XnView Software

Various discussion boards for XnView and related products
https://newsgroup.xnview.com/

bug in gflSaveBitmapIntoMemory() (tiff only?)

https://newsgroup.xnview.com/viewtopic.php?t=12292

Page 1 of 1

bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Sat Mar 24, 2007 5:48 pm
by stolarz

Code: Select all

unsigned char* data;
unsigned long length;
gflSaveBitmapIntoMemory(&data, &length, ...
I don't know if it's only for tiff but with tiff and lzw 'length' is bigger than the actual allocated block of memory. therefore

Code: Select all

unsigned char * new_block = malloc(length);
for (int i=0; i<length; i++) new_block[i] = data[i];
causes my proggy to crash. I wrote a simple test program that loaded a picture (a big one, 2304 x 1728) and saved to memory and also saved to disk. saved picture's disk size was 11106543 bytes and picture in mem had 11120367 bytes.
i temporarily solved this with

Code: Select all

data = gflMemoryRealloc(data, length);
and copying the data to new location does'n crash anymore.

kRyszard

BTW: why is that the controls on this page are sometimes in english and sometimes in french? they were even in russian once! ;)

Re: bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Sun Mar 25, 2007 11:30 pm
by XnTriq
stolarz wrote:BTW: why is that the controls on this page are sometimes in english and sometimes in french? they were even in russian once! ;)
:arrow: [Bug] Forum language (DFLS)

what if...

Posted: Mon Mar 26, 2007 9:42 am
by stolarz
yeah, and what if length is less than the size of allocated memory? gflRealloc will crop my data :|

Re: bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Tue Mar 27, 2007 1:45 am
by xnview
stolarz wrote:

Code: Select all

unsigned char* data;
unsigned long length;
gflSaveBitmapIntoMemory(&data, &length, ...
I don't know if it's only for tiff but with tiff and lzw 'length' is bigger than the actual allocated block of memory. therefore

Code: Select all

unsigned char * new_block = malloc(length);
for (int i=0; i<length; i++) new_block[i] = data[i];
causes my proggy to crash. I wrote a simple test program that loaded a picture (a big one, 2304 x 1728) and saved to memory and also saved to disk. saved picture's disk size was 11106543 bytes and picture in mem had 11120367 bytes.
i temporarily solved this with

Code: Select all

data = gflMemoryRealloc(data, length);
and copying the data to new location does'n crash anymore.
Could you send me your test program?

Re: bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Tue Mar 27, 2007 5:47 pm
by stolarz
xnview wrote:Could you send me your test program?
emm.... d'you mean the source? or the executable?
here's the source:

Code: Select all

#include <stdio>
#include "libgfl.h"

void main() {
	printf("hello\n");
	GFL_ERROR init = gflLibraryInit();
	if (GFL_NO_ERROR != init) {
    	printf("error: %d\n", init);
    	return;
	}
	printf("init ok\n");

	gflEnableLZW(GFL_TRUE);

	printf("version: %s\n", gflGetVersion());
	printf("version of libformat: %s\n", gflGetVersionOfLibformat());

	GFL_ERROR e1;

	int tiff = gflGetFormatIndexByName("tiff");
	printf("format index: %d\n", tiff);

	// load picture
	GFL_BITMAP *thebitmap = NULL;
	GFL_LOAD_PARAMS lp1;
	gflGetDefaultLoadParams(&lp1);
	lp1.FormatIndex = -1;
	e1 = gflLoadBitmap("DSC04034.jpg", &thebitmap, &lp1, NULL);
	if (GFL_NO_ERROR != e1) {
    	printf("error: %d\n", e1);
	} else {

		GFL_SAVE_PARAMS sp1;


		// save to disk
		printf("saving to file\n");
		gflGetDefaultSaveParams(&sp1);
		sp1.FormatIndex = tiff;
		sp1.Compression = GFL_LZW;
		e1 = gflSaveBitmap("dsc04034.tiff", thebitmap, &sp1);
		if (GFL_NO_ERROR == e1) {
			printf("saved\n");
		} else {
        	printf("error: %d\n", e1);
        }


		// save to mem
		printf("saving to mem\n");
		gflGetDefaultSaveParams(&sp1);
		sp1.FormatIndex = tiff;
		sp1.Compression = GFL_LZW;

		unsigned char* data;
		unsigned long length;
		e1 = gflSaveBitmapIntoMemory(&data, &length, thebitmap, &sp1);
		if (GFL_NO_ERROR == e1) {
			printf("saved %d bytes\n", length);
			gflMemoryFree(data);
			printf("mem freed\n");
		} else {
        	printf("error: %d\n", e1);
		}

        printf("freeing bitmap\n");
        gflFreeBitmap(thebitmap);
        printf("freed\n");

	}

	gflLibraryExit();
}
the result is usually sth like:

Code: Select all

hello
init ok
version: 2.67
version of libformat: 4.77
format index: 2
saving to file
saved
saving to mem
saved 11120367 bytes
mem freed
freeing bitmap
freed
i tried other formats aswell. the results are:

Code: Select all

2304 x 1728, tiff:
disk - 11106543
 mem - 11120367

480 x 640, tiff:
disk - 948768
 mem - 949792

480 x 640, tiff, no lzw:
disk - 922872
 mem - 923896

480 x 640, jpeg:
both same sizes - 37635

png - same sizes...
Oh, I said the program crashes on:

Code: Select all

char u = data[length-1];
printf("%d\n", u);
well this time it didn't, but possibly it depends on the compiler. for this little proggy i used Borland Free CmdLine Tools but previously i was using microsoft's some kind of .NET thing to write managed wrapper for gfl...

Re: bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Wed Mar 28, 2007 12:54 pm
by xnview
stolarz wrote:
xnview wrote:Could you send me your test program?
emm.... d'you mean the source? or the executable?
here's the source:
I've tried but have no crash...

Re: bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Wed Mar 28, 2007 7:30 pm
by stolarz
xnview wrote:I've tried but have no crash...
Yes, but the sizes in mem and disk differ and it's just a matter of luck if there is a crash or not because of different memory allocating algorithms: your first malloc in a program actually allocates smallest allocable block, like f.e. 0x1000 bytes, so

Code: Select all

char* a = (char*) malloc(0x10);
char b = a[0xfff];
doesn't cause the memory protection fault, but followed by

Code: Select all

char* c = (char*)malloc(0xf00);
char* d = (char*)malloc(0x10);
char e = d[0x100];
may cause errors.

Re: bug in gflSaveBitmapIntoMemory() (tiff only?)

Posted: Thu Mar 29, 2007 7:11 am
by xnview
stolarz wrote:
xnview wrote:I've tried but have no crash...
Yes, but the sizes in mem and disk differ and it's just a matter of luck if there
Ok, it's a little bug...
is a crash or not because of different memory allocating algorithms: your first malloc in a program actually allocates smallest allocable block, like f.e. 0x1000 bytes, so

Code: Select all

char* a = (char*) malloc(0x10);
char b = a[0xfff];
doesn't cause the memory protection fault, but followed by

Code: Select all

char* c = (char*)malloc(0xf00);
char* d = (char*)malloc(0x10);
char e = d[0x100];
may cause errors.
I can't reproduce the crash :-( Send me a PM with your email, i would like to send you a test version...
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited