Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(789)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: core/src/fxcodec/jbig2/JBig2_Context.cpp

Issue 1377493005: Prevent divide by zeros in CJBig2_GSIDProc::decode_MMR(). (Closed) Base URL: https://pdfium.googlesource.com/pdfium@master
Patch Set: rebase Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 PDFium Authors. All rights reserved. 1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6 6
7 #include "JBig2_Context.h" 7 #include "JBig2_Context.h"
8 8
9 #include <list> 9 #include <list>
10 10
(...skipping 1109 matching lines...) Expand 10 before | Expand all | Expand 10 after
1120 (m_pStream->read1Byte(&cFlags) != 0) || 1120 (m_pStream->read1Byte(&cFlags) != 0) ||
1121 (m_pStream->readInteger(&pHRD->HGW) != 0) || 1121 (m_pStream->readInteger(&pHRD->HGW) != 0) ||
1122 (m_pStream->readInteger(&pHRD->HGH) != 0) || 1122 (m_pStream->readInteger(&pHRD->HGH) != 0) ||
1123 (m_pStream->readInteger((FX_DWORD*)&pHRD->HGX) != 0) || 1123 (m_pStream->readInteger((FX_DWORD*)&pHRD->HGX) != 0) ||
1124 (m_pStream->readInteger((FX_DWORD*)&pHRD->HGY) != 0) || 1124 (m_pStream->readInteger((FX_DWORD*)&pHRD->HGY) != 0) ||
1125 (m_pStream->readShortInteger(&pHRD->HRX) != 0) || 1125 (m_pStream->readShortInteger(&pHRD->HRX) != 0) ||
1126 (m_pStream->readShortInteger(&pHRD->HRY) != 0)) { 1126 (m_pStream->readShortInteger(&pHRD->HRY) != 0)) {
1127 nRet = JBIG2_ERROR_TOO_SHORT; 1127 nRet = JBIG2_ERROR_TOO_SHORT;
1128 goto failed; 1128 goto failed;
1129 } 1129 }
1130 if (pHRD->HGW == 0 || pHRD->HGH == 0) {
1131 nRet = JBIG2_ERROR_FATAL;
1132 goto failed;
1133 }
1134
1130 pHRD->HBW = ri.width; 1135 pHRD->HBW = ri.width;
1131 pHRD->HBH = ri.height; 1136 pHRD->HBH = ri.height;
1132 pHRD->HMMR = cFlags & 0x01; 1137 pHRD->HMMR = cFlags & 0x01;
1133 pHRD->HTEMPLATE = (cFlags >> 1) & 0x03; 1138 pHRD->HTEMPLATE = (cFlags >> 1) & 0x03;
1134 pHRD->HENABLESKIP = (cFlags >> 3) & 0x01; 1139 pHRD->HENABLESKIP = (cFlags >> 3) & 0x01;
1135 pHRD->HCOMBOP = (JBig2ComposeOp)((cFlags >> 4) & 0x07); 1140 pHRD->HCOMBOP = (JBig2ComposeOp)((cFlags >> 4) & 0x07);
1136 pHRD->HDEFPIXEL = (cFlags >> 7) & 0x01; 1141 pHRD->HDEFPIXEL = (cFlags >> 7) & 0x01;
1137 if (pSegment->m_nReferred_to_segment_count != 1) { 1142 if (pSegment->m_nReferred_to_segment_count != 1) {
1138 nRet = JBIG2_ERROR_FATAL; 1143 nRet = JBIG2_ERROR_FATAL;
1139 goto failed; 1144 goto failed;
(...skipping 427 matching lines...) Expand 10 before | Expand all | Expand 10 after
1567 SBSYMCODES[CURTEMP].code = CURCODE; 1572 SBSYMCODES[CURTEMP].code = CURCODE;
1568 CURCODE = CURCODE + 1; 1573 CURCODE = CURCODE + 1;
1569 } 1574 }
1570 CURTEMP = CURTEMP + 1; 1575 CURTEMP = CURTEMP + 1;
1571 } 1576 }
1572 CURLEN = CURLEN + 1; 1577 CURLEN = CURLEN + 1;
1573 } 1578 }
1574 FX_Free(LENCOUNT); 1579 FX_Free(LENCOUNT);
1575 FX_Free(FIRSTCODE); 1580 FX_Free(FIRSTCODE);
1576 } 1581 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698