Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 212839 Details for
Bug 272314
app-text/ghostscript-8.70 (and later?): NULL pointer dereference
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Redhat patch by Tim Waugh.
ghostscript-jbig2dec-nullderef.patch (text/plain), 3.51 KB, created by
Mansour Moufid
on 2009-12-13 01:21:24 UTC
(
hide
)
Description:
Redhat patch by Tim Waugh.
Filename:
MIME Type:
Creator:
Mansour Moufid
Created:
2009-12-13 01:21:24 UTC
Size:
3.51 KB
patch
obsolete
>diff -up ghostscript-8.70/jbig2dec/jbig2_generic.c.jbig2dec-nullderef ghostscript-8.70/jbig2dec/jbig2_generic.c >--- ghostscript-8.70/jbig2dec/jbig2_generic.c.jbig2dec-nullderef 2009-05-29 07:48:44.000000000 +0100 >+++ ghostscript-8.70/jbig2dec/jbig2_generic.c 2009-08-03 17:51:13.864875636 +0100 >@@ -596,6 +596,10 @@ jbig2_immediate_generic_region(Jbig2Ctx > memcpy (params.gbat, gbat, gbat_bytes); > > image = jbig2_image_new(ctx, rsi.width, rsi.height); >+ if (image == NULL) >+ return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, >+ "failed to allocate buffer for image"); >+ > jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, segment->number, > "allocated %d x %d image buffer for region decode results", > rsi.width, rsi.height); >diff -up ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c.jbig2dec-nullderef ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c >--- ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c.jbig2dec-nullderef 2009-05-29 07:48:44.000000000 +0100 >+++ ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c 2009-08-03 17:52:35.318750131 +0100 >@@ -367,6 +367,11 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, > memcpy(region_params.gbat, params->sdat, sdat_bytes); > > image = jbig2_image_new(ctx, SYMWIDTH, HCHEIGHT); >+ if (image == NULL) { >+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, >+ "failed to allocate image storage"); >+ return NULL; >+ } > > code = jbig2_decode_generic_region(ctx, segment, ®ion_params, > as, image, GB_stats); >@@ -517,6 +522,11 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, > ID, RDX, RDY); > > image = jbig2_image_new(ctx, SYMWIDTH, HCHEIGHT); >+ if (image == NULL) { >+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, >+ "failed to allocate image storage"); >+ return NULL; >+ } > > /* Table 18 */ > rparams.GRTEMPLATE = params->SDRTEMPLATE; >@@ -635,6 +645,16 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, > for (j = HCFIRSTSYM; j < NSYMSDECODED; j++) { > Jbig2Image *glyph; > glyph = jbig2_image_new(ctx, SDNEWSYMWIDTHS[j], HCHEIGHT); >+ if (glyph == NULL) { >+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, >+ "error allocating image storage for glyph"); >+ while (--j >= HCFIRSTSYM) { >+ jbig2_image_release(ctx, SDNEWSYMS->glyphs[j]); >+ SDNEWSYMS->glyphs[j] = NULL; >+ } >+ jbig2_image_release(ctx, image); >+ return NULL; >+ } > jbig2_image_compose(ctx, glyph, image, > -x, 0, JBIG2_COMPOSE_REPLACE); > x += SDNEWSYMWIDTHS[j]; >diff -up ghostscript-8.70/jbig2dec/jbig2_text.c.jbig2dec-nullderef ghostscript-8.70/jbig2dec/jbig2_text.c >--- ghostscript-8.70/jbig2dec/jbig2_text.c.jbig2dec-nullderef 2009-05-29 07:48:44.000000000 +0100 >+++ ghostscript-8.70/jbig2dec/jbig2_text.c 2009-08-03 17:53:05.166750610 +0100 >@@ -312,6 +312,9 @@ jbig2_decode_text_region(Jbig2Ctx *ctx, > IBO = IB; > refimage = jbig2_image_new(ctx, IBO->width + RDW, > IBO->height + RDH); >+ if (image == NULL) >+ return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, >+ "could not allocate image storage"); > > /* Table 12 */ > rparams.GRTEMPLATE = params->SBRTEMPLATE; >@@ -676,6 +679,9 @@ jbig2_parse_text_region(Jbig2Ctx *ctx, J > } > > image = jbig2_image_new(ctx, region_info.width, region_info.height); >+ if (image == NULL) >+ return jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, >+ "unable to allocate image storage"); > > ws = jbig2_word_stream_buf_new(ctx, segment_data + offset, segment->data_length - offset); > if (!params.SBHUFF) {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 272314
:
194334
| 212839