Fix potential buffer overflow

author jiyong.min <jiyong.min@samsung.com>

Fri, 23 Sep 2022 00:49:13 +0000 (09:49 +0900)

committer jiyong.min <jiyong.min@samsung.com>

Fri, 23 Sep 2022 00:49:13 +0000 (09:49 +0900)
author jiyong.min <jiyong.min@samsung.com>
Fri, 23 Sep 2022 00:49:13 +0000 (09:49 +0900)
committer jiyong.min <jiyong.min@samsung.com>
Fri, 23 Sep 2022 00:49:13 +0000 (09:49 +0900)
diff --git a/jpeg/mm_util_jpeg.c b/jpeg/mm_util_jpeg.c

index 35a4873..8b638d3 100644 (file)
--- a/jpeg/mm_util_jpeg.c
+++ b/jpeg/mm_util_jpeg.c
@@ -229,15 +229,16 @@ static int __jpeg_encode_yuv(j_compress_ptr cinfo, unsigned int width, unsigned
         unsigned int i = 0, j = 0;
         void *large_rect = NULL;
         void *small_rect= NULL;
+       unsigned int rounddown_h = MM_UTIL_ROUND_DOWN_16(height);
  
-       if (cinfo->image_height - MM_UTIL_ROUND_DOWN_16(height)) {
+       if (cinfo->image_height != rounddown_h) {
                 large_rect = g_malloc0(width);
                 small_rect = g_malloc0(width);
  
                 memset(large_rect, 0x10, width);
                 memset(small_rect, 0x80, width);
  
-               for (j = 0; j < height; j += 16) {
+               for (j = 0; j < rounddown_h; j += 16) {
                         for (i = 0; i < 16; i++) {
                                 y[i] = (JSAMPROW)decoded->data + width * (i + j);
                                 if (i % 2 == 0) {
@@ -247,7 +248,7 @@ static int __jpeg_encode_yuv(j_compress_ptr cinfo, unsigned int width, unsigned
                         }
                         jpeg_write_raw_data(cinfo, data, 16);
                 }
-               for (i = 0; i < cinfo->image_height - MM_UTIL_ROUND_DOWN_16(height); i++) {
+               for (i = 0; i < cinfo->image_height - rounddown_h; i++) {
                         y[i] = (JSAMPROW)decoded->data + width * (i + j);
                         if (i % 2 == 0) {
                                 cb[i / 2] = (JSAMPROW)decoded->data + width * height + width / 2 * ((i + j) / 2);
diff --git a/packaging/libmm-utility.spec b/packaging/libmm-utility.spec

index 62c5f8a..107c053 100644 (file)
--- a/packaging/libmm-utility.spec
+++ b/packaging/libmm-utility.spec
@@ -1,6 +1,6 @@
  Name:       libmm-utility
  Summary:    Multimedia Framework Utility Library
-Version:    0.4.7
+Version:    0.4.8
  Release:    0
  Group:      System/Libraries
  License:    Apache-2.0
author	jiyong.min <jiyong.min@samsung.com>
	Fri, 23 Sep 2022 00:49:13 +0000 (09:49 +0900)
committer	jiyong.min <jiyong.min@samsung.com>
	Fri, 23 Sep 2022 00:49:13 +0000 (09:49 +0900)
jpeg/mm_util_jpeg.c		patch \| blob \| history
packaging/libmm-utility.spec		patch \| blob \| history