Issue 1231353003: Merge to M44: Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 1231353003: Merge to M44: Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd(). (Closed)

Created:
5 years, 5 months ago by Lei Zhang

Modified:
5 years, 5 months ago

Reviewers:
jun_fang

CC:
pdfium-reviews_googlegroups.com

Base URL:
https://pdfium.googlesource.com/pdfium@2403

Target Ref:
refs/heads/chromium/2403

Visibility:
Public.

More Reviews

Description

Merge to M44: Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd(). The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level struct, and then replaces pointers to memory owned by the original struct with new blocks of memory. Unfortunately, an early return can leave the copy with pointers to memory it doesn't own, which causes problems when cleaning up the partially-initialized struct. The referenced bug is triggered when we get a return at original line 7969 or 7385 due to OOM. Moral of the story: creating a "copy constructor" equivalent based on memcpy() instead of copying field by field for structs containing pointers is usually a bad idea. BUG=486538 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/1138033007 (cherry picked from commit 3b60890f6ee807a8bfc44056443f77603c23e6b0) Committed: https://pdfium.googlesource.com/pdfium/+/0839207dc3fedd322d1d784e275d4d5f8cb8e970

Patch Set 1 #

Created: 5 years, 5 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+10 lines, -0 lines)			Patch
	M	core/src/fxcodec/fx_libopenjpeg/libopenjpeg20/j2k.c	View		3 chunks	+10 lines, -0 lines	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

Lei Zhang

5 years, 5 months ago (2015-07-13 21:42:11 UTC) #2

Message was sent while issue was closed.

Committed patchset #1 (id:1) manually as
0839207dc3fedd322d1d784e275d4d5f8cb8e970 (presubmit successful).

Expand Messages | Collapse Messages