Out-of-memory in openexr_exrcheck_fuzzer
External References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27409
Created OpenEXR tracking bugs for this issue: Affects: fedora-all [bug 1939190]
This looks like the upstream patch commit: https://github.com/AcademySoftwareFoundation/openexr/commit/bc88cdb6c97fbf5bc5d11ad8ca55306da931283a Flaw summary: In ImfScanLineInputFile.cpp, large lineOffset and bytesPerLine tables could cause OpenEXR to allocate excessive memory, causing an impact to system availability. This was due to _data->linesInBuffer missing in the if check.
This is fixed in OpenEXR v2.5.4, v2.5.5, and v3.0.1 and beyond.
This is also fixed in OpenEXR v2.4.3 https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-243-may-17-2021