Bug#401529: patch - hopefully not as broken as the previous.

Tue, 05 Dec 2006 11:37:37 -0800 

Ok, I've made so many mistakes this evening that it's best that I stay
off the computer for a while...

Here's a new patch... as usual, I have no idea if it's correct. The
medcon testcase no longer segfaults, but I don't know if the results are
totally wrong or not...

Hopefully this patch should be less wrong then the previous one...

The original program segfaults for me sometimes not until
curRowBuf[2048][0] and sometimes already on curRowBuf[1024][0].
I have no idea why... I'm hoping that it's overflowing already at 1024
and that the cases where it doesn't die until 2048 is because the
process is "just" overwriting it's own memory... but still, why doesn't
this happen every time then???

I'm lost.... Should have stayed away from this one....

-- 
Regards,
Andreas Henriksson

diff -uriNp xmedcon-0.9.9.3-orig/libs/ljpg/huffd.c 
xmedcon-0.9.9.3/libs/ljpg/huffd.c
--- xmedcon-0.9.9.3-orig/libs/ljpg/huffd.c      2005-05-16 00:10:20.000000000 
+0200
+++ xmedcon-0.9.9.3/libs/ljpg/huffd.c   2006-12-05 20:20:40.000000000 +0100
@@ -411,7 +411,7 @@ void DecodeFirstRow (DecompressInfo *dcP
     Pr=dcPtr->dataPrecision;
     Pt=dcPtr->Pt;
     compsInScan=dcPtr->compsInScan;
-    numCOL=dcPtr->imageWidth;
+    numCOL=dcPtr->imageWidth > MCUROWSIZE ? MCUROWSIZE : dcPtr->imageWidth;
 
     /*
      * the start of the scan or at the beginning of restart interval.
@@ -504,11 +504,11 @@ void DecodeImage (DecompressInfo *dcPtr,
     int predictor;
     int numCOL, numROW, compsInScan;
     MCU *prevRowBuf, *curRowBuf;
-    int imagewidth, Pt, psv;
+    int Pt, psv;
     unsigned short *image16tmp;
     unsigned char *image8tmp, *image24tmp;
              
-    numCOL      = imagewidth=dcPtr->imageWidth;
+    numCOL      = dcPtr->imageWidth > MCUROWSIZE ? MCUROWSIZE : 
dcPtr->imageWidth;
     numROW      = dcPtr->imageHeight;
     compsInScan = dcPtr->compsInScan;
     Pt          = dcPtr->Pt;
diff -uriNp xmedcon-0.9.9.3-orig/libs/ljpg/jpegutil.c 
xmedcon-0.9.9.3/libs/ljpg/jpegutil.c
--- xmedcon-0.9.9.3-orig/libs/ljpg/jpegutil.c   2004-08-18 23:38:43.000000000 
+0200
+++ xmedcon-0.9.9.3/libs/ljpg/jpegutil.c        2006-12-05 20:19:37.000000000 
+0100
@@ -19,8 +19,8 @@
  * Enough memory is reserved to accomodate up to 1024-wide images
  * with up to 4 components.
  */
-static char mcuROW1Memory[1024 * sizeof(MCU)];
-static char mcuROW2Memory[1024 * sizeof(MCU)];
+static char mcuROW1Memory[MCUROWSIZE * sizeof(MCU)];
+static char mcuROW2Memory[MCUROWSIZE * sizeof(MCU)];
 static char buf1Memory[1024 * 4 * sizeof(ComponentType)];
 static char buf2Memory[1024 * 4 * sizeof(ComponentType)];
 
diff -uriNp xmedcon-0.9.9.3-orig/libs/ljpg/mcu.h xmedcon-0.9.9.3/libs/ljpg/mcu.h
--- xmedcon-0.9.9.3-orig/libs/ljpg/mcu.h        2004-12-14 23:59:34.000000000 
+0100
+++ xmedcon-0.9.9.3/libs/ljpg/mcu.h     2006-12-05 20:18:39.000000000 +0100
@@ -21,6 +21,8 @@ extern MCU *mcuTable; /* the global mcu 
 extern int numMCU;    /* number of MCUs in mcuTable */
 extern MCU *mcuROW1,*mcuROW2; /* pt to two rows of MCU in encoding & decoding 
*/
 
+#define MCUROWSIZE 1024
+
 /*
  *--------------------------------------------------------------
  *

Reply via email to