ryan/mozjpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Our copyright string is longer than JMSG_LENGTH_MAX, and this was causing a buffer overrun if output_message() was called with msg_code set to JMSG_COPYRIGHT, or if format_message() was called with msg_code set to JMSG_COPYRIGHT and with a buffer of length JMSG_LENGTH_MAX.

Browse Source 
We can't simply increase JMSG_LENGTH_MAX, because it is part of the libjpeg API, and it is generally assumed that a buffer of this length will be passed to format_message().  Thus, the easiest solution is simply to use a shorter copyright string for JMSG_COPYRIGHT.


git-svn-id: svn+ssh://svn.code.sf.net/p/libjpeg-turbo/code/trunk@1318 632fc199-4ca6-4c93-a231-07263d6284db
This commit is contained in:
DRC
2014-05-28 20:19:54 +00:00
parent fced14c7b4
commit cf55f0b533
3 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog.txt
View File

@@ -70,6 +70,9 @@ handle prototypes and support for the MS-DOS memory model, were removed from
the libjpeg code, greatly improving its readability and making it easier to
maintain and extend.
[10] Fixed a segfault that occurred when calling output_message() with msg_code
set to JMSG_COPYRIGHT.
1.3.1
=====

6
jerror.h
View File

@@ -1,9 +1,11 @@
/*
* jerror.h
*
* This file was part of the Independent JPEG Group's software:
* Copyright (C) 1994-1997, Thomas G. Lane.
* Modified 1997-2009 by Guido Vollbeding.
* This file is part of the Independent JPEG Group's software.
* libjpeg-turbo Modifications:
* Copyright (C) 2014, D. R. Commander.
* For conditions of distribution and use, see the accompanying README file.
*
* This file defines the error and message codes for the JPEG library.
@@ -132,7 +134,7 @@ JMESSAGE(JERR_VIRTUAL_BUG, "Virtual array controller messed up")
JMESSAGE(JERR_WIDTH_OVERFLOW, "Image too wide for this implementation")
JMESSAGE(JERR_XMS_READ, "Read from XMS failed")
JMESSAGE(JERR_XMS_WRITE, "Write to XMS failed")
JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT)
JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT_SHORT)
JMESSAGE(JMSG_VERSION, JVERSION)
JMESSAGE(JTRC_16BIT_TABLES,
"Caution: quantization tables are too coarse for baseline JPEG")

2
jversion.h
View File

@@ -32,3 +32,5 @@
"Copyright (C) 2009-2011 Nokia Corporation and/or its subsidiary(-ies)\n" \
"Copyright (C) 2013-2014 MIPS Technologies, Inc.\n" \
"Copyright (C) 2013 Linaro Limited"
#define JCOPYRIGHT_SHORT "Copyright (C) 1991-2014 The libjpeg-turbo Project and many others"