1172799 - Potential issue of division by zero, and a zero check condition was necessary

Status: NEW

(Core :: Graphics: ImageLib, defect)

Description

[Pankaj Kumar]

Attachment: jpeg-turbo.patch

User Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20150525141253

Steps to reproduce:

Ran static analyzer tool on libjpeg-turbo 1.4.0 and found division by zero issue in jquant2.c


Actual results:

Divide by zero error was reported by static tool. At runtime it could have been lead to potential crash.


Expected results:

Added check for 'total' variable before division operation to fill 'colormap' fields in 'cinfo'

Comment 1

[Pankaj Kumar]

Patch has been provided in attachment.

Comment 2

[Daniel Veditz [:dveditz]]

Divide by zero is a non-exploitable condition so this bug does not need to be hidden.

Comment 3

[Glenn Randers-Pehrson]

I reported the same issue to "jpegclub.org" several weeks about
libjpeg 9a and got the response:

If it is clear from the circumstances that the divisor can't be zero,
then there is no issue here.  A static analyzer, as the name suggests,
has limited scope and can't assess all circumstances properly.

Comment 4

[u279076]

Does this still reproduce?

Comment 5

[BugBot [:suhaib / :marco/ :calixte]]

Clear a needinfo that is pending on an inactive user.

Inactive users most likely will not respond; if the missing information is essential and cannot be collected another way, the bug maybe should be closed as INCOMPLETE.

For more information, please visit auto_nag documentation.