Skip to content

Commit

Permalink
Fix an integer overflow issue (#809)
Browse files Browse the repository at this point in the history 
Prevent an integer overflow issue in function opj_pi_create_decode of
pi.c.
  • Loading branch information
@trylab @mayeut
trylab authored and mayeut committed Sep 6, 2016
1 parent ea320da commit c16bc05
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion src/lib/openjp2/pi.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1237,7 +1237,13 @@ opj_pi_iterator_t *opj_pi_create_decode(opj_image_t *p_image,
l_current_pi = l_pi;

/* memory allocation for include */
l_current_pi->include = (OPJ_INT16*) opj_calloc((l_tcp->numlayers +1) * l_step_l, sizeof(OPJ_INT16));
/* prevent an integer overflow issue */
l_current_pi->include = 00;
if (l_step_l <= (SIZE_MAX / (l_tcp->numlayers + 1U)))
{
l_current_pi->include = (OPJ_INT16*) opj_calloc((l_tcp->numlayers +1) * l_step_l, sizeof(OPJ_INT16));
}

if
(!l_current_pi->include)
{
Expand Down

0 comments on commit c16bc05

Please sign in to comment.