Issue confirmed and ticket filed as http://trac.osgeo.org/gdal/ticket/3551
Le Tuesday 27 April 2010 19:01:56 Smart, Gary, vous avez écrit : > I have attached a colour NITF image which causes an invalid read within > NITFReadImageLine (nitfimage.c:1661). This invalid read was detected by > valgrind which I have been using to investigate a crash in my > application - which happens to segfault exactly on this line. More > often than not, I can read and display this colour image. Sometimes > though - it crashes my application. However, even when correctly > displayed, valgrind still reports the invalid read. > > > > I have looked at the logic in the function NITFReadImageLine and it > seems to be flawed in that it mallocs an area which seems to be a > function of the number of requested columns, but then copies imagery > into the buffer using a for-loop based on the block size. Moreover, the > nLineSize computed for the malloc was not big enough for the requested > area anyway. > > > > The problem is only really evident in colour images for which reads are > requested that are smaller than the blocksize in the file. > > > > Whilst I cannot be certain that my replacement logic will suffice for > all NITF configs, I certainly think the memory management in this > function AND the corresponding NITFWriteImageLine should be reviewed? > My changes certainly get rid of my read-errors and crashes (find ##### > in the attached code snippet). > > > > Opinions anyone? > > Gary _______________________________________________ gdal-dev mailing list gdal-dev@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/gdal-dev
