On 6/15/07, Stanislav Malyshev [EMAIL PROTECTED] wrote:
+ pts = (char *) ecalloc(im-sy * im-sx, sizeof(char));
I don't see any overflow checks around, are you sure it's safe?
Checks are done in gdImageCreate*
--Pierre
Ah, exactly. That explains why I wasn't able to crash it :-)
Nuno
On 6/15/07, Stanislav Malyshev [EMAIL PROTECTED] wrote:
+ pts = (char *) ecalloc(im-sy * im-sx, sizeof(char));
I don't see any overflow checks around, are you sure it's safe?
Checks are done in gdImageCreate*
--Pierre
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit:
+ pts = (char *) ecalloc(im-sy * im-sx, sizeof(char));
I don't see any overflow checks around, are you sure it's safe?
--
Stanislav Malyshev, Zend Products Engineer
[EMAIL PROTECTED] http://www.zend.com/
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit:
Ah! good point, thanks. I'll check it out.
Nuno
- Original Message -
+ pts = (char *) ecalloc(im-sy * im-sx, sizeof(char));
I don't see any overflow checks around, are you sure it's safe?
--
Stanislav Malyshev, Zend Products Engineer
[EMAIL PROTECTED] http://www.zend.com/
--
PHP
As the commit log says, I fixed a few valgrind warnings in the
bug24594.phpt
test (it was reading one past the end of the array). The log is still
available at
http://gcov.php.net/viewer.php?version=PHP_5_2func=valgrindfile=ext%2Fgd%2Ftests%2Fbug24594.phpt
the fix is this part:
- for (; x=wx2
Hello Nuno,
On 1/14/07, Nuno Lopes [EMAIL PROTECTED] wrote:
It is reproducible everywhere, I must say (including my pc). wx2 is the size
of the array, so you can only read from idx 0 to (wx2-1). Reading idx wx2
doesn't make sense.
Right, I was wondering why valgrind don't say a word here,
Hello Nuno,
On 1/13/07, Nuno Lopes [EMAIL PROTECTED] wrote:
nlopess Sat Jan 13 11:16:15 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/gd/libgd gd.c
Log:
fix valgrind error in test bug24594.phpt
while at it, remove some dead code and change the
On 1/13/07, Nuno Lopes [EMAIL PROTECTED] wrote:
nlopess Sat Jan 13 11:16:15 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/gd/libgd gd.c
Log:
fix valgrind error in test bug24594.phpt
while at it, remove some dead code and change the pts vector to
Hello Nuno,
On 1/13/07, Nuno Lopes [EMAIL PROTECTED] wrote:
On 1/13/07, Nuno Lopes [EMAIL PROTECTED] wrote:
nlopess Sat Jan 13 11:16:15 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/gd/libgd gd.c
Log:
fix valgrind error in test bug24594.phpt