Context Navigation

Back to Ticket #12207

Ticket #12207: 0001-12207-fix-an-infinite-loop-on-reading-a-larger-file-.patch

File 0001-12207-fix-an-infinite-loop-on-reading-a-larger-file-.patch, 1.6 KB (added by apl-haiku, 9 years ago)

src/tools/hvif2png/hvif2png.cpp

From 875953a0d7837e04a075729fca56451622f2127e Mon Sep 17 00:00:00 2001
From: Andrew Lindesay <apl@lindesay.co.nz>
Date: Sat, 18 Jul 2015 23:31:07 +1200
Subject: [PATCH] 12207 - fix an infinite loop on reading a larger file and
 check hvif magic number

---
 src/tools/hvif2png/hvif2png.cpp | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/tools/hvif2png/hvif2png.cpp b/src/tools/hvif2png/hvif2png.cpp
index 70135bc..6159b2d 100644

a	b
31	31	#define SIZE_HVIF_BUFFER_STEP 1024
32	32
33	33
	34	static const uint8 kHvifMagic[] = { 'n', 'c', 'i', 'f' };
	35
	36
34	37	typedef struct h2p_hvif_buffer {
35	38	uint8* buffer;
36	39	size_t used;
…	…	h2p_read_hvif_input(h2p_hvif_buffer result, FILE* in)*
195	198	fprintf(stderr,"out of memory\n");
196	199	return 0;
197	200	}
	201
	202	result->allocated += SIZE_HVIF_BUFFER_STEP;
198	203	}
199	204
200	205	result->used += fread(&result->buffer[result->used], sizeof(uint8),
…	…	h2p_read_hvif_input(h2p_hvif_buffer result, FILE* in)*
208	213	}
209	214	}
210	215
	216	if (result->used < 4) {
	217	fprintf(stderr, "the hvif data is too small to visably be valid\n");
	218	return 0;
	219	}
	220
	221
	222	// hvif files have a magic string of "ncif" so we should check for that as
	223	// well.
	224
	225	if (memcmp(result->buffer, kHvifMagic, 4) != 0) {
	226	fprintf(stderr, "the input data does not look like hvif because the"
	227	" magic string is not 'ncif'; %d, %d, %d, %d\n",
	228	result->buffer[0], result->buffer[1], result->buffer[2],
	229	result->buffer[3]);
	230	return 0;
	231	}
	232
211	233	return result->used;
212	234	}
213	235

Download in other formats:

Original Format