Opened 4 years ago

Closed 4 years ago

#6823 closed defect (fixed)

Trouble with catches in jp2kakdataset open

Reported by: Kurt Schwehr Owned by: warmerdam
Priority: normal Milestone:
Component: default Version: unspecified
Severity: normal Keywords: kakadu jp2k
Cc:

Description

I've been trying to track down some bad behavior with corrupt jp2k files. To try to find problems in jp2kakdataset.cpp, I've locally modified Open to skip the identify check and directly start trying to work with whatever a fuzzer gives it. My inner loop.

  const char kFilename[] = "/vsimem/a.jp2";
  const string data2(reinterpret_cast<const char *>(data), size);
  autotest2::VsiMemTempWrapper wrapper(kFilename, data2);
  std::unique_ptr<GDALOpenInfo> open_info(
      new GDALOpenInfo(kFilename, GDAL_OF_READONLY, nullptr));
  if (open_info == nullptr)
      return 0;
  int result = JP2KAKDataset::Identify(open_info.get());
  CHECK_LE(-1, result);
  CHECK_GE(1, result);
  GDALDataset *dataset = JP2KAKDataset::Open(open_info.get());
  if (dataset == nullptr)
      return 0;
  delete dataset;
  return 0;

I've found that any of the new's that succeed will not be deleted in the final catch except the poDS. If kakadu throws an exception during the open process, it causes a leak at best.

Attachments (3)

crash-8d2faaa9df3f9c9e14ff0cad62cb090894aae8b3 (3.0 KB) - added by Kurt Schwehr 4 years ago.
crash-72e9675b4a3d4e53d80bdd12857bde5065e656fb (6.4 KB) - added by Kurt Schwehr 4 years ago.
leak-a2b4f6a05d21048544c8380ab49e3e1808c0c876 (6.4 KB) - added by Kurt Schwehr 4 years ago.

Download all attachments as: .zip

Change History (4)

Changed 4 years ago by Kurt Schwehr

Changed 4 years ago by Kurt Schwehr

Changed 4 years ago by Kurt Schwehr

comment:1 Changed 4 years ago by Even Rouault

Resolution: fixed
Status: newclosed

In 37459:

(The changeset message doesn't reference this ticket)

Note: See TracTickets for help on using tickets.