ref: 63e0436a711c59f7fae6cfd721b90428ae19a7b3
parent: 45f462f813cfef6be8f6755ebe02e8744222b3b1
author: Ralph Giles <giles@ghostscript.com>
date: Mon Mar 30 14:17:55 EDT 2009
Dynamically allocate and initialize the huffman symbol length histogram. Previously we allocated it on the stack, but it's quite large (256K) and we were assuming it was initialized to zero. Issue flagged by Coverity.
--- a/jbig2_huffman.c
+++ b/jbig2_huffman.c
@@ -22,6 +22,7 @@
#include "os_types.h"
#include <stdlib.h>
+#include <string.h>
#ifdef JBIG2_DEBUG
#include <stdio.h>
@@ -284,7 +285,7 @@
Jbig2HuffmanTable *
jbig2_build_huffman_table (Jbig2Ctx *ctx, const Jbig2HuffmanParams *params)
{- int LENCOUNT[1 << LOG_TABLE_SIZE_MAX];
+ int *LENCOUNT;
int LENMAX = -1;
const Jbig2HuffmanLine *lines = params->lines;
int n_lines = params->n_lines;
@@ -298,6 +299,15 @@
int CURCODE;
int CURTEMP;
+ LENCOUNT = jbig2_alloc(ctx->allocator,
+ sizeof(*LENCOUNT)*(1 << LOG_TABLE_SIZE_MAX));
+ if (LENCOUNT== NULL) {+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1,
+ "couldn't allocate storage for huffman histogram");
+ return NULL;
+ }
+ memset(LENCOUNT, 0, sizeof(*LENCOUNT)*(1 << LOG_TABLE_SIZE_MAX));
+
/* B.3, 1. */
for (i = 0; i < params->n_lines; i++)
{@@ -353,6 +363,7 @@
end_j, max_j);
jbig2_free(ctx->allocator, result->entries);
jbig2_free(ctx->allocator, result);
+ jbig2_free(ctx->allocator, LENCOUNT);
return NULL;
}
/* todo: build extension tables */
@@ -386,6 +397,8 @@
}
}
}
+
+ jbig2_free(ctx->allocator, LENCOUNT);
return result;
}