From: Arvan P. <arv...@in...> - 2008-12-05 13:04:03
|
I've just downloaded 1.2.33 with a view to updating to it, and got the following warning from Visual Studio: pngwutil.c(1417) : warning C4701: potentially uninitialized local variable 'new_key' used this is the png_free call near the end of this fragment > #if defined(PNG_WRITE_zTXt_SUPPORTED) > /* write a compressed text chunk */ > void /* PRIVATE */ > png_write_zTXt(png_structp png_ptr, png_charp key, png_charp text, > png_size_t text_len, int compression) > { > #ifdef PNG_USE_LOCAL_ARRAYS > PNG_zTXt; > #endif > png_size_t key_len; > char buf[1]; > png_charp new_key; > compression_state comp; > > png_debug(1, "in png_write_zTXt\n"); > > comp.num_output_ptr = 0; > comp.max_output_ptr = 0; > comp.output_ptr = NULL; > comp.input = NULL; > comp.input_len = 0; > > if (key == NULL || (key_len = png_check_keyword(png_ptr, key, &new_key))==0) > { > png_warning(png_ptr, "Empty keyword in zTXt chunk"); > png_free(png_ptr, new_key); > return; > } I can't tell if it is possible to call png_write_zTXt with a NULL key, but if it is then this code will indeed attempt to free memory at the address in an uninitialised pointer. This could be fixed either by initialising new_key to NULL so the check in png_free will avoid the free, or by removing the key==NULL test so that png_check_keyword will initialise it (it already checks for key==NULL). Arvan -- Arvan Pritchard Informatix Software International Limited Tel +44 (0)1223 246777 Fax +44 (0)1223 246778 Registered office: 509 Coldhams Lane, Cambridge, CB1 3JS, United Kingdom Company Registration in England & Wales 3319498, VAT number GB 688 5110 10 www.informatix.co.uk |