oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: jasper: multiple assertion failures

From: <cve-assign () mitre org>
Date: Thu, 17 Nov 2016 02:56:39 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


jas_seq.c:90: jas_matrix<= yend' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf


Use CVE-2016-9387.



ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *, ras_cmap_t *): Assertion `numcolors <= 256' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823


Use CVE-2016-9388.



jpc_mct.c:146: void jpc_irct(jas_matrix_t *, jas_matrix_t *, jas_matrix_t *): Assertion `((c1)->numrows_) ==
numrows && ((c1)->numcols_) == numcols && ((c2)->numrows_) == numrows && ((c2)->numcols_) == numcols' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba

jpc_mct.c:233: void jpc_iict(jas_matrix_t *, jas_matrix_t *, jas_matrix_t *): Assertion `((c1)->numcols_) ==
numcols && ((c2)->numcols_) == numcols' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba


Use CVE-2016-9389 for both of these reports.



jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865


Use CVE-2016-9390.



jpc_bs.c:197: long jpc_bitstream_getbits(jpc_bitstream_t *, int): Assertion `n >= 0 && n < 32' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/1e84674d95353c64e5c4c0e7232ae86fd6ea813b


Use CVE-2016-9391.



jpc_dec.c:1637: void calcstepsizes(uint_fast16_t, int, uint_fast16_t *): Assertion `!((expn + (numrlvls - 1) -
(numrlvls - 1 - ((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330


Use CVE-2016-9392.



jpc_t2cod.c:297: int jpc_pi_nextrpcl(jpc_pi_t *): Assertion `pi->prcno pirlvl->numprcs' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330


Use CVE-2016-9393.



jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330


Use CVE-2016-9394.



jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' failed.
Commit fix:
https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a


Use CVE-2016-9395.



jpc_t1cod.c:144: int JPC_NOMINALGAIN(int, int, int, int): Assertion `qmfbid == 0x01' failed.


Use CVE-2016-9396.



jpc_dec.c:1817: void jpc_dequantize(jas_matrix_t *, jpc_fix_t): Assertion `absstepsize >= 0' failed.


Use CVE-2016-9397.



jpc_math.c:94: int jpc_floorlog2(int): Assertion `x > 0' failed.


Use CVE-2016-9398.



jpc_dec.c:1650: void calcstepsizes(uint_fast16_t, int, uint_fast16_t *): Assertion
`!((expn + (numrlvls - 1) - (numrlvls - 1 - ((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed.


Use CVE-2016-9399.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYLWJmAAoJEHb/MwWLVhi2/X4P/0FXYPvmgjnEkMsevaZ4e4WN
p5xJtxvFqt64h2P1HMfUxq2/Hk155+Rxa8lEStWAk7vqlxaQbnID5fAAb1l0WmZb
drM1wSytNCj+yNp8KairjOdGW7IZ7/dQF6mhhKpbGTLUBamWQ25oaFiBiQDQETGU
ffSKcEz6Y6s0ORFsPx7zYkoPK7yPHn6bxrKoEH8ME0unC7G4X/5tXGVuTgo1vbbn
lnoB03LeISRNt98Gz+drDmapOTM9XQrPZr+yelFOhPnjiPYbc/5loPUZjwWFiBdz
zngADPcRVu/Xdd1hsst0vcMHQiDxPL2vwr42sNhPZGVINNcfLVHyxx/hqD1y9xBR
Pbb1FXDqx+mi6gikgv4xLdvd9fpIMC7KW/+1eXfygYrdSIXG6viIUdx3Wy57bo/K
NEAuzmMKvAcRYXnvHCeCJ/LChfFMeo9rHfnKEw/BObq2zMB4GZf/2lrquNBvwhag
QqX28F681ylaQRdig9IJPF4vfOAUehic3m7JqsH41PLd6gXNlcqUVJs30iRg4QW7
LaD07osrsqwvgAwLXxew259wOpqIWlNxOmSdkajoI1J711XZGwr76iDRoRIkGeMz
l1HMrGsEylhNMRp+b7STQXsc6+tSM7Yk1ROhAzXWd8GIYk9djHAIJLf3FOGihYKK
X09TP2040sTZwQA1EKB0
=1nmb
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: