Bug#774712: io-jasper invalid operation
Mathieu Malaterre
malat at debian.org
Tue Jan 6 17:20:36 UTC 2015
Package: gdk-pixbuf
Version: 2.31.1-2
Tags: upstream patch
The following code in io-jasper.c looks suspicious:
[...]
if (jas_stream_write (context->stream, buf, size) < 0) {
g_set_error_literal (error, GDK_PIXBUF_ERROR,
GDK_PIXBUF_ERROR_INSUFFICIENT_MEMORY,
[...]
here size is usually a small size (4096...). However in jasper we have:
[...]
/* Write characters from a buffer to a stream. */
int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt);
[...]
Where implementation is:
int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt)
{
int n;
const char *bufptr;
bufptr = buf;
n = 0;
while (n < cnt) {
if (jas_stream_putc(stream, *bufptr) == EOF) {
return n;
}
++bufptr;
++n;
}
return n;
}
therefore the return value can never be below zero. I suggest changing
the code to:
if (jas_stream_write (context->stream, buf, size) != size ) {
More information about the pkg-gnome-maintainers
mailing list