From b2d7df03fb74c2ee501a20b292a51a50a82bd1ce Mon Sep 17 00:00:00 2001 From: Matthew Fernandez Date: Wed, 2 Mar 2022 22:33:39 -0800 Subject: [PATCH] GD plugin: fix: zero I/O contexts on creation MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The GD plugin was creating `gdIOCtx` objects on the stack with some uninitialized members. At time of writing, the GD docs¹ claim this struct’s layout is: typedef struct gdIOCtx { int (*getC)(gdIOCtxPtr); int (*getBuf)(gdIOCtxPtr, void *, int wanted); void (*putC)(gdIOCtxPtr, int); int (*putBuf)(gdIOCtxPtr, const void *, int wanted); // seek must return 1 on SUCCESS, 0 on FAILURE. Unlike fseek! int (*seek)(gdIOCtxPtr, const int); long (*tell)(gdIOCtxPtr); void (*gd_free)(gdIOCtxPtr); } gdIOCtx; So Graphviz’ usage was leaving `getC`, `getBuf`, `seek`, and `gd_free` uninitialized. This seems to work out OK; Graphviz’ usage of libgd apparently does not involve any code paths that use these members. But this does not seem to be an API guarantee. This change zeroes these members for future stability. ¹ https://libgd.github.io/manuals/2.3.3/files/gd_io-h.html#gdIOCtx --- plugin/gd/gvdevice_gd.c | 2 +- plugin/gd/gvrender_gd.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugin/gd/gvdevice_gd.c b/plugin/gd/gvdevice_gd.c index dcb8552aa..94dc392cf 100644 --- a/plugin/gd/gvdevice_gd.c +++ b/plugin/gd/gvdevice_gd.c @@ -46,7 +46,7 @@ static void gd_format(GVJ_t * job) unsigned int *data = (unsigned int*)(job->imagedata); unsigned int width = job->width; unsigned int height = job->height; - gdIOCtx ctx; + gdIOCtx ctx = {0}; ctx.putBuf = gvdevice_gd_putBuf; ctx.putC = gvdevice_gd_putC; diff --git a/plugin/gd/gvrender_gd.c b/plugin/gd/gvrender_gd.c index 46cc298e3..6c93fb866 100644 --- a/plugin/gd/gvrender_gd.c +++ b/plugin/gd/gvrender_gd.c @@ -150,7 +150,7 @@ static void gdgen_end_page(GVJ_t * job) { gdImagePtr im = (gdImagePtr) job->context; - gdIOCtx ctx; + gdIOCtx ctx = {0}; ctx.putBuf = gvdevice_gd_putBuf; ctx.putC = gvdevice_gd_putC; -- 2.40.0