/* TODO MSD : check why this function cannot fail (cf. v1) */
opj_pi_create_encode(l_pi, l_cp,p_tile_no,poc,l_tp_num,p_tp_pos,p_t2_mode);
+ if (l_current_pi->poc.prg == OPJ_PROG_UNKNOWN) {
+ /* TODO ADE : add an error */
+ opj_pi_destroy(l_pi, l_nb_pocs);
+ return OPJ_FALSE;
+ }
while (opj_pi_next(l_current_pi)) {
if (l_current_pi->layno < p_maxlayers) {
l_nb_bytes = 0;
opj_pi_create_encode(l_pi, l_cp,p_tile_no,p_pino,p_tp_num,p_tp_pos,p_t2_mode);
l_current_pi = &l_pi[p_pino];
-
+ if (l_current_pi->poc.prg == OPJ_PROG_UNKNOWN) {
+ /* TODO ADE : add an error */
+ opj_pi_destroy(l_pi, l_nb_pocs);
+ return OPJ_FALSE;
+ }
while (opj_pi_next(l_current_pi)) {
if (l_current_pi->layno < p_maxlayers) {
l_nb_bytes=0;
* l_current_pi->resno is always >= p_tile->comps[l_current_pi->compno].minimum_num_resolutions
* and no l_img_comp->resno_decoded are computed
*/
- OPJ_BOOL* first_pass_failed = (OPJ_BOOL*)opj_malloc(l_image->numcomps * sizeof(OPJ_BOOL));
+ OPJ_BOOL* first_pass_failed = NULL;
+
+ if (l_current_pi->poc.prg == OPJ_PROG_UNKNOWN) {
+ /* TODO ADE : add an error */
+ opj_pi_destroy(l_pi, l_nb_pocs);
+ return OPJ_FALSE;
+ }
+
+ first_pass_failed = (OPJ_BOOL*)opj_malloc(l_image->numcomps * sizeof(OPJ_BOOL));
if (!first_pass_failed)
{
opj_pi_destroy(l_pi,l_nb_pocs);
if (p_tcp->csty & J2K_CP_CSTY_SOP) {
if (p_max_length < 6) {
/* TODO opj_event_msg(p_t2->cinfo->event_mgr, EVT_WARNING, "Not enough space for expected SOP marker\n"); */
- printf("Not enough space for expected SOP marker\n");
+ fprintf(stderr, "Not enough space for expected SOP marker\n");
} else if ((*l_current_data) != 0xff || (*(l_current_data + 1) != 0x91)) {
/* TODO opj_event_msg(p_t2->cinfo->event_mgr, EVT_WARNING, "Expected SOP marker\n"); */
- printf("Expected SOP marker\n");
- fprintf(stderr, "Error : expected SOP marker\n");
+ fprintf(stderr, "Warning: expected SOP marker\n");
} else {
l_current_data += 6;
}
/* EPH markers */
if (p_tcp->csty & J2K_CP_CSTY_EPH) {
- if (p_max_length < 2) {
+ if ((*l_modified_length_ptr - (OPJ_UINT32)(l_header_data - *l_header_data_start)) < 2U) {
fprintf(stderr, "Not enough space for expected EPH marker\n");
} else if ((*l_header_data) != 0xff || (*(l_header_data + 1) != 0x92)) {
fprintf(stderr, "Error : expected EPH marker\n");
/* EPH markers */
if (p_tcp->csty & J2K_CP_CSTY_EPH) {
- if (p_max_length < 2) {
+ if ((*l_modified_length_ptr - (OPJ_UINT32)(l_header_data - *l_header_data_start)) < 2U) {
fprintf(stderr, "Not enough space for expected EPH marker\n");
} else if ((*l_header_data) != 0xff || (*(l_header_data + 1) != 0x92)) {
/* TODO opj_event_msg(t2->cinfo->event_mgr, EVT_ERROR, "Expected EPH marker\n"); */
do {
/* Check possible overflow (on l_current_data only, assumes input args already checked) then size */
- if (((OPJ_SIZE_T)(l_current_data + l_seg->newlen) < (OPJ_SIZE_T)l_current_data) || (l_current_data + l_seg->newlen > p_src_data + p_max_length)) {
+ if ((((OPJ_SIZE_T)l_current_data + (OPJ_SIZE_T)l_seg->newlen) < (OPJ_SIZE_T)l_current_data) || (l_current_data + l_seg->newlen > p_src_data + p_max_length)) {
fprintf(stderr, "read: segment too long (%d) with max (%d) for codeblock %d (p=%d, b=%d, r=%d, c=%d)\n",
l_seg->newlen, p_max_length, cblkno, p_pi->precno, bandno, p_pi->resno, p_pi->compno);
return OPJ_FALSE;
};
#endif /* USE_JPWL */
+ /* Check possible overflow on size */
+ if ((l_cblk->data_current_size + l_seg->newlen) < l_cblk->data_current_size) {
+ fprintf(stderr, "read: segment too long (%d) with current size (%d > %d) for codeblock %d (p=%d, b=%d, r=%d, c=%d)\n",
+ l_seg->newlen, l_cblk->data_current_size, 0xFFFFFFFF - l_seg->newlen, cblkno, p_pi->precno, bandno, p_pi->resno, p_pi->compno);
+ return OPJ_FALSE;
+ }
/* Check if the cblk->data have allocated enough memory */
if ((l_cblk->data_current_size + l_seg->newlen) > l_cblk->data_max_size) {
OPJ_BYTE* new_cblk_data = (OPJ_BYTE*) opj_realloc(l_cblk->data, l_cblk->data_current_size + l_seg->newlen);
*(p_data_read) = (OPJ_UINT32)(l_current_data - p_src_data);
+
return OPJ_TRUE;
}
}
do {
- if (* p_data_read + l_seg->newlen > p_max_length) {
+ /* Check possible overflow then size */
+ if (((*p_data_read + l_seg->newlen) < (*p_data_read)) || ((*p_data_read + l_seg->newlen) > p_max_length)) {
fprintf(stderr, "skip: segment too long (%d) with max (%d) for codeblock %d (p=%d, b=%d, r=%d, c=%d)\n",
l_seg->newlen, p_max_length, cblkno, p_pi->precno, bandno, p_pi->resno, p_pi->compno);
return OPJ_FALSE;