Good finding. Looking at the code below that point it seems that the count variable would be useful to check the length of the comparisons as well. In that case count would have to be declared outside the if block, of course. Shell code to (supposedly) trigger another error:

$ echo -n "#def" > x.jpg

Then run pixmap_browser with valgrind and open x.jpg.
In my quick test valgrind didn't complain though, but the comparison if (memcmp(header, "#define", 7) == 0) would (AFAICT) access uninitialized memory. The same for all following comparisons and the image handler calls in line 273 img = (handlers_[i])(name_, header, sizeof(header)); should supposedly be passed count rather than sizeof(header). And so on. I didn't follow that code path further...

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.