Vitaly Perov vitperov@etersoft.ru writes:

@@ -1238,6 +1260,12 @@ static void test_LoadImage(void) test_LoadImageFile("JPG", jpgimage, sizeof(jpgimage), "jpg", 0); test_LoadImageFile("PNG", pngimage, sizeof(pngimage), "png", 0);

• /* Corrupted images */
• test_LoadCorruptedImageFile("corrupted_BMP", bmpimage, sizeof(bmpimage), "bmp", 1);
• test_LoadCorruptedImageFile("corrupted_GIF", gifimage, sizeof(gifimage), "gif", 0);
• test_LoadCorruptedImageFile("corrupted_JPG", jpgimage, sizeof(jpgimage), "jpg", 0);
• test_LoadCorruptedImageFile("corrupted_PNG", pngimage, sizeof(pngimage), "png", 0);

That's an interesting test, but it has nothing to do with your fix. We shouldn't crash on loading corrupted files, but we shouldn't crash if idReserved is 0 either. Your proposed fix is just hiding the problem.

Checking idReserved may or may not be a good idea, independently of fixing that crash, but that would need a different test.