@@ -251,13 +251,16 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
251251 if (!(box = jas_malloc (sizeof (jp2_box_t )))) {
252252 goto error ;
253253 }
254+
255+ // Mark the box data as never having been constructed
256+ // so that we will not errantly attempt to destroy it later.
254257 box -> ops = & jp2_boxinfo_unk .ops ;
258+
255259 if (jp2_getuint32 (in , & len ) || jp2_getuint32 (in , & box -> type )) {
256260 goto error ;
257261 }
258262 boxinfo = jp2_boxinfolookup (box -> type );
259263 box -> info = boxinfo ;
260- box -> ops = & boxinfo -> ops ;
261264 box -> len = len ;
262265 JAS_DBGLOG (10 , (
263266 "preliminary processing of JP2 box: type=%c%s%c (0x%08x); length=%d\n" ,
@@ -287,14 +290,15 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
287290 goto error ;
288291 }
289292 if (jas_stream_copy (tmpstream , in , box -> datalen )) {
290- // Mark the box data as never having been constructed
291- // so that we will not errantly attempt to destroy it later.
292- box -> ops = & jp2_boxinfo_unk .ops ;
293293 jas_eprintf ("cannot copy box data\n" );
294294 goto error ;
295295 }
296296 jas_stream_rewind (tmpstream );
297297
298+ // From here onwards, the box data will need to be destroyed.
299+ // So, initialize the box operations.
300+ box -> ops = & boxinfo -> ops ;
301+
298302 if (box -> ops -> getdata ) {
299303 if ((* box -> ops -> getdata )(box , tmpstream )) {
300304 jas_eprintf ("cannot parse box data\n" );
@@ -327,8 +331,8 @@ void jp2_box_dump(jp2_box_t *box, FILE *out)
327331 assert (boxinfo );
328332
329333 fprintf (out , "JP2 box: " );
330- fprintf (out , "type=%c%s%c (0x%08" PRIxFAST32 "); length=%" PRIuFAST32 "\n" , '"' , boxinfo -> name ,
331- '"' , box -> type , box -> len );
334+ fprintf (out , "type=%c%s%c (0x%08" PRIxFAST32 "); length=%" PRIuFAST32 "\n" , '"' ,
335+ boxinfo -> name , '"' , box -> type , box -> len );
332336 if (box -> ops -> dumpdata ) {
333337 (* box -> ops -> dumpdata )(box , out );
334338 }
0 commit comments