User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
At three locations is memory (re)allocated, but the results are not checked for
out of memory.
Steps to Reproduce:
it should be noted that doing:
198 mBuffer = (JOCTET *)PR_Realloc(mBuffer, count);
is almost always wrong, because if realloc fails, not only do you have a null
mBuffer, but you've leaked the old mBuffer.
Created attachment 184902 [details] [diff] [review]
this fixes the OOMs and enables a working (if not ugly) version of the OOM
handler in fill_input_buffer.
Does the patch still apply?
No, unfortunately, there is a hunk that doesn't apply anymore. Not sure how to fix that.
Andrew, are you perhaps able to update the patch?
Created attachment 260803 [details] [diff] [review]
Comment on attachment 260803 [details] [diff] [review]
Review -> stuart
This has all the reviews, so it can be checked in?
I went ahead and checked this in (although I think that Andrew has checkin privs).
Checking in nsJPEGDecoder.cpp;
/cvsroot/mozilla/modules/libpr0n/decoders/jpeg/nsJPEGDecoder.cpp,v <-- nsJPEGD
new revision: 1.71; previous revision: 1.70