TurboJPEG: Avoid dangling pointers

This addresses a minor concern (LJT-01-002) expressed in a security
audit by Cure53.  _tjInitCompress() and _tjInitDecompress() call
(respectively) jpeg_mem_dest_tj() and jpeg_mem_src_tj() with a pointer
to a dummy buffer, in order to set up the destination/source manager.
The dummy buffer should never be used, but it's still better to make it
static so that the pointer in the destination/source manager always
points to a valid region of memory.

diff --git a/turbojpeg.c b/turbojpeg.c
index 6b2c62320cd982eb9d4b2589ace618e23d5bfd16..b20272ae69f21479f5c2a5c070861399a7536d26 100644 (file)
--- a/turbojpeg.c
+++ b/turbojpeg.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C)2009-2015 D. R. Commander.  All Rights Reserved.
+ * Copyright (C)2009-2016 D. R. Commander.  All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -556,7 +556,8 @@ DLLEXPORT unsigned char *DLLCALL tjAlloc(int bytes)
 
 static tjhandle _tjInitCompress(tjinstance *this)
 {
-       unsigned char buffer[1], *buf=buffer;  unsigned long size=1;
+       static unsigned char buffer[1];
+       unsigned char *buf=buffer;  unsigned long size=1;
 
        /* This is also straight out of example.c */
        this->cinfo.err=jpeg_std_error(&this->jerr.pub);
@@ -1213,7 +1214,7 @@ DLLEXPORT int DLLCALL tjCompressFromYUV(tjhandle handle, unsigned char *srcBuf,
 
 static tjhandle _tjInitDecompress(tjinstance *this)
 {
-       unsigned char buffer[1];
+       static unsigned char buffer[1];
 
        /* This is also straight out of example.c */
        this->dinfo.err=jpeg_std_error(&this->jerr.pub);