GNOME Bugzilla – Bug 778943
Various miscellaneous bounds checking fixes
Last modified: 2018-05-22 13:22:44 UTC
None of these fix any real bugs — they’re all to pacify the static analyser, or are in tests or utilities. Still, they can’t hurt.
Created attachment 346242 [details] [review] io-ico: Add an assertion to clarify buffer management The code is correct (the line buffer is set when DecodeHeader() returns successfully with a non-zero-length line), but that’s not at all obvious from the code, and is tripping Coverity up. Add an assertion to make it clearer. Coverity ID: 1400057
Created attachment 346243 [details] [review] timescale: Check bounds of command line dimension arguments This is only a test utility, but in order to shut Coverity up we might as well add appropriate bounds checking to its command line width and height arguments. Coverity IDs: 1388527, 1388541, 1388542
Created attachment 346244 [details] [review] tests: Add some assertions to check for zero-dimensioned images This could happen if something in the test fails, so this allows early diagnosis of problems. It also hints to Coverity that the loops which follow can’t run (almost) infinitely due to the loop bounds being inverted. Coverity IDs: 1391987, 1399712
Ping?
Review of attachment 346242 [details] [review]: Looks good.
Review of attachment 346243 [details] [review]: This should probably be rewritten to use the calculate_rowstride instead, right?
Review of attachment 346244 [details] [review]: Sure.
Attachment 346242 [details] pushed as 48accc7 - io-ico: Add an assertion to clarify buffer management Attachment 346244 [details] pushed as 861a6db - tests: Add some assertions to check for zero-dimensioned images
(In reply to Bastien Nocera from comment #6) > Review of attachment 346243 [details] [review] [review]: > > This should probably be rewritten to use the calculate_rowstride instead, > right? Looking at it, the calculations here are slightly different to the ones in calculate_rowstride() wrt has_alpha vs (src_index == 0). I’m not sure how to reconcile them, and would rather just push this patch than try and work out what’s going on. This patch is correct wrt the existing code in timescale.c, and its checks are happening sufficiently early on that we’re not allocating GBs of memory for incorrect parameters before checking them.
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gdk-pixbuf/issues/63.