rpms/jasper
7
0
Fork 0
Code Issues Pull Requests Releases Activity
f9ae9f5e6d
jasper/jasper-1.900.1-Coverity-CHECKED_RETURN.patch
Jiri Popelka c73923e32e CVE-2011-4516, CVE-2011-4517, CERT VU#887409 (#765660) 
Fixed problems found by static analysis of code (#761440)
2011-12-09 12:44:44 +01:00

142 lines
5.8 KiB
Diff
Raw Blame History

Error: CHECKED_RETURN
jpc/jpc_cs.c:924: check_return: Calling function "jpc_putuint16" without checking return value (as is done elsewhere 11 out of 13 times).
jpc/jpc_cs.c:924: unchecked_value: No check of the return value of "jpc_putuint16(out, qcc->compno)".
jpc/jpc_cs.c:1021: check_return: Calling function "jpc_putuint16" without checking return value (as is done elsewhere 11 out of 13 times).
jpc/jpc_cs.c:1021: unchecked_value: No check of the return value of "jpc_putuint16(out, compparms->stepsizes[i])".
jpc/jpc_cs.c:994: check_return: Calling function "jpc_getuint16" without checking return value (as is done elsewhere 14 out of 16 times).
jpc/jpc_cs.c:994: unchecked_value: No check of the return value of "jpc_getuint16(in, compparms->stepsizes + i)".
jpc/jpc_cs.c:905: check_return: Calling function "jpc_getuint16" without checking return value (as is done elsewhere 14 out of 16 times).
jpc/jpc_cs.c:905: unchecked_value: No check of the return value of "jpc_getuint16(in, &qcc->compno)".
jpc/jpc_cs.c:969: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times).
jpc/jpc_cs.c:969: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)".
jpc/jpc_cs.c:991: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times).
jpc/jpc_cs.c:991: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)".
jpc/jpc_cs.c:901: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times).
jpc/jpc_cs.c:901: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)".
jpc/jpc_t2enc.c:338: check_return: Calling function "jpc_putms" without checking return value (as is done elsewhere 12 out of 13 times).
jpc/jpc_t2enc.c:338: unchecked_value: No check of the return value of "jpc_putms(out, enc->cstate, ms)".
ras/ras_enc.c:245: check_return: Calling function "jas_image_readcmpt" without checking return value (as is done elsewhere 9 out of 10 times).
ras/ras_enc.c:245: unchecked_value: No check of the return value of "jas_image_readcmpt(image, cmpts[i], 0L, y, image->brx_ - image->tlx_, 1L, data[i])".
diff -up jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.checked_return jasper-1.900.1/src/libjasper/jpc/jpc_cs.c
--- jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.checked_return 2007-01-19 22:43:07.000000000 +0100
+++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2011-06-24 13:52:25.636551844 +0200
@@ -898,11 +898,15 @@ static int jpc_qcc_getparms(jpc_ms_t *ms
int len;
len = ms->len;
if (cstate->numcomps <= 256) {
- jpc_getuint8(in, &tmp);
+ if (jpc_getuint8(in, &tmp)) {
+ return -1;
+ }
qcc->compno = tmp;
--len;
} else {
- jpc_getuint16(in, &qcc->compno);
+ if (jpc_getuint16(in, &qcc->compno)) {
+ return -1;
+ }
len -= 2;
}
if (jpc_qcx_getcompparms(&qcc->compparms, cstate, in, len)) {
@@ -919,9 +923,13 @@ static int jpc_qcc_putparms(jpc_ms_t *ms
{
jpc_qcc_t *qcc = &ms->parms.qcc;
if (cstate->numcomps <= 256) {
- jpc_putuint8(out, qcc->compno);
+ if (jpc_putuint8(out, qcc->compno)) {
+ return -1;
+ }
} else {
- jpc_putuint16(out, qcc->compno);
+ if (jpc_putuint16(out, qcc->compno)) {
+ return -1;
+ }
}
if (jpc_qcx_putcompparms(&qcc->compparms, cstate, out)) {
return -1;
@@ -966,7 +974,9 @@ static int jpc_qcx_getcompparms(jpc_qcxc
cstate = 0;
n = 0;
- jpc_getuint8(in, &tmp);
+ if (jpc_getuint8(in, &tmp)) {
+ return -1;
+ }
++n;
compparms->qntsty = tmp & 0x1f;
compparms->numguard = (tmp >> 5) & 7;
@@ -988,10 +998,14 @@ static int jpc_qcx_getcompparms(jpc_qcxc
assert(compparms->stepsizes);
for (i = 0; i < compparms->numstepsizes; ++i) {
if (compparms->qntsty == JPC_QCX_NOQNT) {
- jpc_getuint8(in, &tmp);
+ if (jpc_getuint8(in, &tmp)) {
+ return -1;
+ }
compparms->stepsizes[i] = JPC_QCX_EXPN(tmp >> 3);
} else {
- jpc_getuint16(in, &compparms->stepsizes[i]);
+ if (jpc_getuint16(in, &compparms->stepsizes[i])) {
+ return -1;
+ }
}
}
} else {
@@ -1015,10 +1029,14 @@ static int jpc_qcx_putcompparms(jpc_qcxc
jpc_putuint8(out, ((compparms->numguard & 7) << 5) | compparms->qntsty);
for (i = 0; i < compparms->numstepsizes; ++i) {
if (compparms->qntsty == JPC_QCX_NOQNT) {
- jpc_putuint8(out, JPC_QCX_GETEXPN(
- compparms->stepsizes[i]) << 3);
+ if (jpc_putuint8(out, JPC_QCX_GETEXPN(
+ compparms->stepsizes[i]) << 3)) {
+ return -1;
+ }
} else {
- jpc_putuint16(out, compparms->stepsizes[i]);
+ if (jpc_putuint16(out, compparms->stepsizes[i])) {
+ return -1;
+ }
}
}
return 0;
diff -up jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c.checked_return jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c
--- jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c.checked_return 2007-01-19 22:43:07.000000000 +0100
+++ jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c 2011-06-24 12:29:32.069578992 +0200
@@ -335,7 +335,9 @@ assert(jpc_firstone(datalen) < cblk->num
if (!(ms = jpc_ms_create(JPC_MS_EPH))) {
return -1;
}
- jpc_putms(out, enc->cstate, ms);
+ if (jpc_putms(out, enc->cstate, ms)) {
+ return -1;
+ }
jpc_ms_destroy(ms);
}
diff -up jasper-1.900.1/src/libjasper/ras/ras_enc.c.checked_return jasper-1.900.1/src/libjasper/ras/ras_enc.c
--- jasper-1.900.1/src/libjasper/ras/ras_enc.c.checked_return 2007-01-19 22:43:04.000000000 +0100
+++ jasper-1.900.1/src/libjasper/ras/ras_enc.c 2011-06-24 14:05:31.233482612 +0200
@@ -242,8 +242,10 @@ static int ras_putdatastd(jas_stream_t *
for (y = 0; y < hdr->height; y++) {
for (i = 0; i < numcmpts; ++i) {
- jas_image_readcmpt(image, cmpts[i], 0, y, jas_image_width(image),
- 1, data[i]);
+ if (jas_image_readcmpt(image, cmpts[i], 0, y,
+ jas_image_width(image), 1, data[i])) {
+ return -1;
+ }
}
z = 0;
nz = 0;
Reference in New Issue View Git Blame Copy Permalink