[Png-mng-security] NULL pointer dereferences in pngerror.c
Greg Roelofs
newt at pobox.com
Sat Nov 11 22:03:57 UTC 2006
> In this case they have done something bad, but they've called png_warning
> or png_error with a valid message. I think we might as well show them
> the message. I don't consider it a "whole load of debugging".
> In the case of png_read_info() I would simply return as you suggest.
> That's what we do in quite a number of cases already.
assert( !"libpng x.y.z: foo.c: you screwed the pooch" );
(or similar) also works...
Greg
More information about the png-mng-security-archive
mailing list