[poppler] Poor error handling in gmem.c
Florian Weimer
fw at deneb.enyo.de
Thu Dec 8 14:24:08 PST 2005
With the recent merge from xpdf 3.01, problematic error handling code
has been introduced in to poppler:
void *gmallocn(int nObjs, int objSize) {
int n;
n = nObjs * objSize;
if (objSize == 0 || n / objSize != nObjs) {
fprintf(stderr, "Bogus memory allocation size\n");
exit(1);
}
return gmalloc(n);
}
Invalid input data (not just an out-of-memory condition) results in
the whole process being terminated, which is not a good thing to do
for a library.
The gmallocn function is also incorrect because according to the C
standard, the if condition can be assumed to be always false, but this
is best discussed with the xpdf folks.
More information about the poppler
mailing list