apoleon/CVE-2018-19542.patch

## CVE-2018-19542.patch
From: Markus Koschany <apo@debian.org>
Date: Thu, 6 Dec 2018 16:29:10 +0100
Subject: CVE-2018-19542

Check for possible NULL pointer. This is the inofficial fix
for the reported bug number 4.

Bug-Upstream: https://github.com/mdadams/jasper/issues/182
---
 src/libjasper/jp2/jp2_dec.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c
index 03b0eaf..d59de55 100644
--- a/src/libjasper/jp2/jp2_dec.c
+++ b/src/libjasper/jp2/jp2_dec.c
@@ -414,6 +414,9 @@ jas_image_t *jp2_decode(jas_stream_t *in, const char *optstr)
 		}
 	} else {
 		for (i = 0; i < dec->numchans; ++i) {
+			if(jp2_getct(jas_image_clrspc(dec->image), 0, i + 1) == NULL) {
+				goto error;
+			}
 			jas_image_setcmpttype(dec->image, dec->chantocmptlut[i],
 			  jp2_getct(jas_image_clrspc(dec->image), 0, i + 1));
 		}
	From: Markus Koschany <apo@debian.org>
	Date: Thu, 6 Dec 2018 16:29:10 +0100
	Subject: CVE-2018-19542

	Check for possible NULL pointer. This is the inofficial fix
	for the reported bug number 4.

	Bug-Upstream: https://github.com/mdadams/jasper/issues/182
	---
	src/libjasper/jp2/jp2_dec.c \| 3 +++
	1 file changed, 3 insertions(+)

	diff --git a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c
	index 03b0eaf..d59de55 100644
	--- a/src/libjasper/jp2/jp2_dec.c
	+++ b/src/libjasper/jp2/jp2_dec.c
	@@ -414,6 +414,9 @@ jas_image_t jp2_decode(jas_stream_t in, const char *optstr)
	}
	} else {
	for (i = 0; i < dec->numchans; ++i) {
	+ if(jp2_getct(jas_image_clrspc(dec->image), 0, i + 1) == NULL) {
	+ goto error;
	+ }
	jas_image_setcmpttype(dec->image, dec->chantocmptlut[i],
	jp2_getct(jas_image_clrspc(dec->image), 0, i + 1));
	}