mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

Add NULL pz->list test to png_zlib_compress_validate

Browse Source 
This seems safer; in fact a NULL dereference never happens because the test ends
up just doing arithmetic on NULL but it seems possible that the undefined
arithmetic can still happen if there is a bug elsewhere.

Signed-off-by: John Bowler <jbowler@acm.org>
This commit is contained in:
John Bowler 2015-12-28 16:15:36 -08:00
parent 07c60a383a
commit 63ea57a796
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pngwutil.c
View File

@ -484,8 +484,9 @@ png_zlib_compress_validate(png_zlib_compressp pz, int in_use)
{ {
affirm((pz->end == &pz->list && pz->zs.next_out == NULL affirm((pz->end == &pz->list && pz->zs.next_out == NULL
&& pz->zs.avail_out == 0U) || && pz->zs.avail_out == 0U) ||
(pz->end == &pz->list->next && pz->zs.next_out == pz->list->output (pz->list != NULL && pz->end == &pz->list->next &&
&& pz->zs.avail_out == o_size)); pz->zs.next_out == pz->list->output &&
pz->zs.avail_out == o_size));
} }
else /* not empty */ else /* not empty */