Coverity issue(s) - Githubissues

richgel999 / jpeg-compressor

C++ JPEG compression/fuzzed low-RAM JPEG decompression codec with Public Domain or Apache 2.0 license

210 stars 57 forks source link

Coverity issue(s) #15

Open jackun opened 3 years ago

jackun commented 3 years ago

1) Statement is always false:

https://github.com/richgel999/jpeg-compressor/blob/aeb7d3b463aa8228b87a28013c15ee50a7e6fcf3/jpgd.cpp#L779

And just in case this is not a false positive: 2) Overrunning array jpgd::g_ZAG of 64 4-byte elements at element index 64 (byte offset 259) using index kt++ (which evaluates to 64).

https://github.com/richgel999/jpeg-compressor/blob/aeb7d3b463aa8228b87a28013c15ee50a7e6fcf3/jpgd.cpp#L1533

richgel999 commented 3 years ago

Thank you, I'll add a logical and against 63 here to silence Coverity. I've seen the 2nd issue before, this statement should prevent the problem but I'll add the logical and in the loop to be sure:

if ((k + r) > 63) stop_decoding(JPGD_DECODE_ERROR);

jackun commented 3 years ago

Then I think the 2nd issue has been fixed already https://github.com/richgel999/jpeg-compressor/blob/aeb7d3b463aa8228b87a28013c15ee50a7e6fcf3/jpgd.cpp#L1525-L1526