		20	@@ -1356,7 +1356,7 @@ int main(int argc, char **argv)
		21	int it_image;
		22	num_images = get_num_images(img_fol.imgdirpath);
		23
		24	- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
		25	+ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
		26	if (!dirptr) {
		27	destroy_parameters(&parameters);
		28	return EXIT_FAILURE;
		29	--
		30	2.25.1
		31


diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb index b41bb9eb8a..f248619ec8 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb
@@ -10,6 +10,7 @@ SRC_URI = " \
10	file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \	10	file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
11	file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \	11	file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \
12	file://CVE-2021-29338.patch \	12	file://CVE-2021-29338.patch \
		13	file://CVE-2022-1122.patch \
13	"	14	"
14	SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505"	15	SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505"
15	S = "${WORKDIR}/git"	16	S = "${WORKDIR}/git"