cabinet: Fix overrun of static array (Coverity)
Andrew Talbot
Andrew.Talbot at talbotville.com
Mon Jan 22 16:30:05 CST 2007
The existing code writes one past the end of the array. This patch should fix
Coverity CID-297. The solution would have been simpler if integer divisions
yielding negative results were guaranteed to round towards zero, but
I don't think they are, pre-C99.
-- Andy.
---
Changelog:
cabinet: Fix overrun of static array (Coverity).
diff -urN a/dlls/cabinet/fdi.c b/dlls/cabinet/fdi.c
--- a/dlls/cabinet/fdi.c 2007-01-10 12:33:55.000000000 +0000
+++ b/dlls/cabinet/fdi.c 2007-01-22 21:57:50.000000000 +0000
@@ -882,9 +882,14 @@
LZX(window_size) = wndsize;
/* initialize static tables */
- for (i=0, j=0; i <= 50; i += 2) {
- CAB(extra_bits)[i] = CAB(extra_bits)[i+1] = j; /* 0,0,0,0,1,1,2,2,3,3... */
- if ((i != 0) && (j < 17)) j++; /* 0,0,1,2,3,4...15,16,17,17,17,17... */
+ /* CAB(extra_bits)[] = {0,0,0,0,1,1,2,2,3,3,...,16,16,17,17,17,17,...,17} */
+ for (i = 0; i <= 50; i++) {
+ if (i < 2) {
+ CAB(extra_bits)[i] = 0;
+ }
+ else {
+ j = (i - 2) >> 1;
+ CAB(extra_bits)[i] = j <= 17 ? j : 17;
}
for (i=0, j=0; i <= 50; i++) {
CAB(lzx_position_base)[i] = j; /* 0,1,2,3,4,6,8,12,16,24,32,... */
More information about the wine-patches
mailing list