From 3753b408a629e8048d36bf4a8676ec60f4764475 Mon Sep 17 00:00:00 2001 From: aaaaaa123456789 Date: Sun, 9 Jan 2022 22:37:14 -0300 Subject: [PATCH] Make sure all values here are initialized --- docs/changelog.md | 2 +- src/jpegarithmetic.c | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/changelog.md b/docs/changelog.md index c94cd16..38310c6 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -6,7 +6,7 @@ Note: releases are listed from latest to oldest. - New functions: `plum_load_image_limited`, `plum_check_limited_image_size`, `plum_append_metadata` - Added a missing check for an extremely unlikely memory allocation failure -- Fixed some BMP encoding bugs that could arise under unusual circumstances +- Fixed some BMP and JPEG encoding bugs that could arise under unusual circumstances - Fixed BMP decoder to accept images that are exactly `0x7fffffff` pixels tall or wide - Fixed palette generation for images with many similar colors - Updated the tutorial to use `plum_append_metadata` where relevant diff --git a/src/jpegarithmetic.c b/src/jpegarithmetic.c index 609a2c4..96ee460 100644 --- a/src/jpegarithmetic.c +++ b/src/jpegarithmetic.c @@ -155,8 +155,11 @@ void decompress_JPEG_arithmetic_lossless_scan (struct context * context, struct size_t rowunits, const struct JPEG_component_info * components, const size_t * offsets, unsigned char predictor, unsigned precision) { size_t p, restart_interval; + uint8_t scancomponents[4] = {0, 0, 0, 0}; + for (p = 0; state -> MCU[p] != MCU_END_LIST; p ++) if (state -> MCU[p] < 4) scancomponents[state -> MCU[p]] = 1; uint16_t * rowdifferences[4] = {0}; - for (p = 0; p < 4; p ++) rowdifferences[p] = ctxmalloc(context, sizeof **rowdifferences * rowunits * ((state -> component_count > 1) ? components[p].scaleH : 1)); + for (p = 0; p < 4; p ++) if (scancomponents[p]) + rowdifferences[p] = ctxmalloc(context, sizeof **rowdifferences * rowunits * ((state -> component_count > 1) ? components[p].scaleH : 1)); for (restart_interval = 0; restart_interval <= state -> restart_count; restart_interval ++) { size_t units = (restart_interval == state -> restart_count) ? state -> last_size : state -> restart_size; if (!units) break; @@ -170,8 +173,8 @@ void decompress_JPEG_arithmetic_lossless_scan (struct context * context, struct unsigned char conditioning, bits = 0; initialize_JPEG_arithmetic_counters(context, &offset, &remaining, ¤t); signed char indexes[4][158] = {0}; - for (p = 0; p < 4; p ++) for (x = 0; x < (rowunits * ((state -> component_count > 1) ? components[p].scaleH : 1)); x ++) - rowdifferences[p][x] = 0; + for (p = 0; p < 4; p ++) if (scancomponents[p]) + for (x = 0; x < (rowunits * ((state -> component_count > 1) ? components[p].scaleH : 1)); x ++) rowdifferences[p][x] = 0; uint16_t coldifferences[4][4] = {0}; while (units --) { for (decodepos = state -> MCU; *decodepos != MCU_END_LIST; decodepos ++) switch (*decodepos) {