troosh / openjpeg

Automatically exported from code.google.com/p/openjpeg
Other
0 stars 0 forks source link

[PATCH - v2 branch] Partial decode (non-zero value for cp_reduce) produces corrupted image and may crash #41

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Set cp_reduce to non-zero value.
2. Decode a J2K file

What is the expected output? What do you see instead?
+ Expected: setting cp_reduce value to one decodes all layers except the most 
detailed one. Setting cp_reduce value to two decodes all layers except the two 
more detailed layers.
+ Actual: setting cp_reduce value to any non-zero value causes buffer overflow 
or crash.

What version of the product are you using? On what operating system?
+ Clean checkout from http://openjpeg.googlecode.com/svn/branches/v2
+ Windows 6 Pro, 64 bit.

Please provide any additional information below.
+ Patch corrects a problem in t2_skip_packet_data
+ The following steps were used to identify the problem.
++ Temporarily add two print statements to t2_decode_packets. 
+++ Print the value of l_nb_bytes_read returned by t2_decode_packet. 
+++ Print the value of l_nb_bytes_read returned by t2_skip_packet. 
++ Record the results from a full decode (cp_reduce is zero).
++ Record the results from a partial decode (cp_reduce is non-zero).
++ Compare the bytes read from the full and partial decodes.
+++ Too few bytes were being skipped on some packets.
++ Compare the source code for t2_read_packet_data to t2_skip_packet_data.
+++ Increment of l_band was missing from t2_skip_packet_data function.

Original issue reported on code.google.com by Sheet.Sp...@gmail.com on 29 Sep 2010 at 2:29

Attachments:

GoogleCodeExporter commented 9 years ago

Original comment by anto...@gmail.com on 5 Oct 2010 at 8:27