Description: Filename buffer overflow fix
 This patch fixes a security hole by a bad buffer size handling.
Author: Roland Stigge <stigge@antcom.de>
Bug-Debian: http://bugs.debian.org/645118

--- jasper-4.1.0/src/libjasper/include/jasper/jas_stream.h.orig	2023-11-05 07:24:51.000000000 +0100
+++ jasper-4.1.0/src/libjasper/include/jasper/jas_stream.h	2023-11-07 07:25:12.340731017 +0100
@@ -77,6 +77,7 @@
 #include <jasper/jas_config.h> /* IWYU pragma: export */
 
 #include <stdio.h>
+#include <limits.h>
 #if defined(JAS_HAVE_FCNTL_H)
 #include <fcntl.h>
 #endif
@@ -100,6 +101,12 @@
 #define O_BINARY	0
 #endif
 
+#ifdef PATH_MAX
+#define JAS_PATH_MAX PATH_MAX
+#else
+#define JAS_PATH_MAX 4096
+#endif
+
 /*
  * Stream open flags.
  */
@@ -261,7 +268,7 @@
 #if defined(JAS_WASI_LIBC)
 #define L_tmpnam 4096
 #endif
-	char pathname[L_tmpnam + 1];
+	char pathname[JAS_PATH_MAX + 1];
 } jas_stream_fileobj_t;
 
 /* Delete underlying file object upon stream close. */