> The only situation that I can think of where an out-of-bounds access will
> probably happen is if pointers (and thus array indices) are 64-bit but
> the array size is wrongly a signed (32-bit) int. It then gets expanded
> to 64-bit when indexing the array, and ends up truly at negative addresses
> (from the array's start.)
You could also have the situation where the code is inconsistent
regarding signed and unsigned (32-bit) values. Couldn't something like
this break with a negative value of imageSize stored in the image file?
void LoadImageFromFile(unsigned int size);
void ReserveMemory(int size);
int headerSize = 1024;
int imageSize = readIntFromFile();
ReserveMemory(headerSize + imageSize);
LoadHeaderFromFile(headerSize);
LoadImageFromFile(imageSize);
Post a reply to this message
|