diff options
| author | Stefan Weil <sw@weilnetz.de> | 2018-10-31 20:44:30 +0100 |
|---|---|---|
| committer | Even Rouault <even.rouault@mines-paris.org> | 2018-10-31 20:44:30 +0100 |
| commit | 948332e6ed17565100d1df5f6fdbf66865218e36 (patch) | |
| tree | 8e38306366e69eef4da8827372d00cf2280ee55c /src/bin | |
| parent | e52909f4c7896c5efff3340d707c12d0df55d3f9 (diff) | |
Fix some potential overflow issues (#1161)
* Fix some potential overflow issues
Put sizeof to the beginning of the multiplication to enforce that
size_t instead of smaller integer types is used for the calculation.
This fixes warnings from LGTM:
Multiplication result may overflow 'unsigned int'
before it is converted to 'unsigned long'.
It also allows removing some type casts.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Fix code indentation
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Diffstat (limited to 'src/bin')
| -rw-r--r-- | src/bin/jp2/convertbmp.c | 2 | ||||
| -rw-r--r-- | src/bin/jp2/converttif.c | 6 | ||||
| -rw-r--r-- | src/bin/jp2/opj_compress.c | 2 | ||||
| -rw-r--r-- | src/bin/jp2/opj_decompress.c | 15 |
4 files changed, 12 insertions, 13 deletions
diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c index 7fde99ab..85a47fea 100644 --- a/src/bin/jp2/convertbmp.c +++ b/src/bin/jp2/convertbmp.c @@ -763,7 +763,7 @@ opj_image_t* bmptoimage(const char *filename, opj_cparameters_t *parameters) fclose(IN); return NULL; } - pData = (OPJ_UINT8 *) calloc(1, stride * Info_h.biHeight * sizeof(OPJ_UINT8)); + pData = (OPJ_UINT8 *) calloc(1, sizeof(OPJ_UINT8) * stride * Info_h.biHeight); if (pData == NULL) { fclose(IN); return NULL; diff --git a/src/bin/jp2/converttif.c b/src/bin/jp2/converttif.c index 6e5c4f40..6714d69c 100644 --- a/src/bin/jp2/converttif.c +++ b/src/bin/jp2/converttif.c @@ -725,8 +725,7 @@ int imagetotif(opj_image_t * image, const char *outfile) TIFFClose(tif); return 1; } - buffer32s = (OPJ_INT32 *)malloc((OPJ_SIZE_T)(width * numcomps * sizeof( - OPJ_INT32))); + buffer32s = (OPJ_INT32 *)malloc(sizeof(OPJ_INT32) * width * numcomps); if (buffer32s == NULL) { _TIFFfree(buf); TIFFClose(tif); @@ -1447,8 +1446,7 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters) } rowStride = (int64_t)((tiWidth * tiSpp * tiBps + 7U) / 8U); - buffer32s = (OPJ_INT32 *)malloc((OPJ_SIZE_T)(tiWidth * tiSpp * sizeof( - OPJ_INT32))); + buffer32s = (OPJ_INT32 *)malloc(sizeof(OPJ_INT32) * tiWidth * tiSpp); if (buffer32s == NULL) { _TIFFfree(buf); TIFFClose(tif); diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c index 2cc2970f..148bf951 100644 --- a/src/bin/jp2/opj_compress.c +++ b/src/bin/jp2/opj_compress.c @@ -824,7 +824,7 @@ static int parse_cmdline_encoder(int argc, char **argv, parameters->tcp_numlayers = (int)numlayers; numresolution = (OPJ_UINT32)parameters->numresolution; matrix_width = numresolution * 3; - parameters->cp_matrice = (int *) malloc(numlayers * matrix_width * sizeof(int)); + parameters->cp_matrice = (int *) malloc(sizeof(int) * numlayers * matrix_width); if (parameters->cp_matrice == NULL) { return 1; } diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c index a28a194b..4b9583b7 100644 --- a/src/bin/jp2/opj_decompress.c +++ b/src/bin/jp2/opj_decompress.c @@ -1119,11 +1119,11 @@ static opj_image_t* convert_gray_to_rgb(opj_image_t* original) l_new_image->comps[2].resno_decoded = original->comps[0].resno_decoded; memcpy(l_new_image->comps[0].data, original->comps[0].data, - original->comps[0].w * original->comps[0].h * sizeof(OPJ_INT32)); + sizeof(OPJ_INT32) * original->comps[0].w * original->comps[0].h); memcpy(l_new_image->comps[1].data, original->comps[0].data, - original->comps[0].w * original->comps[0].h * sizeof(OPJ_INT32)); + sizeof(OPJ_INT32) * original->comps[0].w * original->comps[0].h); memcpy(l_new_image->comps[2].data, original->comps[0].data, - original->comps[0].w * original->comps[0].h * sizeof(OPJ_INT32)); + sizeof(OPJ_INT32) * original->comps[0].w * original->comps[0].h); for (compno = 1U; compno < original->numcomps; ++compno) { l_new_image->comps[compno + 2U].factor = original->comps[compno].factor; @@ -1131,7 +1131,7 @@ static opj_image_t* convert_gray_to_rgb(opj_image_t* original) l_new_image->comps[compno + 2U].resno_decoded = original->comps[compno].resno_decoded; memcpy(l_new_image->comps[compno + 2U].data, original->comps[compno].data, - original->comps[compno].w * original->comps[compno].h * sizeof(OPJ_INT32)); + sizeof(OPJ_INT32) * original->comps[compno].w * original->comps[compno].h); } opj_image_destroy(original); return l_new_image; @@ -1301,7 +1301,7 @@ static opj_image_t* upsample_image_components(opj_image_t* original) } } else { memcpy(l_new_cmp->data, l_org_cmp->data, - l_org_cmp->w * l_org_cmp->h * sizeof(OPJ_INT32)); + sizeof(OPJ_INT32) * l_org_cmp->w * l_org_cmp->h); } } opj_image_destroy(original); @@ -1360,8 +1360,9 @@ int main(int argc, char **argv) destroy_parameters(¶meters); return EXIT_FAILURE; } - dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof( - char)); /* Stores at max 10 image file names*/ + /* Stores at max 10 image file names */ + dirptr->filename_buf = (char*)malloc(sizeof(char) * + (size_t)num_images * OPJ_PATH_LEN); if (!dirptr->filename_buf) { failed = 1; goto fin; |