Fix potential overflow issue
"tjAlloc()" uses "malloc()" which takes a "size_t" number of bytes (an
unsigned integer).
However,"tjAlloc()" itself takes the number of bytes as a signed integer.
So the width * height * tjPixelSize[pixelfmt] may overflow and become a
negative integer.
Fix by checking it and change to use malloc directly.
Change-Id: Ia69e37f66c6674c1201c06df8e35d8877ae081cd
Signed-off-by: NYilu Mao <yilu.myl@alibaba-inc.com>
Showing
想要评论请 注册 或 登录