Fix CVE-2014-9029 (Heap overflows in libjasper).

Copied from Fedora.

http://pkgs.fedoraproject.org/cgit/rpms/jasper.git/tree/jasper-CVE-2014-9029.patch
https://bugzilla.redhat.com/show_bug.cgi?id=1167537

--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c	2014-11-27 12:45:44.000000000 +0100
+++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c	2014-11-27 12:44:58.000000000 +0100
@@ -1281,7 +1281,7 @@ static int jpc_dec_process_coc(jpc_dec_t
 	jpc_coc_t *coc = &ms->parms.coc;
 	jpc_dec_tile_t *tile;
 
-	if (JAS_CAST(int, coc->compno) > dec->numcomps) {
+	if (JAS_CAST(int, coc->compno) >= dec->numcomps) {
 		jas_eprintf("invalid component number in COC marker segment\n");
 		return -1;
 	}
@@ -1307,7 +1307,7 @@ static int jpc_dec_process_rgn(jpc_dec_t
 	jpc_rgn_t *rgn = &ms->parms.rgn;
 	jpc_dec_tile_t *tile;
 
-	if (JAS_CAST(int, rgn->compno) > dec->numcomps) {
+	if (JAS_CAST(int, rgn->compno) >= dec->numcomps) {
 		jas_eprintf("invalid component number in RGN marker segment\n");
 		return -1;
 	}
@@ -1356,7 +1356,7 @@ static int jpc_dec_process_qcc(jpc_dec_t
 	jpc_qcc_t *qcc = &ms->parms.qcc;
 	jpc_dec_tile_t *tile;
 
-	if (JAS_CAST(int, qcc->compno) > dec->numcomps) {
+	if (JAS_CAST(int, qcc->compno) >= dec->numcomps) {
 		jas_eprintf("invalid component number in QCC marker segment\n");
 		return -1;
 	}
><a href='/guix/commit/gnu/packages/heads.scm?id=6d13c785fc49171027b3baabab9c6fdb93dd422c'>commit</a><a href='/guix/diff/gnu/packages/heads.scm?id=6d13c785fc49171027b3baabab9c6fdb93dd422c'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/heads.scm'>
<input type='hidden' name='id' value='6d13c785fc49171027b3baabab9c6fdb93dd422c'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=6d13c785fc49171027b3baabab9c6fdb93dd422c'>root</a>/<a href='/guix/log/gnu?id=6d13c785fc49171027b3baabab9c6fdb93dd422c'>gnu</a>/<a href='/guix/log/gnu/packages?id=6d13c785fc49171027b3baabab9c6fdb93dd422c'>packages</a>/<a href='/guix/log/gnu/packages/heads.scm?id=6d13c785fc49171027b3baabab9c6fdb93dd422c'>heads.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/heads.scm?id=6d13c785fc49171027b3baabab9c6fdb93dd422c&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2024-12-10 22:35:12 -0800'>2024-12-10</span></td><td><a href='/guix/commit/gnu/packages/heads.scm?id=6f8c8a86d827627f503a803381bce7fbcf8f39a0'>gnu: Fix synopsis in miscelaneous packages.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/astronomy.scm (calcmysky-qt5): Fix synopsis.
* gnu/packages/base.scm (hello): Fix synopsis.
* gnu/packages/bioinformatics.scm (vembrane): Fix synopsis.
* gnu/packages/browser-extensions.scm (passff): Fix synopsis.
* gnu/packages/browser-extensions.scm (noscript): Fix synopsis.
* gnu/packages/c.scm (orangeduck-mpc): Fix synopsis.
* gnu/packages/cran.scm (r-d3r): Fix synopsis.
* gnu/packages/docbook.scm (docbook-mathml-1.0): Fix synopsis.
* gnu/packages/finance.scm (flowee): Fix synopsis.
* gnu/packages/firmware.scm (seabios): Fix synopsis.
* gnu/packages/games.scm (pinball): Fix synopsis.
(morris): Fix synopsis.
* gnu/packages/gawk.scm (cppawk-egawk): Fix synopsis.
* gnu/packages/gnome.scm (gssdp): Fix synopsis.
* gnu/packages/gstreamer.scm (gst-plugins-espeak): Fix synopsis.
* gnu/packages/heads.scm (musl-cross): Fix synopsis.
* gnu/packages/irc.scm (epic5): Fix synopsis.
* gnu/packages/kde-pim.scm (itinerary): Fix synopsis.
* gnu/packages/kde-plasma.scm (mpvqt): Fix synopsis.
* gnu/packages/lesstif.scm (motif): Fix synopsis.
* gnu/packages/linux.scm (ecryptfs-utils): Fix synopsis.
* gnu/packages/linux.scm (falcosecurity-libs): Fix synopsis.
* gnu/packages/mail.scm (pan): Fix synopsis.
* gnu/packages/messaging.scm (biboumi): Fix synopsis.
* gnu/packages/ocaml.scm (ocaml-ppx-import): Fix synopsis.
* gnu/packages/pascal.scm (p2c): Fix synopsis.
* gnu/packages/pdf.scm (unpaper): Fix synopsis.
* gnu/packages/pure.scm (pure): Fix synopsis.
* gnu/packages/qt.scm (qxlsx-qt5): Fix synopsis.
* gnu/packages/smalltalk.scm (smalltalk): Fix synopsis.
* gnu/packages/sugar.scm (sugar): Fix synopsis.
* gnu/packages/terminals.scm (roxterm): Fix synopsis.
* gnu/packages/virtualization.scm (xen): Fix synopsis.
* gnu/packages/vpn.scm (sshoot): Fix synopsis.
* gnu/packages/web.scm (buku-run): Fix synopsis.

Signed-off-by: Vagrant Cascadian &lt;vagrant@debian.org&gt;
</span></span></td><td>Gabriel Wicki</td></tr>
<tr><td><span title='2024-12-10 23:00:43 +0100'>2024-12-10</span></td><td><a href='/guix/commit/gnu/packages/heads.scm?id=fbc5e7fc40919a66a24855430f7b32a304579d0d'>gnu: packages: Remove x86_64-gnu next to i586-gnu from supported-systems.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/golang.scm (go-1.16)[supported-systems]: Remove "x86_64-gnu".
* gnu/packages/linux.scm (proot)[supported-systems]: Likewise.
* gnu/packages/valgrind.scm (valgrind)[supported-systems]: Likewise.
* gnu/packages/virtualization.scm (qemu)[supported-systems]: Likewise.
* gnu/packages/heads.scm (musl-cross)[supported-systems]: Delete target-hurd?
instead of remove'ing "i586-gnu".
* gnu/packages/linux.scm (net-tools)[supported-systems]: Likewise.
(libcap)[supported-systems]: Likewise.
(fuse)[supported-systems]: Likewise.
(kmod)[supported-systems]: Likewise.
(lvm2)[supported-systems]: Likewise.
(mdadm)[supported-systems]: Likewise.
(proot)[supported-systems]: Likewise.
* gnu/packages/lisp.scm (ecl)[supported-systems]: Likewise.
(sbcl)[supported-systems]: Likewise.
* gnu/packages/virtualization.scm (qemu)[supported-systems]: Likewise.

Change-Id: I506e056b7aeb40f004fcc31ee85962cb065eac29
</span></span></td><td>Janneke Nieuwenhuizen</td></tr>

Age	Commit message (Expand)	Author
2024-12-10	gnu: Fix synopsis in miscelaneous packages....* gnu/packages/astronomy.scm (calcmysky-qt5): Fix synopsis. * gnu/packages/base.scm (hello): Fix synopsis. * gnu/packages/bioinformatics.scm (vembrane): Fix synopsis. * gnu/packages/browser-extensions.scm (passff): Fix synopsis. * gnu/packages/browser-extensions.scm (noscript): Fix synopsis. * gnu/packages/c.scm (orangeduck-mpc): Fix synopsis. * gnu/packages/cran.scm (r-d3r): Fix synopsis. * gnu/packages/docbook.scm (docbook-mathml-1.0): Fix synopsis. * gnu/packages/finance.scm (flowee): Fix synopsis. * gnu/packages/firmware.scm (seabios): Fix synopsis. * gnu/packages/games.scm (pinball): Fix synopsis. (morris): Fix synopsis. * gnu/packages/gawk.scm (cppawk-egawk): Fix synopsis. * gnu/packages/gnome.scm (gssdp): Fix synopsis. * gnu/packages/gstreamer.scm (gst-plugins-espeak): Fix synopsis. * gnu/packages/heads.scm (musl-cross): Fix synopsis. * gnu/packages/irc.scm (epic5): Fix synopsis. * gnu/packages/kde-pim.scm (itinerary): Fix synopsis. * gnu/packages/kde-plasma.scm (mpvqt): Fix synopsis. * gnu/packages/lesstif.scm (motif): Fix synopsis. * gnu/packages/linux.scm (ecryptfs-utils): Fix synopsis. * gnu/packages/linux.scm (falcosecurity-libs): Fix synopsis. * gnu/packages/mail.scm (pan): Fix synopsis. * gnu/packages/messaging.scm (biboumi): Fix synopsis. * gnu/packages/ocaml.scm (ocaml-ppx-import): Fix synopsis. * gnu/packages/pascal.scm (p2c): Fix synopsis. * gnu/packages/pdf.scm (unpaper): Fix synopsis. * gnu/packages/pure.scm (pure): Fix synopsis. * gnu/packages/qt.scm (qxlsx-qt5): Fix synopsis. * gnu/packages/smalltalk.scm (smalltalk): Fix synopsis. * gnu/packages/sugar.scm (sugar): Fix synopsis. * gnu/packages/terminals.scm (roxterm): Fix synopsis. * gnu/packages/virtualization.scm (xen): Fix synopsis. * gnu/packages/vpn.scm (sshoot): Fix synopsis. * gnu/packages/web.scm (buku-run): Fix synopsis. Signed-off-by: Vagrant Cascadian <vagrant@debian.org>	Gabriel Wicki
2024-12-10	gnu: packages: Remove x86_64-gnu next to i586-gnu from supported-systems....* gnu/packages/golang.scm (go-1.16)[supported-systems]: Remove "x86_64-gnu". * gnu/packages/linux.scm (proot)[supported-systems]: Likewise. * gnu/packages/valgrind.scm (valgrind)[supported-systems]: Likewise. * gnu/packages/virtualization.scm (qemu)[supported-systems]: Likewise. * gnu/packages/heads.scm (musl-cross)[supported-systems]: Delete target-hurd? instead of remove'ing "i586-gnu". * gnu/packages/linux.scm (net-tools)[supported-systems]: Likewise. (libcap)[supported-systems]: Likewise. (fuse)[supported-systems]: Likewise. (kmod)[supported-systems]: Likewise. (lvm2)[supported-systems]: Likewise. (mdadm)[supported-systems]: Likewise. (proot)[supported-systems]: Likewise. * gnu/packages/lisp.scm (ecl)[supported-systems]: Likewise. (sbcl)[supported-systems]: Likewise. * gnu/packages/virtualization.scm (qemu)[supported-systems]: Likewise. Change-Id: I506e056b7aeb40f004fcc31ee85962cb065eac29	Janneke Nieuwenhuizen