diff options
author | Tom Sepez <tsepez@chromium.org> | 2015-05-18 15:46:54 -0700 |
---|---|---|
committer | Tom Sepez <tsepez@chromium.org> | 2015-05-18 15:46:54 -0700 |
commit | 3b60890f6ee807a8bfc44056443f77603c23e6b0 (patch) | |
tree | 2b573d9f0f62d0a03a5b6e1eeb5e78c4b24ed734 /testing | |
parent | 3fea540931b6b2c700c50809a3d4d8a506f4f797 (diff) | |
download | pdfium-3b60890f6ee807a8bfc44056443f77603c23e6b0.tar.xz |
Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().
The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level
struct, and then replaces pointers to memory owned by the original struct
with new blocks of memory. Unfortunately, an early return can leave the
copy with pointers to memory it doesn't own, which causes problems when
cleaning up the partially-initialized struct.
The referenced bug is triggered when we get a return at original
line 7969 or 7385 due to OOM.
Moral of the story: creating a "copy constructor" equivalent
based on memcpy() instead of copying field by field for structs
containing pointers is usually a bad idea.
BUG=486538
R=jun_fang@foxitsoftware.com
Review URL: https://codereview.chromium.org/1138033007
Diffstat (limited to 'testing')
0 files changed, 0 insertions, 0 deletions