Skip to content

Instantly share code, notes, and snippets.

@nijikon

nijikon/src_libjasper_base_jas_icc_c.patch

Last active December 27, 2015 21:06
Show Gist options
  • Save nijikon/9e2e062d2c0114b3d384 to your computer and use it in GitHub Desktop.
Save nijikon/9e2e062d2c0114b3d384 to your computer and use it in GitHub Desktop.
Download ZIP
jasper-security-fixes
Raw
src_libjasper_base_jas_icc_c.patch
--- a/src/libjasper/base/jas_icc.c.orig Fri Jan 19 13:43:05 2007
+++ a/src/libjasper/base/jas_icc.c Thu Oct 29 22:03:25 2015
@@ -373,7 +373,7 @@ int jas_iccprof_save(jas_iccprof_t *prof, jas_stream_t
jas_icctagtab_t *tagtab;
tagtab = &prof->tagtab;
- if (!(tagtab->ents = jas_malloc(prof->attrtab->numattrs *
+ if (!(tagtab->ents = jas_alloc2(prof->attrtab->numattrs,
sizeof(jas_icctagtabent_t))))
goto error;
tagtab->numents = prof->attrtab->numattrs;
@@ -522,7 +522,7 @@ static int jas_iccprof_gettagtab(jas_stream_t *in, jas
}
if (jas_iccgetuint32(in, &tagtab->numents))
goto error;
- if (!(tagtab->ents = jas_malloc(tagtab->numents *
+ if (!(tagtab->ents = jas_alloc2(tagtab->numents,
sizeof(jas_icctagtabent_t))))
goto error;
tagtabent = tagtab->ents;
@@ -743,8 +743,7 @@ static int jas_iccattrtab_resize(jas_iccattrtab_t *tab
{
jas_iccattr_t *newattrs;
assert(maxents >= tab->numattrs);
- newattrs = tab->attrs ? jas_realloc(tab->attrs, maxents *
- sizeof(jas_iccattr_t)) : jas_malloc(maxents * sizeof(jas_iccattr_t));
+ newattrs = jas_realloc2(tab->attrs, maxents, sizeof(jas_iccattr_t));
if (!newattrs)
return -1;
tab->attrs = newattrs;
@@ -999,7 +998,7 @@ static int jas_icccurv_input(jas_iccattrval_t *attrval
if (jas_iccgetuint32(in, &curv->numents))
goto error;
- if (!(curv->ents = jas_malloc(curv->numents * sizeof(jas_iccuint16_t))))
+ if (!(curv->ents = jas_alloc2(curv->numents, sizeof(jas_iccuint16_t))))
goto error;
for (i = 0; i < curv->numents; ++i) {
if (jas_iccgetuint16(in, &curv->ents[i]))
@@ -1011,7 +1010,6 @@ static int jas_icccurv_input(jas_iccattrval_t *attrval
return 0;
error:
- jas_icccurv_destroy(attrval);
return -1;
}
@@ -1100,7 +1098,7 @@ static int jas_icctxtdesc_input(jas_iccattrval_t *attr
if (jas_iccgetuint32(in, &txtdesc->uclangcode) ||
jas_iccgetuint32(in, &txtdesc->uclen))
goto error;
- if (!(txtdesc->ucdata = jas_malloc(txtdesc->uclen * 2)))
+ if (!(txtdesc->ucdata = jas_alloc2(txtdesc->uclen, 2)))
goto error;
if (jas_stream_read(in, txtdesc->ucdata, txtdesc->uclen * 2) !=
JAS_CAST(int, txtdesc->uclen * 2))
@@ -1129,7 +1127,6 @@ static int jas_icctxtdesc_input(jas_iccattrval_t *attr
#endif
return 0;
error:
- jas_icctxtdesc_destroy(attrval);
return -1;
}
@@ -1208,8 +1205,6 @@ static int jas_icctxt_input(jas_iccattrval_t *attrval,
goto error;
return 0;
error:
- if (txt->string)
- jas_free(txt->string);
return -1;
}
@@ -1292,17 +1287,17 @@ static int jas_icclut8_input(jas_iccattrval_t *attrval
jas_iccgetuint16(in, &lut8->numouttabents))
goto error;
clutsize = jas_iccpowi(lut8->clutlen, lut8->numinchans) * lut8->numoutchans;
- if (!(lut8->clut = jas_malloc(clutsize * sizeof(jas_iccuint8_t))) ||
- !(lut8->intabsbuf = jas_malloc(lut8->numinchans *
- lut8->numintabents * sizeof(jas_iccuint8_t))) ||
- !(lut8->intabs = jas_malloc(lut8->numinchans *
+ if (!(lut8->clut = jas_alloc2(clutsize, sizeof(jas_iccuint8_t))) ||
+ !(lut8->intabsbuf = jas_alloc3(lut8->numinchans,
+ lut8->numintabents, sizeof(jas_iccuint8_t))) ||
+ !(lut8->intabs = jas_alloc2(lut8->numinchans,
sizeof(jas_iccuint8_t *))))
goto error;
for (i = 0; i < lut8->numinchans; ++i)
lut8->intabs[i] = &lut8->intabsbuf[i * lut8->numintabents];
- if (!(lut8->outtabsbuf = jas_malloc(lut8->numoutchans *
- lut8->numouttabents * sizeof(jas_iccuint8_t))) ||
- !(lut8->outtabs = jas_malloc(lut8->numoutchans *
+ if (!(lut8->outtabsbuf = jas_alloc3(lut8->numoutchans,
+ lut8->numouttabents, sizeof(jas_iccuint8_t))) ||
+ !(lut8->outtabs = jas_alloc2(lut8->numoutchans,
sizeof(jas_iccuint8_t *))))
goto error;
for (i = 0; i < lut8->numoutchans; ++i)
@@ -1330,7 +1325,6 @@ static int jas_icclut8_input(jas_iccattrval_t *attrval
goto error;
return 0;
error:
- jas_icclut8_destroy(attrval);
return -1;
}
@@ -1461,17 +1455,17 @@ static int jas_icclut16_input(jas_iccattrval_t *attrva
jas_iccgetuint16(in, &lut16->numouttabents))
goto error;
clutsize = jas_iccpowi(lut16->clutlen, lut16->numinchans) * lut16->numoutchans;
- if (!(lut16->clut = jas_malloc(clutsize * sizeof(jas_iccuint16_t))) ||
+ if (!(lut16->clut = jas_alloc2(clutsize, sizeof(jas_iccuint16_t))) ||
!(lut16->intabsbuf = jas_malloc(lut16->numinchans *
lut16->numintabents * sizeof(jas_iccuint16_t))) ||
- !(lut16->intabs = jas_malloc(lut16->numinchans *
+ !(lut16->intabs = jas_alloc2(lut16->numinchans,
sizeof(jas_iccuint16_t *))))
goto error;
for (i = 0; i < lut16->numinchans; ++i)
lut16->intabs[i] = &lut16->intabsbuf[i * lut16->numintabents];
- if (!(lut16->outtabsbuf = jas_malloc(lut16->numoutchans *
- lut16->numouttabents * sizeof(jas_iccuint16_t))) ||
- !(lut16->outtabs = jas_malloc(lut16->numoutchans *
+ if (!(lut16->outtabsbuf = jas_alloc3(lut16->numoutchans,
+ lut16->numouttabents, sizeof(jas_iccuint16_t))) ||
+ !(lut16->outtabs = jas_alloc2(lut16->numoutchans,
sizeof(jas_iccuint16_t *))))
goto error;
for (i = 0; i < lut16->numoutchans; ++i)
@@ -1499,7 +1493,6 @@ static int jas_icclut16_input(jas_iccattrval_t *attrva
goto error;
return 0;
error:
- jas_icclut16_destroy(attrval);
return -1;
}
Raw
src_libjasper_base_jas_malloc_c.patch
--- a/src/libjasper/base/jas_malloc.c.orig Fri Jan 19 21:43:05 2007
+++ a/src/libjasper/base/jas_malloc.c Mon Mar 16 19:46:41 2015
@@ -72,10 +72,13 @@
\******************************************************************************/
#include <stdio.h>
+#include <stdint.h>
#include <stdlib.h>
/* We need the prototype for memset. */
#include <string.h>
+#include <limits.h>
+#include <errno.h>
#include "jasper/jas_malloc.h"
@@ -113,18 +116,50 @@ void jas_free(void *ptr)
void *jas_realloc(void *ptr, size_t size)
{
- return realloc(ptr, size);
+ return ptr ? realloc(ptr, size) : malloc(size);
}
-void *jas_calloc(size_t nmemb, size_t size)
+void *jas_realloc2(void *ptr, size_t nmemb, size_t size)
{
- void *ptr;
+ if (!ptr)
+ return jas_alloc2(nmemb, size);
+ if (nmemb && SIZE_MAX / nmemb < size) {
+ errno = ENOMEM;
+ return NULL;
+ }
+ return jas_realloc(ptr, nmemb * size);
+
+}
+
+void *jas_alloc2(size_t nmemb, size_t size)
+{
+ if (nmemb && SIZE_MAX / nmemb < size) {
+ errno = ENOMEM;
+ return NULL;
+ }
+
+ return jas_malloc(nmemb * size);
+}
+
+void *jas_alloc3(size_t a, size_t b, size_t c)
+{
size_t n;
- n = nmemb * size;
- if (!(ptr = jas_malloc(n * sizeof(char)))) {
- return 0;
+
+ if (a && SIZE_MAX / a < b) {
+ errno = ENOMEM;
+ return NULL;
}
- memset(ptr, 0, n);
+
+ return jas_alloc2(a*b, c);
+}
+
+void *jas_calloc(size_t nmemb, size_t size)
+{
+ void *ptr;
+
+ ptr = jas_alloc2(nmemb, size);
+ if (ptr)
+ memset(ptr, 0, nmemb*size);
return ptr;
}
Raw
src_libjasper_include_jasper_jas_malloc_h.patch
--- a/src/libjasper/include/jasper/jas_malloc.h.orig Fri May 16 20:57:11 2008
+++ a/src/libjasper/include/jasper/jas_malloc.h Fri May 16 21:31:48 2008
@@ -95,6 +95,9 @@ extern "C" {
#define jas_free MEMFREE
#define jas_realloc MEMREALLOC
#define jas_calloc MEMCALLOC
+#define jas_alloc2(a, b) MEMALLOC((a)*(b))
+#define jas_alloc3(a, b, c) MEMALLOC((a)*(b)*(c))
+#define jas_realloc2(p, a, b) MEMREALLOC((p), (a)*(b))
#endif
/******************************************************************************\
@@ -115,6 +118,12 @@ void *jas_realloc(void *ptr, size_t size);
/* Allocate a block of memory and initialize the contents to zero. */
void *jas_calloc(size_t nmemb, size_t size);
+/* size-checked double allocation .*/
+void *jas_alloc2(size_t, size_t);
+
+void *jas_alloc3(size_t, size_t, size_t);
+
+void *jas_realloc2(void *, size_t, size_t);
#endif
#ifdef __cplusplus
Raw
src_libjasper_jp2_jp2_dec_c.patch
--- a/src/libjasper/jp2/jp2_dec.c.orig Fri Jan 19 13:43:05 2007
+++ a/src/libjasper/jp2/jp2_dec.c Thu Oct 29 22:04:41 2015
@@ -291,9 +291,14 @@ jas_image_t *jp2_decode(jas_stream_t *in, char *optstr
case JP2_COLR_ICC:
iccprof = jas_iccprof_createfrombuf(dec->colr->data.colr.iccp,
dec->colr->data.colr.iccplen);
- assert(iccprof);
+ if (!iccprof) {
+ jas_eprintf("error: failed to parse ICC profile\n");
+ goto error;
+ }
jas_iccprof_gethdr(iccprof, &icchdr);
- jas_eprintf("ICC Profile CS %08x\n", icchdr.colorspc);
+ if (jas_getdbglevel() >= 1) {
+ jas_eprintf("ICC Profile CS %08x\n", icchdr.colorspc);
+ }
jas_image_setclrspc(dec->image, fromiccpcs(icchdr.colorspc));
dec->image->cmprof_ = jas_cmprof_createfromiccprof(iccprof);
assert(dec->image->cmprof_);
@@ -336,7 +341,7 @@ jas_image_t *jp2_decode(jas_stream_t *in, char *optstr
}
/* Allocate space for the channel-number to component-number LUT. */
- if (!(dec->chantocmptlut = jas_malloc(dec->numchans * sizeof(uint_fast16_t)))) {
+ if (!(dec->chantocmptlut = jas_alloc2(dec->numchans, sizeof(uint_fast16_t)))) {
jas_eprintf("error: no memory\n");
goto error;
}
@@ -354,7 +359,7 @@ jas_image_t *jp2_decode(jas_stream_t *in, char *optstr
if (cmapent->map == JP2_CMAP_DIRECT) {
dec->chantocmptlut[channo] = channo;
} else if (cmapent->map == JP2_CMAP_PALETTE) {
- lutents = jas_malloc(pclrd->numlutents * sizeof(int_fast32_t));
+ lutents = jas_alloc2(pclrd->numlutents, sizeof(int_fast32_t));
for (i = 0; i < pclrd->numlutents; ++i) {
lutents[i] = pclrd->lutdata[cmapent->pcol + i * pclrd->numchans];
}
@@ -386,6 +391,11 @@ jas_image_t *jp2_decode(jas_stream_t *in, char *optstr
/* Determine the type of each component. */
if (dec->cdef) {
for (i = 0; i < dec->numchans; ++i) {
+ /* Is the channel number reasonable? */
+ if (dec->cdef->data.cdef.ents[i].channo >= dec->numchans) {
+ jas_eprintf("error: invalid channel number in CDEF box\n");
+ goto error;
+ }
jas_image_setcmpttype(dec->image,
dec->chantocmptlut[dec->cdef->data.cdef.ents[i].channo],
jp2_getct(jas_image_clrspc(dec->image),
Raw
src_libjasper_jpc_jpc_cs_c.patch
--- a/src/libjasper/jpc/jpc_cs.c.orig Fri Jan 19 22:43:07 2007
+++ a/src/libjasper/jpc/jpc_cs.c Fri Apr 19 18:32:09 2013
@@ -502,7 +502,7 @@ static int jpc_siz_getparms(jpc_ms_t *ms, jpc_cstate_t
!siz->tileheight || !siz->numcomps) {
return -1;
}
- if (!(siz->comps = jas_malloc(siz->numcomps * sizeof(jpc_sizcomp_t)))) {
+ if (!(siz->comps = jas_alloc2(siz->numcomps, sizeof(jpc_sizcomp_t)))) {
return -1;
}
for (i = 0; i < siz->numcomps; ++i) {
@@ -744,6 +744,10 @@ static int jpc_cox_getcompparms(jpc_ms_t *ms, jpc_csta
return -1;
}
compparms->numrlvls = compparms->numdlvls + 1;
+ if (compparms->numrlvls > JPC_MAXRLVLS) {
+ jpc_cox_destroycompparms(compparms);
+ return -1;
+ }
if (prtflag) {
for (i = 0; i < compparms->numrlvls; ++i) {
if (jpc_getuint8(in, &tmp)) {
@@ -982,8 +986,12 @@ static int jpc_qcx_getcompparms(jpc_qcxcp_t *compparms
compparms->numstepsizes = (len - n) / 2;
break;
}
+ if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) {
+ jpc_qcx_destroycompparms(compparms);
+ return -1;
+ }
if (compparms->numstepsizes > 0) {
- compparms->stepsizes = jas_malloc(compparms->numstepsizes *
+ compparms->stepsizes = jas_alloc2(compparms->numstepsizes,
sizeof(uint_fast16_t));
assert(compparms->stepsizes);
for (i = 0; i < compparms->numstepsizes; ++i) {
@@ -1091,7 +1099,7 @@ static int jpc_ppm_getparms(jpc_ms_t *ms, jpc_cstate_t
ppm->len = ms->len - 1;
if (ppm->len > 0) {
- if (!(ppm->data = jas_malloc(ppm->len * sizeof(unsigned char)))) {
+ if (!(ppm->data = jas_malloc(ppm->len))) {
goto error;
}
if (JAS_CAST(uint, jas_stream_read(in, ppm->data, ppm->len)) != ppm->len) {
@@ -1160,7 +1168,7 @@ static int jpc_ppt_getparms(jpc_ms_t *ms, jpc_cstate_t
}
ppt->len = ms->len - 1;
if (ppt->len > 0) {
- if (!(ppt->data = jas_malloc(ppt->len * sizeof(unsigned char)))) {
+ if (!(ppt->data = jas_malloc(ppt->len))) {
goto error;
}
if (jas_stream_read(in, (char *) ppt->data, ppt->len) != JAS_CAST(int, ppt->len)) {
@@ -1223,7 +1231,7 @@ static int jpc_poc_getparms(jpc_ms_t *ms, jpc_cstate_t
uint_fast8_t tmp;
poc->numpchgs = (cstate->numcomps > 256) ? (ms->len / 9) :
(ms->len / 7);
- if (!(poc->pchgs = jas_malloc(poc->numpchgs * sizeof(jpc_pocpchg_t)))) {
+ if (!(poc->pchgs = jas_alloc2(poc->numpchgs, sizeof(jpc_pocpchg_t)))) {
goto error;
}
for (pchgno = 0, pchg = poc->pchgs; pchgno < poc->numpchgs; ++pchgno,
@@ -1328,7 +1336,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms, jpc_cstate_t
jpc_crgcomp_t *comp;
uint_fast16_t compno;
crg->numcomps = cstate->numcomps;
- if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(uint_fast16_t)))) {
+ if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(jpc_crgcomp_t)))) {
return -1;
}
for (compno = 0, comp = crg->comps; compno < cstate->numcomps;
@@ -1467,7 +1475,7 @@ static int jpc_unk_getparms(jpc_ms_t *ms, jpc_cstate_t
cstate = 0;
if (ms->len > 0) {
- if (!(unk->data = jas_malloc(ms->len * sizeof(unsigned char)))) {
+ if (!(unk->data = jas_malloc(ms->len))) {
return -1;
}
if (jas_stream_read(in, (char *) unk->data, ms->len) != JAS_CAST(int, ms->len)) {
Raw
src_libjasper_jpc_jpc_dec_c.patch
--- a/src/libjasper/jpc/jpc_dec.c.orig Fri Jan 19 13:43:07 2007
+++ a/src/libjasper/jpc/jpc_dec.c Thu Oct 29 22:08:08 2015
@@ -449,7 +449,7 @@ static int jpc_dec_process_sot(jpc_dec_t *dec, jpc_ms_
if (dec->state == JPC_MH) {
- compinfos = jas_malloc(dec->numcomps * sizeof(jas_image_cmptparm_t));
+ compinfos = jas_alloc2(dec->numcomps, sizeof(jas_image_cmptparm_t));
assert(compinfos);
for (cmptno = 0, cmpt = dec->cmpts, compinfo = compinfos;
cmptno < dec->numcomps; ++cmptno, ++cmpt, ++compinfo) {
@@ -489,7 +489,7 @@ static int jpc_dec_process_sot(jpc_dec_t *dec, jpc_ms_
dec->curtileendoff = 0;
}
- if (JAS_CAST(int, sot->tileno) > dec->numtiles) {
+ if (JAS_CAST(int, sot->tileno) >= dec->numtiles) {
jas_eprintf("invalid tile number in SOT marker segment\n");
return -1;
}
@@ -692,7 +692,7 @@ static int jpc_dec_tileinit(jpc_dec_t *dec, jpc_dec_ti
tile->realmode = 1;
}
tcomp->numrlvls = ccp->numrlvls;
- if (!(tcomp->rlvls = jas_malloc(tcomp->numrlvls *
+ if (!(tcomp->rlvls = jas_alloc2(tcomp->numrlvls,
sizeof(jpc_dec_rlvl_t)))) {
return -1;
}
@@ -764,7 +764,7 @@ rlvl->bands = 0;
rlvl->cbgheightexpn);
rlvl->numbands = (!rlvlno) ? 1 : 3;
- if (!(rlvl->bands = jas_malloc(rlvl->numbands *
+ if (!(rlvl->bands = jas_alloc2(rlvl->numbands,
sizeof(jpc_dec_band_t)))) {
return -1;
}
@@ -797,7 +797,7 @@ rlvl->bands = 0;
assert(rlvl->numprcs);
- if (!(band->prcs = jas_malloc(rlvl->numprcs * sizeof(jpc_dec_prc_t)))) {
+ if (!(band->prcs = jas_alloc2(rlvl->numprcs, sizeof(jpc_dec_prc_t)))) {
return -1;
}
@@ -834,7 +834,7 @@ rlvl->bands = 0;
if (!(prc->numimsbstagtree = jpc_tagtree_create(prc->numhcblks, prc->numvcblks))) {
return -1;
}
- if (!(prc->cblks = jas_malloc(prc->numcblks * sizeof(jpc_dec_cblk_t)))) {
+ if (!(prc->cblks = jas_alloc2(prc->numcblks, sizeof(jpc_dec_cblk_t)))) {
return -1;
}
@@ -1181,7 +1181,7 @@ static int jpc_dec_process_siz(jpc_dec_t *dec, jpc_ms_
return -1;
}
- if (!(dec->cmpts = jas_malloc(dec->numcomps * sizeof(jpc_dec_cmpt_t)))) {
+ if (!(dec->cmpts = jas_alloc2(dec->numcomps, sizeof(jpc_dec_cmpt_t)))) {
return -1;
}
@@ -1204,7 +1204,7 @@ static int jpc_dec_process_siz(jpc_dec_t *dec, jpc_ms_
dec->numhtiles = JPC_CEILDIV(dec->xend - dec->tilexoff, dec->tilewidth);
dec->numvtiles = JPC_CEILDIV(dec->yend - dec->tileyoff, dec->tileheight);
dec->numtiles = dec->numhtiles * dec->numvtiles;
- if (!(dec->tiles = jas_malloc(dec->numtiles * sizeof(jpc_dec_tile_t)))) {
+ if (!(dec->tiles = jas_alloc2(dec->numtiles, sizeof(jpc_dec_tile_t)))) {
return -1;
}
@@ -1228,7 +1228,7 @@ static int jpc_dec_process_siz(jpc_dec_t *dec, jpc_ms_
tile->pkthdrstreampos = 0;
tile->pptstab = 0;
tile->cp = 0;
- if (!(tile->tcomps = jas_malloc(dec->numcomps *
+ if (!(tile->tcomps = jas_alloc2(dec->numcomps,
sizeof(jpc_dec_tcomp_t)))) {
return -1;
}
@@ -1280,7 +1280,7 @@ static int jpc_dec_process_coc(jpc_dec_t *dec, jpc_ms_
jpc_coc_t *coc = &ms->parms.coc;
jpc_dec_tile_t *tile;
- if (JAS_CAST(int, coc->compno) > dec->numcomps) {
+ if (JAS_CAST(int, coc->compno) >= dec->numcomps) {
jas_eprintf("invalid component number in COC marker segment\n");
return -1;
}
@@ -1306,7 +1306,7 @@ static int jpc_dec_process_rgn(jpc_dec_t *dec, jpc_ms_
jpc_rgn_t *rgn = &ms->parms.rgn;
jpc_dec_tile_t *tile;
- if (JAS_CAST(int, rgn->compno) > dec->numcomps) {
+ if (JAS_CAST(int, rgn->compno) >= dec->numcomps) {
jas_eprintf("invalid component number in RGN marker segment\n");
return -1;
}
@@ -1355,7 +1355,7 @@ static int jpc_dec_process_qcc(jpc_dec_t *dec, jpc_ms_
jpc_qcc_t *qcc = &ms->parms.qcc;
jpc_dec_tile_t *tile;
- if (JAS_CAST(int, qcc->compno) > dec->numcomps) {
+ if (JAS_CAST(int, qcc->compno) >= dec->numcomps) {
jas_eprintf("invalid component number in QCC marker segment\n");
return -1;
}
@@ -1466,7 +1466,9 @@ static int jpc_dec_process_unk(jpc_dec_t *dec, jpc_ms_
dec = 0;
jas_eprintf("warning: ignoring unknown marker segment\n");
- jpc_ms_dump(ms, stderr);
+ if (jas_getdbglevel() >= 1) {
+ jpc_ms_dump(ms, stderr);
+ }
return 0;
}
@@ -1489,7 +1491,7 @@ static jpc_dec_cp_t *jpc_dec_cp_create(uint_fast16_t n
cp->numlyrs = 0;
cp->mctid = 0;
cp->csty = 0;
- if (!(cp->ccps = jas_malloc(cp->numcomps * sizeof(jpc_dec_ccp_t)))) {
+ if (!(cp->ccps = jas_alloc2(cp->numcomps, sizeof(jpc_dec_ccp_t)))) {
return 0;
}
if (!(cp->pchglist = jpc_pchglist_create())) {
@@ -2048,7 +2050,7 @@ jpc_streamlist_t *jpc_streamlist_create()
}
streamlist->numstreams = 0;
streamlist->maxstreams = 100;
- if (!(streamlist->streams = jas_malloc(streamlist->maxstreams *
+ if (!(streamlist->streams = jas_alloc2(streamlist->maxstreams,
sizeof(jas_stream_t *)))) {
jas_free(streamlist);
return 0;
@@ -2068,8 +2070,8 @@ int jpc_streamlist_insert(jpc_streamlist_t *streamlist
/* Grow the array of streams if necessary. */
if (streamlist->numstreams >= streamlist->maxstreams) {
newmaxstreams = streamlist->maxstreams + 1024;
- if (!(newstreams = jas_realloc(streamlist->streams,
- (newmaxstreams + 1024) * sizeof(jas_stream_t *)))) {
+ if (!(newstreams = jas_realloc2(streamlist->streams,
+ (newmaxstreams + 1024), sizeof(jas_stream_t *)))) {
return -1;
}
for (i = streamlist->numstreams; i < streamlist->maxstreams; ++i) {
@@ -2155,8 +2157,7 @@ int jpc_ppxstab_grow(jpc_ppxstab_t *tab, int maxents)
{
jpc_ppxstabent_t **newents;
if (tab->maxents < maxents) {
- newents = (tab->ents) ? jas_realloc(tab->ents, maxents *
- sizeof(jpc_ppxstabent_t *)) : jas_malloc(maxents * sizeof(jpc_ppxstabent_t *));
+ newents = jas_realloc2(tab->ents, maxents, sizeof(jpc_ppxstabent_t *));
if (!newents) {
return -1;
}
Raw
src_libjasper_jpc_jpc_qmfb_c.patch
--- a/src/libjasper/jpc/jpc_qmfb.c.orig Fri Jan 19 13:43:07 2007
+++ a/src/libjasper/jpc/jpc_qmfb.c Thu Oct 29 22:06:54 2015
@@ -306,11 +306,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, int numcols, int
{
int bufsize = JPC_CEILDIVPOW2(numcols, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
-#else
- jpc_fix_t splitbuf[bufsize];
-#endif
jpc_fix_t *buf = splitbuf;
register jpc_fix_t *srcptr;
register jpc_fix_t *dstptr;
@@ -318,15 +314,13 @@ void jpc_qmfb_split_row(jpc_fix_t *a, int numcols, int
register int m;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Get a buffer. */
if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide in this case. */
abort();
}
}
-#endif
if (numcols >= 2) {
hstartcol = (numcols + 1 - parity) >> 1;
@@ -360,12 +354,10 @@ void jpc_qmfb_split_row(jpc_fix_t *a, int numcols, int
}
}
-#if !defined(HAVE_VLA)
/* If the split buffer was allocated on the heap, free this memory. */
if (buf != splitbuf) {
jas_free(buf);
}
-#endif
}
@@ -374,11 +366,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, int numrows, int
{
int bufsize = JPC_CEILDIVPOW2(numrows, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
-#else
- jpc_fix_t splitbuf[bufsize];
-#endif
jpc_fix_t *buf = splitbuf;
register jpc_fix_t *srcptr;
register jpc_fix_t *dstptr;
@@ -386,15 +374,13 @@ void jpc_qmfb_split_col(jpc_fix_t *a, int numrows, int
register int m;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Get a buffer. */
if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide in this case. */
abort();
}
}
-#endif
if (numrows >= 2) {
hstartcol = (numrows + 1 - parity) >> 1;
@@ -428,12 +414,10 @@ void jpc_qmfb_split_col(jpc_fix_t *a, int numrows, int
}
}
-#if !defined(HAVE_VLA)
/* If the split buffer was allocated on the heap, free this memory. */
if (buf != splitbuf) {
jas_free(buf);
}
-#endif
}
@@ -442,11 +426,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, int numrows,
{
int bufsize = JPC_CEILDIVPOW2(numrows, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE];
-#else
- jpc_fix_t splitbuf[bufsize * JPC_QMFB_COLGRPSIZE];
-#endif
jpc_fix_t *buf = splitbuf;
jpc_fix_t *srcptr;
jpc_fix_t *dstptr;
@@ -457,15 +437,13 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, int numrows,
int m;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Get a buffer. */
if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide in this case. */
abort();
}
}
-#endif
if (numrows >= 2) {
hstartcol = (numrows + 1 - parity) >> 1;
@@ -517,12 +495,10 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, int numrows,
}
}
-#if !defined(HAVE_VLA)
/* If the split buffer was allocated on the heap, free this memory. */
if (buf != splitbuf) {
jas_free(buf);
}
-#endif
}
@@ -531,11 +507,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, int numrows,
{
int bufsize = JPC_CEILDIVPOW2(numrows, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE];
-#else
- jpc_fix_t splitbuf[bufsize * numcols];
-#endif
jpc_fix_t *buf = splitbuf;
jpc_fix_t *srcptr;
jpc_fix_t *dstptr;
@@ -546,15 +518,13 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, int numrows,
int m;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Get a buffer. */
if (bufsize > QMFB_SPLITBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide in this case. */
abort();
}
}
-#endif
if (numrows >= 2) {
hstartcol = (numrows + 1 - parity) >> 1;
@@ -606,12 +576,10 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, int numrows,
}
}
-#if !defined(HAVE_VLA)
/* If the split buffer was allocated on the heap, free this memory. */
if (buf != splitbuf) {
jas_free(buf);
}
-#endif
}
@@ -619,26 +587,20 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int numcols, int
{
int bufsize = JPC_CEILDIVPOW2(numcols, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
-#else
- jpc_fix_t joinbuf[bufsize];
-#endif
jpc_fix_t *buf = joinbuf;
register jpc_fix_t *srcptr;
register jpc_fix_t *dstptr;
register int n;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Allocate memory for the join buffer from the heap. */
if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide. */
abort();
}
}
-#endif
hstartcol = (numcols + 1 - parity) >> 1;
@@ -670,12 +632,10 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int numcols, int
++srcptr;
}
-#if !defined(HAVE_VLA)
/* If the join buffer was allocated on the heap, free this memory. */
if (buf != joinbuf) {
jas_free(buf);
}
-#endif
}
@@ -684,26 +644,20 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int numrows, int
{
int bufsize = JPC_CEILDIVPOW2(numrows, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
-#else
- jpc_fix_t joinbuf[bufsize];
-#endif
jpc_fix_t *buf = joinbuf;
register jpc_fix_t *srcptr;
register jpc_fix_t *dstptr;
register int n;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Allocate memory for the join buffer from the heap. */
if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide. */
abort();
}
}
-#endif
hstartcol = (numrows + 1 - parity) >> 1;
@@ -735,12 +689,10 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int numrows, int
++srcptr;
}
-#if !defined(HAVE_VLA)
/* If the join buffer was allocated on the heap, free this memory. */
if (buf != joinbuf) {
jas_free(buf);
}
-#endif
}
@@ -749,11 +701,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, int numrows, i
{
int bufsize = JPC_CEILDIVPOW2(numrows, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE];
-#else
- jpc_fix_t joinbuf[bufsize * JPC_QMFB_COLGRPSIZE];
-#endif
jpc_fix_t *buf = joinbuf;
jpc_fix_t *srcptr;
jpc_fix_t *dstptr;
@@ -763,15 +711,13 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, int numrows, i
register int i;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Allocate memory for the join buffer from the heap. */
if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc3(bufsize, JPC_QMFB_COLGRPSIZE, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide. */
abort();
}
}
-#endif
hstartcol = (numrows + 1 - parity) >> 1;
@@ -821,12 +767,10 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, int numrows, i
srcptr += JPC_QMFB_COLGRPSIZE;
}
-#if !defined(HAVE_VLA)
/* If the join buffer was allocated on the heap, free this memory. */
if (buf != joinbuf) {
jas_free(buf);
}
-#endif
}
@@ -835,11 +779,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, int numrows, i
{
int bufsize = JPC_CEILDIVPOW2(numrows, 1);
-#if !defined(HAVE_VLA)
jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE];
-#else
- jpc_fix_t joinbuf[bufsize * numcols];
-#endif
jpc_fix_t *buf = joinbuf;
jpc_fix_t *srcptr;
jpc_fix_t *dstptr;
@@ -849,15 +789,13 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, int numrows, i
register int i;
int hstartcol;
-#if !defined(HAVE_VLA)
/* Allocate memory for the join buffer from the heap. */
if (bufsize > QMFB_JOINBUFSIZE) {
- if (!(buf = jas_malloc(bufsize * numcols * sizeof(jpc_fix_t)))) {
+ if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) {
/* We have no choice but to commit suicide. */
abort();
}
}
-#endif
hstartcol = (numrows + 1 - parity) >> 1;
@@ -907,12 +845,10 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, int numrows, i
srcptr += numcols;
}
-#if !defined(HAVE_VLA)
/* If the join buffer was allocated on the heap, free this memory. */
if (buf != joinbuf) {
jas_free(buf);
}
-#endif
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment