opj_jp2_check_color(): replace assertion regarding mtyp by runtime check (#672, ...

Fixes test case openjeg-crashes-2017-07-27/id:000000,sig:06,src:000001,op:flip1,pos:808.jp2
of #895

diff --git a/src/lib/openjp2/jp2.c b/src/lib/openjp2/jp2.c
index ab708758e55df0a04d5a43978c4b164000a7f7fd..f9a74a99eba16ed4158f0aade47e142ba6c5cde8 100644 (file)
--- a/src/lib/openjp2/jp2.c
+++ b/src/lib/openjp2/jp2.c
@@ -950,8 +950,13 @@ static OPJ_BOOL opj_jp2_check_color(opj_image_t *image, opj_jp2_color_t *color,
         /* verify that no component is targeted more than once */
         for (i = 0; i < nr_channels; i++) {
             OPJ_UINT16 pcol = cmap[i].pcol;
-            assert(cmap[i].mtyp == 0 || cmap[i].mtyp == 1);
-            if (pcol >= nr_channels) {
+            /* See ISO 15444-1 Table I.14 – MTYPi field values */
+            if (cmap[i].mtyp != 0 && cmap[i].mtyp != 1) {
+                opj_event_msg(p_manager, EVT_ERROR,
+                              "Invalid value for cmap[%d].mtyp = %d.\n", i,
+                              cmap[i].mtyp);
+                is_sane = OPJ_FALSE;
+            } else if (pcol >= nr_channels) {
                 opj_event_msg(p_manager, EVT_ERROR,
                               "Invalid component/palette index for direct mapping %d.\n", pcol);
                 is_sane = OPJ_FALSE;