You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At the end of the method, when running the intruction
_pTmp =_pTmp<< (8-outbits);
pTmp is pointing a memory position with address pVal+1, that is wrong, because pVal was initialized with memset(pVal, 0, numberOfBytes);
When the caller method (GetUnsigned) try to delete pVal, it crashes.
I have applied a very basic solution to protect this situation:
Dear All
I have found a problem when DataItemBits::getUnsigned calls DataItemBits::getBits with (for example) the next parameteres:
unsigned char* DataItemBits::getBits( [pData], bytes=2, frombit=9, tobit 16)
numberOfBytes has the value 1
At the end of the method, when running the intruction
_pTmp =_pTmp<< (8-outbits);
pTmp is pointing a memory position with address pVal+1, that is wrong, because pVal was initialized with memset(pVal, 0, numberOfBytes);
When the caller method (GetUnsigned) try to delete pVal, it crashes.
I have applied a very basic solution to protect this situation:
if(pVal+numberOfBytes-1>=pTmp)
_pTmp =_pTmp<< (8-outbits);
return pVal;
Thank you very much
Best Regards
Nacho
The text was updated successfully, but these errors were encountered: