From 88c7e30045353977685bb22708cb61ce31b665e1 Mon Sep 17 00:00:00 2001 From: DRC Date: Wed, 28 May 2014 20:28:30 +0000 Subject: [PATCH] Our copyright string is longer than JMSG_LENGTH_MAX, and this was causing a buffer overrun if output_message() was called with msg_code set to JMSG_COPYRIGHT, or if format_message() was called with msg_code set to JMSG_COPYRIGHT and with a buffer of length JMSG_LENGTH_MAX. We can't simply increase JMSG_LENGTH_MAX, because it is part of the libjpeg API, and it is generally assumed that a buffer of this length will be passed to format_message(). Thus, the easiest solution is simply to use a shorter copyright string for JMSG_COPYRIGHT. git-svn-id: svn+ssh://svn.code.sf.net/p/libjpeg-turbo/code/branches/1.2.x@1320 632fc199-4ca6-4c93-a231-07263d6284db --- ChangeLog.txt | 3 +++ jerror.h | 6 ++++-- jversion.h | 2 ++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/ChangeLog.txt b/ChangeLog.txt index 1012b74..ac51cbb 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -33,6 +33,9 @@ if compiler optimization was enabled when libjpeg-turbo was built. This caused the regression tests to fail when doing a release build under Visual C++ 2010 and later. +[9] Fixed a segfault that occurred when calling output_message() with msg_code +set to JMSG_COPYRIGHT. + 1.2.1 ===== diff --git a/jerror.h b/jerror.h index 275086e..ea6ca4e 100644 --- a/jerror.h +++ b/jerror.h @@ -1,9 +1,11 @@ /* * jerror.h * + * This file was part of the Independent JPEG Group's software: * Copyright (C) 1994-1997, Thomas G. Lane. * Modified 1997-2009 by Guido Vollbeding. - * This file is part of the Independent JPEG Group's software. + * libjpeg-turbo Modifications: + * Copyright (C) 2014, D. R. Commander. * For conditions of distribution and use, see the accompanying README file. * * This file defines the error and message codes for the JPEG library. @@ -132,7 +134,7 @@ JMESSAGE(JERR_VIRTUAL_BUG, "Virtual array controller messed up") JMESSAGE(JERR_WIDTH_OVERFLOW, "Image too wide for this implementation") JMESSAGE(JERR_XMS_READ, "Read from XMS failed") JMESSAGE(JERR_XMS_WRITE, "Write to XMS failed") -JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT) +JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT_SHORT) JMESSAGE(JMSG_VERSION, JVERSION) JMESSAGE(JTRC_16BIT_TABLES, "Caution: quantization tables are too coarse for baseline JPEG") diff --git a/jversion.h b/jversion.h index 0e3db28..8d3a5f7 100644 --- a/jversion.h +++ b/jversion.h @@ -30,3 +30,5 @@ "Copyright (C) 2009 Pierre Ossman for Cendio AB\n" \ "Copyright (C) 2009-2014 D. R. Commander\n" \ "Copyright (C) 2009-2011 Nokia Corporation and/or its subsidiary(-ies)" + +#define JCOPYRIGHT_SHORT "Copyright (C) 1991-2014 The libjpeg-turbo Project and many others" -- 2.40.0