1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
$NetBSD: patch-CVE-2014-8158,v 1.1 2015/03/11 20:58:26 spz Exp $
patch for CVE-2014-8158 loosely based on
http://pkgs.fedoraproject.org/cgit/jasper.git/plain/jasper-CVE-2014-8158.patch
eradicate all code-paths activated by HAVE_VLA
--- jasper/src/libjasper/jpc/jpc_qmfb.c.orig 2012-08-08 08:01:36.000000000 +0000
+++ jasper/src/libjasper/jpc/jpc_qmfb.c
@@ -158,12 +158,8 @@ static void jpc_qmfb1d_split(jpc_fix_t *
jpc_fix_t *hstartptr, int hstartind, int hendind)
{
int bufsize = JPC_CEILDIVPOW2(endind - startind, 2);
-#if !defined(HAVE_VLA)
#define QMFB_SPLITBUFSIZE 4096
jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
-#else
- jpc_fix_t splitbuf[bufsize];
-#endif
jpc_fix_t *buf = splitbuf;
int llen;
int hlen;
@@ -179,7 +175,6 @@ static void jpc_qmfb1d_split(jpc_fix_t *
llen = lendind - lstartind;
hlen = hendind - hstartind;
-#if !defined(HAVE_VLA)
/* Get a buffer. */
if (bufsize > QMFB_SPLITBUFSIZE) {
if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
@@ -190,7 +185,6 @@ static void jpc_qmfb1d_split(jpc_fix_t *
return;
}
}
-#endif
if (hstartind < lstartind) {
/* The first sample in the input signal is to appear
@@ -272,12 +266,10 @@ static void jpc_qmfb1d_split(jpc_fix_t *
}
}
-#if !defined(HAVE_VLA)
/* If the split buffer was allocated on the heap, free this memory. */
if (buf != splitbuf) {
jas_free(buf);
}
-#endif
}
static void jpc_qmfb1d_join(jpc_fix_t *startptr, int startind, int endind,
@@ -285,12 +277,8 @@ static void jpc_qmfb1d_join(jpc_fix_t *s
jpc_fix_t *hstartptr, int hstartind, int hendind)
{
int bufsize = JPC_CEILDIVPOW2(endind - startind, 2);
-#if !defined(HAVE_VLA)
#define QMFB_JOINBUFSIZE 4096
jpc_fix_t joinbuf[QMFB_JOINBUFSIZE];
-#else
- jpc_fix_t joinbuf[bufsize];
-#endif
jpc_fix_t *buf = joinbuf;
int llen;
int hlen;
@@ -302,7 +290,6 @@ static void jpc_qmfb1d_join(jpc_fix_t *s
register int n;
int state;
-#if !defined(HAVE_VLA)
/* Allocate memory for the join buffer from the heap. */
if (bufsize > QMFB_JOINBUFSIZE) {
if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) {
@@ -313,7 +300,6 @@ static void jpc_qmfb1d_join(jpc_fix_t *s
return;
}
}
-#endif
twostep = step << 1;
llen = lendind - lstartind;
@@ -400,12 +386,10 @@ static void jpc_qmfb1d_join(jpc_fix_t *s
}
}
-#if !defined(HAVE_VLA)
/* If the join buffer was allocated on the heap, free this memory. */
if (buf != joinbuf) {
jas_free(buf);
}
-#endif
}
/******************************************************************************\
|
