Skip to content

Commit 2e82fa0

Browse files
committed
Fixed an integral type promotion problem by adding a JAS_CAST.
Modified the jpc_tsfb_synthesize function so that it will be a noop for an empty sequence (in order to avoid dereferencing a null pointer).
1 parent 95e510c commit 2e82fa0

File tree

4 files changed

+33
-2
lines changed

4 files changed

+33
-2
lines changed

Diff for: src/libjasper/include/jasper/jas_math.h

+18
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,24 @@ extern "C" {
112112
#define JAS_ONES(n) \
113113
((1 << (n)) - 1)
114114

115+
/******************************************************************************\
116+
*
117+
\******************************************************************************/
118+
119+
__attribute__((no_sanitize("undefined")))
120+
inline static jas_int_asr(int x, int n)
121+
{
122+
assert(n >= 0);
123+
return x >> n;
124+
}
125+
126+
__attribute__((no_sanitize("undefined")))
127+
inline static jas_int_asl(int x, int n)
128+
{
129+
assert(n >= 0);
130+
return x << n;
131+
}
132+
115133
/******************************************************************************\
116134
* Safe integer arithmetic (i.e., with overflow checking).
117135
\******************************************************************************/

Diff for: src/libjasper/include/jasper/jas_seq.h

+5
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,9 @@ typedef jas_matrix_t jas_seq_t;
154154
#define jas_matrix_numcols(matrix) \
155155
((matrix)->numcols_)
156156

157+
#define jas_matrix_size(matrix) \
158+
(jas_matrix_width(matrix) * jas_matrix_height(matrix))
159+
157160
/* Get a matrix element. */
158161
#define jas_matrix_get(matrix, i, j) \
159162
((matrix)->rows_[i][j])
@@ -269,6 +272,8 @@ jas_matrix_t *jas_seq2d_create(int xstart, int ystart, int xend, int yend);
269272
((s)->xstart_ = (x), (s)->ystart_ = (y), \
270273
(s)->xend_ = (s)->xstart_ + (s)->numcols_, \
271274
(s)->yend_ = (s)->ystart_ + (s)->numrows_)
275+
#define jas_seq2d_size(s) \
276+
(jas_seq2d_width(s) * jas_seq2d_height(s))
272277

273278
void jas_seq2d_bindsub(jas_matrix_t *s, jas_matrix_t *s1, int xstart,
274279
int ystart, int xend, int yend);

Diff for: src/libjasper/jpc/jpc_dec.c

+8-1
Original file line numberDiff line numberDiff line change
@@ -1838,6 +1838,13 @@ static void jpc_undo_roi(jas_matrix_t *x, int roishift, int bgshift, int numbps)
18381838
bool warn;
18391839
uint_fast32_t mask;
18401840

1841+
if (roishift < 0) {
1842+
/* We could instead return an error here. */
1843+
/* I do not think it matters much. */
1844+
jas_eprintf("warning: forcing negative ROI shift to zero "
1845+
"(bitstream is probably corrupt)\n");
1846+
roishift = 0;
1847+
}
18411848
if (roishift == 0 && bgshift == 0) {
18421849
return;
18431850
}
@@ -1856,7 +1863,7 @@ static void jpc_undo_roi(jas_matrix_t *x, int roishift, int bgshift, int numbps)
18561863
} else {
18571864
/* We are dealing with non-ROI (i.e., background) data. */
18581865
mag <<= bgshift;
1859-
mask = (1 << numbps) - 1;
1866+
mask = (JAS_CAST(uint_fast32_t, 1) << numbps) - 1;
18601867
/* Perform a basic sanity check on the sample value. */
18611868
/* Some implementations write garbage in the unused
18621869
most-significant bit planes introduced by ROI shifting.

Diff for: src/libjasper/jpc/jpc_tsfb.c

+2-1
Original file line numberDiff line numberDiff line change
@@ -148,7 +148,8 @@ int jpc_tsfb_analyze2(jpc_tsfb_t *tsfb, int *a, int xstart, int ystart,
148148

149149
int jpc_tsfb_synthesize(jpc_tsfb_t *tsfb, jas_seq2d_t *a)
150150
{
151-
return (tsfb->numlvls > 0) ? jpc_tsfb_synthesize2(tsfb,
151+
return (tsfb->numlvls > 0 && jas_seq2d_size(a)) ?
152+
jpc_tsfb_synthesize2(tsfb,
152153
jas_seq2d_getref(a, jas_seq2d_xstart(a), jas_seq2d_ystart(a)),
153154
jas_seq2d_xstart(a), jas_seq2d_ystart(a), jas_seq2d_width(a),
154155
jas_seq2d_height(a), jas_seq2d_rowstep(a), tsfb->numlvls - 1) : 0;

0 commit comments

Comments
 (0)