From 5f9edbecc5ffdb6b290ee1bd5c3fea3ad418c9de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
Date: Wed, 8 Feb 2017 14:10:56 +0100
Subject: [PATCH] Fix CVE-2016-7163

---
 libopenjpeg/j2k.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/libopenjpeg/j2k.c b/libopenjpeg/j2k.c
index 90d4d96..4924b23 100644
--- a/libopenjpeg/j2k.c
+++ b/libopenjpeg/j2k.c
@@ -427,6 +427,13 @@ static void j2k_read_siz(opj_j2k_t *j2k) {
 		return;
 	}
 	
+	if ((cp->tdx<0)||(cp->tdy<0)||(cp->tx0<0)||(cp->ty0<0)) {
+		opj_event_msg(j2k->cinfo, EVT_ERROR,
+									"invalid tile size (tdx: %d, tdy: %d, tx0: %d, ty0: %d)\n",
+									cp->tdx, cp->tdy, cp->tx0, cp->ty0);
+		return;
+	}
+
 	image->numcomps = cio_read(cio, 2);	/* Csiz */
 
 #ifdef USE_JPWL
-- 
2.7.4