Description: Filename buffer overflow fix This patch fixes a security hole by a bad buffer size handling. Author: Roland Stigge Bug-Debian: http://bugs.debian.org/645118 --- a/src/libjasper/include/jasper/jas_stream.h +++ b/src/libjasper/include/jasper/jas_stream.h @@ -77,6 +77,7 @@ #include #include +#include #if defined(JAS_HAVE_FCNTL_H) #include #endif @@ -100,6 +101,12 @@ extern "C" { #define O_BINARY 0 #endif +#ifdef PATH_MAX +#define JAS_PATH_MAX PATH_MAX +#else +#define JAS_PATH_MAX 4096 +#endif + /* * Stream open flags. */ @@ -251,7 +259,7 @@ typedef struct { typedef struct { int fd; int flags; - char pathname[L_tmpnam + 1]; + char pathname[JAS_PATH_MAX + 1]; } jas_stream_fileobj_t; #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01