commit | 6e053525ee45171f65ecec596336cc3b0a5e9468 | [log] [tgz] |
---|---|---|
author | DRC <information@libjpeg-turbo.org> | Thu Feb 04 09:20:41 2016 -0600 |
committer | DRC <information@libjpeg-turbo.org> | Thu Feb 04 09:20:41 2016 -0600 |
tree | ed19364957ff52d63b5ae6fd9e6d15ce3c837791 | |
parent | cbfa696fc1be251a9f20f8e83e335a863a6c4be8 [diff] |
TurboJPEG: Avoid dangling pointers This addresses a minor concern (LJT-01-002) expressed in a security audit by Cure53. _tjInitCompress() and _tjInitDecompress() call (respectively) jpeg_mem_dest_tj() and jpeg_mem_src_tj() with a pointer to a dummy buffer, in order to set up the destination/source manager. The dummy buffer should never be used, but it's still better to make it static so that the pointer in the destination/source manager always points to a valid region of memory.