vtkJPEGReader crashes when output extent is smaller than image size. (8.1.1)
Following application causes a crash.
#include <vtkImageClip.h>
#include <vtkJPEGReader.h>
int main( int argc, char** argv )
{
vtkJPEGReader * reader = vtkJPEGReader::New( );
reader->SetFileName( "test.jpg" );
reader->UpdateInformation( );
vtkImageClip * clip = vtkImageClip::New( );
clip->SetInputConnection( reader->GetOutputPort( ) );
clip->SetOutputWholeExtent( 0, 10, 0, 10, 0, 1 );
clip->Update( );
return 0;
}
test.jpg can be any sufficiently large image ( 4000 by 3000 pixels in my case)
While I first believed it to be a usage error on my side, I debugged this and now consider it a VTK bug.
When checking it with valgrind, the offending memory access already happens before the crash in vtkJPEGReader.cxx line 307, that memcpy that copies the read scanlines into the output buffer. Commenting out that move removes the crash and all valgrind complains -- albeit image read results are black/random, of course. Reading the code the line for the loop
OT *outPtr2 = outPtr + (cinfo.output_height - cinfo.output_scanline)*outInc[1];
cinfo.output_height is 3000 in my case, the output buffer is only 10 lines height (and 10 pixels wide) thus resuling memory corruption is very understandable.
Unforuntally I don't understand the code well enough to provide you an actual fix. It somehow needs the limit the actual lines copied to the requested output extent. The limit for columns seems to be there by outExt[0] and outSize, but the lines thing is broken.
Above code sample works fine with 6.3.0