[gs-bugs] [Bug 689870] New: unsigned fields read as int
bugs.ghostscript.com-bugzilla-daemon at ghostscript.com
bugs.ghostscript.com-bugzilla-daemon at ghostscript.com
Mon May 26 12:16:02 PDT 2008
http://bugs.ghostscript.com/show_bug.cgi?id=689870
Summary: unsigned fields read as int
Product: jbig2dec
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P4
Component: Parsing
AssignedTo: ralph.giles at artifex.com
ReportedBy: ralph.giles at artifex.com
QAContact: gs-bugs at ghostscript.com
In debugging bug 689841, I noticed the data_length field in the segment header
was getting sign extended on x86_64. This is because jbig2_get_int32 is
returning a signed integer even though the field is a uint32_t in the format. So
we've been mishandling any segment length over 2^31, it just hasn't come up before.
The code should be reviewed and either change jbig2_get_int32 to
jbig2_get_uint32 or add a second call, depending on how many signed fields we
need to read.
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the gs-bugs
mailing list