Skip to content

Commit

Permalink
Just allocate 20 bytes extra at the end of a section. Otherwise, we end
Browse files Browse the repository at this point in the history
up with a whole lot of little checks for structures that the file says
are there but are unexpectedly cut off in fuzz tests
  • Loading branch information
Matthias-Wandel committed Oct 23, 2020
1 parent de444f5 commit 5186ddc
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions jpgfile.c
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,10 @@ int ReadJpegSections (FILE * infile, ReadMode_t ReadMode)

Sections[SectionsRead].Size = itemlen;

Data = (uchar *)malloc(itemlen);
// Allocate an extra 20 bytes more than needed, because sometimes when reading structures,
// if the section erroneously ends before short structures that should be there, that can trip
// memory checkers in combination with fuzzers.
Data = (uchar *)malloc(itemlen+20);
if (Data == NULL){
ErrFatal("Could not allocate memory");
}
Expand Down Expand Up @@ -476,7 +479,7 @@ int ReplaceThumbnail(const char * ThumbFileName)
return FALSE;
}

ThumbLen = 0;
ThumbLen = 0;
ThumbnailFile = NULL;
}

Expand Down

0 comments on commit 5186ddc

Please sign in to comment.