From 7225d2b65b95508001a6ff75f23933385a7948e0 Mon Sep 17 00:00:00 2001
From: changtao <changtao@kylinos.cn>
Date: Sat, 4 Jan 2025 11:27:51 +0800
Subject: [PATCH] fix CVE-2024-56827

---
 backport-CVE-2024-56827.patch | 28 ++++++++++++++++++++++++++++
 openjpeg2.spec                |  9 ++++++++-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2024-56827.patch

diff --git a/backport-CVE-2024-56827.patch b/backport-CVE-2024-56827.patch
new file mode 100644
index 0000000..cf046a2
--- /dev/null
+++ b/backport-CVE-2024-56827.patch
@@ -0,0 +1,28 @@
+From e492644fbded4c820ca55b5e50e598d346e850e8 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Mon, 25 Nov 2024 22:02:54 +0100
+Subject: [PATCH] opj_j2k_add_tlmarker(): validate that current tile-part
+ number if smaller that total number of tile-parts
+
+Fixes #1564
+---
+ src/lib/openjp2/j2k.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
+index 5df7940..3b2ade8 100644
+--- a/src/lib/openjp2/j2k.c
++++ b/src/lib/openjp2/j2k.c
+@@ -7463,7 +7463,8 @@ static OPJ_BOOL opj_j2k_add_tlmarker(OPJ_UINT32 tileno,
+     if (type == J2K_MS_SOT) {
+         OPJ_UINT32 l_current_tile_part = cstr_index->tile_index[tileno].current_tpsno;
+ 
+-        if (cstr_index->tile_index[tileno].tp_index) {
++        if (cstr_index->tile_index[tileno].tp_index &&
++                l_current_tile_part < cstr_index->tile_index[tileno].nb_tps) {
+             cstr_index->tile_index[tileno].tp_index[l_current_tile_part].start_pos = pos;
+         }
+ 
+-- 
+2.46.0
+
diff --git a/openjpeg2.spec b/openjpeg2.spec
index 213f86a..2f2fb9d 100644
--- a/openjpeg2.spec
+++ b/openjpeg2.spec
@@ -1,6 +1,6 @@
 Name:           openjpeg2
 Version:        2.3.1
-Release:        14
+Release:        15
 Summary:        C-Library for JPEG 2000
 License:        BSD and MIT
 URL:            https://github.com/uclouvain/openjpeg
@@ -28,6 +28,7 @@ Patch6016:      backport-CVE-2021-3575.patch
 Patch6017:      backport-CVE-2022-1122.patch
 Patch6018:      backport-CVE-2023-39328.patch
 Patch6019:      backport-CVE-2024-56826.patch
+Patch6020:      backport-CVE-2024-56827.patch
  
 BuildRequires:  cmake gcc-c++ make zlib-devel libpng-devel libtiff-devel lcms2-devel doxygen
 
@@ -104,6 +105,12 @@ mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.
 %{_mandir}/man3/*.3*
 
 %changelog
+* Tue Jan 7 2025 changtao <changtao@kylinos.cn> - 2.3.1-15
+- Type: CVE
+- CVE: CVE-2024-56827
+- SUG: NA
+- DESC: fix CVE-2024-56827
+
 * Tue Jan 7 2025 zhangpan <zhangpan103@h-partners.com> - 2.3.1-14
 - fix CVE-2024-56826