Closed Bug 134556 Opened 23 years ago Closed 21 years ago

nsJPEGDecoder::Init may start writing to random memory locations?

Categories

(Core :: Graphics: ImageLib, defect)

Product:
Core
Component:
Graphics: ImageLib
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 223702
Milestone:
mozilla1.0.1

People

(Reporter: mozilla-bugs, Assigned: pavlov)

Details

(Whiteboard: easy)

I noticed a compiler warning: modules/libpr0n/decoders/jpeg/nsJPEGDecoder.cpp:133 `struct decoder_source_mgr * src' might be used uninitialized in this function When looking at the code, I see in nsJPEGDecoder::Init : ... /* Step 1: allocate and initialize JPEG decompression object */ jpeg_create_decompress(&mInfo); decoder_source_mgr *src; if (mInfo.src == NULL) { ... } /* Step 2: specify data source (eg, a file) */ /* Setup callback functions. */ src->pub.init_source = init_source; src->pub.fill_input_buffer = fill_input_buffer; src->pub.skip_input_data = skip_input_data; src->pub.resync_to_restart = jpeg_resync_to_restart; src->pub.term_source = term_source; src->decoder = this; ... If I am reading this correctly, it means that if mInfo.src happens to be non-null, it will attempt to modify memory pointed by the src variable that was never initialized!
Blocks: 59652
Status: NEW → ASSIGNED
Whiteboard: easy
Target Milestone: --- → mozilla1.0.1
sorry *** This bug has been marked as a duplicate of 223702 ***
No longer blocks: 59652
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.