An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
References:
https://github.com/mdadams/jasper/issues/184
Created jasper tracking bugs for this issue:
Affects: fedora-all [bug 1646649]
Created mingw-jasper tracking bugs for this issue:
Affects: epel-7 [bug 1646651]
Affects: fedora-all [bug 1646650]
This affects not only versions 2.0.*, but also 1.900.*. The problem remains unfixed in the currently latest upstream version 2.0.16.
This flaw exists in the code for writing image into the RAS (Sun Raster) format. It does not affect the most typical uses of Jasper library to read JPEG2000 images.