[poppler] Poor error handling in gmem.c

Albert Astals Cid aacid at kde.org
Thu Dec 8 14:48:06 PST 2005

A Dijous 08 Desembre 2005 23:24, Florian Weimer va escriure:
> With the recent merge from xpdf 3.01, problematic error handling code
> has been introduced in to poppler:
> void *gmallocn(int nObjs, int objSize) {
>   int n;
>   n = nObjs * objSize;
>   if (objSize == 0 || n / objSize != nObjs) {
>     fprintf(stderr, "Bogus memory allocation size\n");
>     exit(1);
>   }
>   return gmalloc(n);
> }
> Invalid input data (not just an out-of-memory condition) results in
> the whole process being terminated, which is not a good thing to do
> for a library.
I agree, any suggestion?

> The gmallocn function is also incorrect because according to the C
> standard, the if condition can be assumed to be always false, 
The oh magnificient C standard mandates a int can never be zero? The oh 
magnificient mandates computer architectures don't have limits so there are 
never overflows in variables?

> but this is best discussed with the xpdf folks.
a) don't see why
b) if you think that may i ask why you send that mail?


> _______________________________________________
> poppler mailing list
> poppler at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/poppler

Renovamos el Correo Yahoo! 
Nuevos servicios, más seguridad 

More information about the poppler mailing list