JonBCode / openjpeg

Automatically exported from code.google.com/p/openjpeg
Other
0 stars 0 forks source link

Potential double free on malloc failure in opj_j2k_copy_default_tcp_and_create_tcp() #492

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level
struct, and then replaces pointers to memory owned by the original struct
with new blocks of memory. Unfortunately, an early return can leave the
copy with pointers to memory it doesn't own, which causes problems when
cleaning up the partially-initialized struct.

The issue was found downstream in 
https://code.google.com/p/chromium/issues/detail?id=486538

A proposed patch is attached.

Original issue reported on code.google.com by tsepez@chromium.org on 18 May 2015 at 10:41

Attachments:

GoogleCodeExporter commented 9 years ago
Thanks for the patch.

Original comment by m.darb...@gmail.com on 19 May 2015 at 9:39

GoogleCodeExporter commented 9 years ago
This issue was closed by revision r3002.

Original comment by m.darb...@gmail.com on 19 May 2015 at 9:57