From cf55f0b533da5c3166e4b114a385ec74d08bd240 Mon Sep 17 00:00:00 2001
From: DRC <dcommander@users.sourceforge.net>
Date: Wed, 28 May 2014 20:19:54 +0000
Subject: [PATCH] Our copyright string is longer than JMSG_LENGTH_MAX, and this
 was causing a buffer overrun if output_message() was called with msg_code set
 to JMSG_COPYRIGHT, or if format_message() was called with msg_code set to
 JMSG_COPYRIGHT and with a buffer of length JMSG_LENGTH_MAX.

We can't simply increase JMSG_LENGTH_MAX, because it is part of the libjpeg API, and it is generally assumed that a buffer of this length will be passed to format_message().  Thus, the easiest solution is simply to use a shorter copyright string for JMSG_COPYRIGHT.


git-svn-id: svn+ssh://svn.code.sf.net/p/libjpeg-turbo/code/trunk@1318 632fc199-4ca6-4c93-a231-07263d6284db
---
 ChangeLog.txt | 3 +++
 jerror.h      | 6 ++++--
 jversion.h    | 2 ++
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/ChangeLog.txt b/ChangeLog.txt
index c8476df..8a70f67 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -70,6 +70,9 @@ handle prototypes and support for the MS-DOS memory model, were removed from
 the libjpeg code, greatly improving its readability and making it easier to
 maintain and extend.
 
+[10] Fixed a segfault that occurred when calling output_message() with msg_code
+set to JMSG_COPYRIGHT.
+
 
 1.3.1
 =====
diff --git a/jerror.h b/jerror.h
index fab59b3..402613e 100644
--- a/jerror.h
+++ b/jerror.h
@@ -1,9 +1,11 @@
 /*
  * jerror.h
  *
+ * This file was part of the Independent JPEG Group's software:
  * Copyright (C) 1994-1997, Thomas G. Lane.
  * Modified 1997-2009 by Guido Vollbeding.
- * This file is part of the Independent JPEG Group's software.
+ * libjpeg-turbo Modifications:
+ * Copyright (C) 2014, D. R. Commander.
  * For conditions of distribution and use, see the accompanying README file.
  *
  * This file defines the error and message codes for the JPEG library.
@@ -132,7 +134,7 @@ JMESSAGE(JERR_VIRTUAL_BUG, "Virtual array controller messed up")
 JMESSAGE(JERR_WIDTH_OVERFLOW, "Image too wide for this implementation")
 JMESSAGE(JERR_XMS_READ, "Read from XMS failed")
 JMESSAGE(JERR_XMS_WRITE, "Write to XMS failed")
-JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT)
+JMESSAGE(JMSG_COPYRIGHT, JCOPYRIGHT_SHORT)
 JMESSAGE(JMSG_VERSION, JVERSION)
 JMESSAGE(JTRC_16BIT_TABLES,
          "Caution: quantization tables are too coarse for baseline JPEG")
diff --git a/jversion.h b/jversion.h
index 7ab2887..25c3cf0 100644
--- a/jversion.h
+++ b/jversion.h
@@ -32,3 +32,5 @@
                         "Copyright (C) 2009-2011 Nokia Corporation and/or its subsidiary(-ies)\n" \
                         "Copyright (C) 2013-2014 MIPS Technologies, Inc.\n" \
                         "Copyright (C) 2013 Linaro Limited"
+
+#define JCOPYRIGHT_SHORT "Copyright (C) 1991-2014 The libjpeg-turbo Project and many others"
-- 
2.40.0