Fix potential out-of-bounds read (coverity) (#844)

* query_parser: Fix potential out-of-bounds read (coverity)

CID 1190207 (#1 of 1): Out-of-bounds read (OVERRUN)

Variable i must be checked before testing query_param.box_type.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* jpip_parser: Fix potential out-of-bounds read (coverity)

CID 1190206 (#1 of 1): Out-of-bounds read (OVERRUN)

Variable i must be checked before testing query_param.box_type.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

2 files changed, 2 insertions, 2 deletions

diff --git a/src/lib/openjpip/jpip_parser.c b/src/lib/openjpip/jpip_parser.c
index d44c84c8..db0408e6 100644
--- a/src/lib/openjpip/jpip_parser.c
+++ b/src/lib/openjpip/jpip_parser.c
@@ -438,7 +438,7 @@ void enqueue_allprecincts( int tile_id, int level, int lastcomp, OPJ_BOOL *comps
 OPJ_BOOL enqueue_metabins( query_param_t query_param, metadatalist_param_t *metadatalist, msgqueue_param_t *msgqueue)
 {
   int i;
-  for( i=0; query_param.box_type[i][0]!=0 && i<MAX_NUMOFBOX; i++){
+  for( i=0; i<MAX_NUMOFBOX && query_param.box_type[i][0]!=0; i++){
     if( query_param.box_type[i][0] == '*'){
       fprintf( FCGI_stdout, "Status: 501\r\n");
       fprintf( FCGI_stdout, "Reason: metareq with all box-property * not implemented\r\n");
diff --git a/src/lib/openjpip/query_parser.c b/src/lib/openjpip/query_parser.c
index 9e69ebd4..8f07fa61 100644
--- a/src/lib/openjpip/query_parser.c
+++ b/src/lib/openjpip/query_parser.c
@@ -264,7 +264,7 @@ void print_queryparam( query_param_t query_param)
   }
 
   fprintf( logstream, "\t req-box-prop\n");
-  for( i=0; query_param.box_type[i][0]!=0 && i<MAX_NUMOFBOX; i++){
+  for( i=0; i<MAX_NUMOFBOX && query_param.box_type[i][0]!=0; i++){
     fprintf( logstream, "\t\t box_type: %.4s limit: %d w:%d s:%d g:%d a:%d priority:%d\n", query_param.box_type[i], query_param.limit[i], query_param.w[i], query_param.s[i], query_param.g[i], query_param.a[i], query_param.priority[i]);
   }