diff options
author | giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8> | 2023-09-29 18:22:35 +0000 |
---|---|---|
committer | giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8> | 2023-09-29 18:22:35 +0000 |
commit | af1a80d96f9bfb2086dd5314904d08583773df09 (patch) | |
tree | caffb1c8d8ca0379b644566cbe9f7457b1726d67 /lib/libpbm2.c | |
parent | bf85274a5c089c1c6295f0caf54ecf0c1c42e887 (diff) | |
download | netpbm-mirror-af1a80d96f9bfb2086dd5314904d08583773df09.tar.gz netpbm-mirror-af1a80d96f9bfb2086dd5314904d08583773df09.tar.xz netpbm-mirror-af1a80d96f9bfb2086dd5314904d08583773df09.zip |
cleanup
git-svn-id: http://svn.code.sf.net/p/netpbm/code/trunk@4707 9d0c8265-081b-0410-96cb-a4ca84ce46f8
Diffstat (limited to 'lib/libpbm2.c')
-rw-r--r-- | lib/libpbm2.c | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/lib/libpbm2.c b/lib/libpbm2.c index c71193c9..8668356e 100644 --- a/lib/libpbm2.c +++ b/lib/libpbm2.c @@ -35,25 +35,36 @@ getbit (FILE * const file) { void -pbm_readpbminitrest( FILE * const file, - int * const colsP, - int * const rowsP ) { +pbm_readpbminitrest(FILE * const ifP, + int * const colsP, + int * const rowsP ) { + + unsigned int cols; + unsigned int rows; + /* Read size. */ - *colsP = (int)pm_getuint( file ); - *rowsP = (int)pm_getuint( file ); + cols = pm_getuint(ifP); + rows = pm_getuint(ifP); /* *colsP and *rowsP really should be unsigned int, but they come from the time before unsigned ints (or at least from a person - trained in that tradition), so they are int. We could simply - consider negative numbers to mean values > INT_MAX/2 and much + trained in that tradition), so they are int. Caller could simply + consider negative numbers to mean values > INT_MAX and much code would just automatically work. But some code would fail miserably. So we consider values that won't fit in an int to be unprocessable. */ - if (*colsP < 0) - pm_error("Number of columns in header is too large."); - if (*rowsP < 0) - pm_error("Number of rows in header is too large."); + if (cols > INT_MAX) + pm_error("Number of columns in header is too large (%u). " + "The maximum allowed by the format is %u", + cols, INT_MAX); + if (rows > INT_MAX) + pm_error("Number of rows in header is too large (%u). " + "The maximum allowed by the format is %u", + rows, INT_MAX); + + *colsP = (int)cols; + *rowsP = (int)rows; } |