Michael Mann
changed
bug 10978
Comment # 7
on bug 10978
from Michael Mann
I agree that the problem can be seen in frame 28, but I think it's with byte 49
of frame (start of long compression). I initialized the buffer memory to
garbage (used memset(..., 0xCD, ...) for both buffers in get_wcp_window_ptr and
the problem was much easier to see. During the decompressed_entry() call, the
first if statement (src < buf_start) is true so the src pointer is incremented
by MAX_WIN_BUF_LEN. This makes no sense to me because MAX_WIN_BUF_LEN is the
total size of a buffer, so what exactly is src pointing to after it's been
incremented? It seems to be copying from "uninitialized memory" (the 0xCD
values I fake initialized it to)
You are receiving this mail because:
- You are watching all bug changes.