[Digikam-devel] [Bug 253911] New: libkdcraw access beyond array bounds (cameraXYZMatrix)

Mike Frysinger vapier at gentoo.org
Tue Oct 12 00:58:40 BST 2010 

https://bugs.kde.org/show_bug.cgi?id=253911

           Summary: libkdcraw access beyond array bounds (cameraXYZMatrix)
           Product: digikam
           Version: unspecified
          Platform: Gentoo Packages
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: minor
          Priority: NOR
         Component: libkdcraw
        AssignedTo: digikam-devel at kde.org
        ReportedBy: vapier at gentoo.org


Version:           unspecified (using KDE 4.5.2) 
OS:                Linux

building libkdcraw results in:

libs/libkdcraw/libkdcraw/dcrawinfocontainer.cpp: In member function ‘bool
KDcrawIface::DcrawInfoContainer::is
Empty()’:
libs/libkdcraw/libkdcraw/dcrawinfocontainer.cpp:123:29: warning: array
subscript is above array bounds
libs/libkdcraw/libkdcraw/dcrawinfocontainer.cpp:127:29: warning: array
subscript is above array bounds
libs/libkdcraw/libkdcraw/dcrawinfocontainer.cpp:131:29: warning: array
subscript is above array bounds

looking at the source code, seems to be a mismatch of x and y coordinates:

dcrawinfocontainer.h:    float            cameraXYZMatrix[4][3];

dcrawinfocontainer.cpp:        cameraXYZMatrix[0][0]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[0][1]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[0][2]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[0][3]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[1][0]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[1][1]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[1][2]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[1][3]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[2][0]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[2][1]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[2][2]    == 0.0 &&
dcrawinfocontainer.cpp:        cameraXYZMatrix[2][3]    == 0.0 &&

looks like the indices are switched and should be [0..3][0..2] instead of
[0..2][0..3]

Reproducible: Didn't try




using gcc-4.5.1

-- 
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the Digikam-devel mailing list