Description
Here is the bug:
1248 else {
1249 /* Its a code to needed to be traced: trace the linked list /
1250 / until the prefix is a pixel, while pushing the suffix /
1251 / pixels on our stack. If we done, pop the stack in reverse /
1252 / (thats what stack is good for!) order to output. */
1253 if (Prefix[CrntCode] == NO_SUCH_CODE) {
in line 1253 , CrntCode should be checked cause Prefix is a array which has LZ_MAX_CODE (4096) size:
unsigned int Prefix[LZ_MAX_CODE+1];
The crash appears as follows:
(gdb) run crash000002 1.pdf
Program received signal SIGSEGV, Segmentation fault.
0x0000000000412159 in DGifDecompressLine (Line=0x7ffff7f74010 "", LineLen=486109, GifFile=0x691740) at cgif.c:1253
1253 if (Prefix[CrntCode] == NO_SUCH_CODE) {
(gdb) bt
#0 0x0000000000412159 in DGifDecompressLine (Line=0x7ffff7f74010 "", LineLen=486109, GifFile=0x691740) at cgif.c:1253
#1 0x00000000004132eb in CGIF::DGifGetLine (GifFile=0x691740, Line=, LineLen=) at cgif.c:939
#2 0x00000000004136ba in CGIF::DGifSlurp (GifFile=GifFile@entry=0x691740) at cgif.c:1508
#3 0x000000000041391d in in_gif_reader (ufd=) at in_gif.cpp:48
#4 0x000000000042fca8 in Image::load (ufd0=0x66a010, loadHints=..., format=format@entry=0x0) at image.cpp:1428
#5 0x0000000000401eb0 in run_sam2p_engine (sout=..., serr=..., argv1=, helpp=helpp@entry=false) at sam2p_main.cpp:1055
#6 0x00000000004014d0 in main (argv=0x7fffffffe5c8) at sam2p_main.cpp:1148
(gdb) p CrntCode
$1 = 1936269427
(gdb)