shithub: jbig2

Download patch

ref: dcf7801f015dbbb44c82b57167e57207765abff3
parent: fe55e5eb9f7aaf06296617d824245581e99f8fd8
author: Robin Watts <[email protected]>
date: Wed Dec 11 14:02:39 EST 2013

Bug 694124: Shailesh Mistry's patch for valgrind problems.

Detect zero sized symbol dictionary and exit neatly. Avoids overreads.

--- a/jbig2_symbol_dict.c
+++ b/jbig2_symbol_dict.c
@@ -1049,9 +1049,19 @@
   params.SDNUMNEWSYMS = jbig2_get_uint32(segment_data + offset + 4);
   offset += 8;
 
-  jbig2_error(ctx, JBIG2_SEVERITY_INFO, segment->number,
-	      "symbol dictionary, flags=%04x, %u exported syms, %u new syms",
-	      flags, params.SDNUMEXSYMS, params.SDNUMNEWSYMS);
+  if (params.SDNUMEXSYMS == 0 || params.SDNUMNEWSYMS == 0)
+  {
+    jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number,
+      "empty symbol dictionary, flags=%04x, %u exported syms, %u new syms",
+      flags, params.SDNUMEXSYMS, params.SDNUMNEWSYMS);
+    goto cleanup;
+  }
+  else
+  {
+    jbig2_error(ctx, JBIG2_SEVERITY_INFO, segment->number,
+      "symbol dictionary, flags=%04x, %u exported syms, %u new syms",
+      flags, params.SDNUMEXSYMS, params.SDNUMNEWSYMS);
+  }
 
   /* 7.4.2.2 (2) */
   {