r2 of media-libs/jasper-1.900.1 has introduced some kind of regression. This leads to failure to read certain images. Steps to reproduce: $ wget http://images.library.wisc.edu/DLDecArts/EFacs/\ GramOrnJones/reference/0055.jp2 $ imginfo -f 0055.jp2 Expected result (as of jasper-1.900.1-r1): jp2 3 2538 3832 8 29176848 Actual result (with jasper-1.900.1-r2): error: cannot decode code stream cannot load image Other applications that use jasper, such as imagemagick convert, are affected as well.
This line here from the patch is to blame: snprintf(obj->pathname, L_tmpnam, "%stmp.XXXXXXXXXX", P_tmpdir); This line comes from the "fix" for CVE-2008-3521. gdb shows a resulting string of "/tmptmp.XXXXXXXXXX", so I assume P_tmpdir is set to "/tmp" without trailing slash. Adding a slash after the %s solves the issue. As bug 222819 comment 24 seems to indicate that CVE-2008-3521 isn't really an issue, we might even drop this change altogether. Up to you.
I joined all current fixes, waiting for the mirrors to get the patch. -r3 will solve this issue. Stay tuned...
Just committed, fixed in -r3. Thank you!
