| OLD | NEW |
|---|
| 1 // Copyright 2015 PDFium Authors. All rights reserved. | 1 // Copyright 2015 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "JBig2_SddProc.h" | 7 #include "JBig2_SddProc.h" |
| 8 | 8 |
| 9 #include "../../../../third_party/base/nonstd_unique_ptr.h" | 9 #include "../../../../third_party/base/nonstd_unique_ptr.h" |
| 10 #include "../../../../third_party/base/stl_util.h" |
| 10 #include "../../../include/fxcrt/fx_basic.h" | 11 #include "../../../include/fxcrt/fx_basic.h" |
| 11 #include "JBig2_ArithIntDecoder.h" | 12 #include "JBig2_ArithIntDecoder.h" |
| 12 #include "JBig2_GrdProc.h" | 13 #include "JBig2_GrdProc.h" |
| 13 #include "JBig2_GrrdProc.h" | 14 #include "JBig2_GrrdProc.h" |
| 14 #include "JBig2_HuffmanDecoder.h" | 15 #include "JBig2_HuffmanDecoder.h" |
| 15 #include "JBig2_HuffmanTable.h" | 16 #include "JBig2_HuffmanTable.h" |
| 16 #include "JBig2_SymbolDict.h" | 17 #include "JBig2_SymbolDict.h" |
| 17 #include "JBig2_TrdProc.h" | 18 #include "JBig2_TrdProc.h" |
| 18 | 19 |
| 20 using pdfium::vector_as_array; |
| 21 |
| 19 CJBig2_SymbolDict* CJBig2_SDDProc::decode_Arith( | 22 CJBig2_SymbolDict* CJBig2_SDDProc::decode_Arith( |
| 20 CJBig2_ArithDecoder* pArithDecoder, | 23 CJBig2_ArithDecoder* pArithDecoder, |
| 21 JBig2ArithCtx* gbContext, | 24 std::vector<JBig2ArithCtx>* gbContext, |
| 22 JBig2ArithCtx* grContext) { | 25 std::vector<JBig2ArithCtx>* grContext) { |
| 23 CJBig2_Image** SDNEWSYMS; | 26 CJBig2_Image** SDNEWSYMS; |
| 24 FX_DWORD HCHEIGHT, NSYMSDECODED; | 27 FX_DWORD HCHEIGHT, NSYMSDECODED; |
| 25 int32_t HCDH; | 28 int32_t HCDH; |
| 26 FX_DWORD SYMWIDTH, TOTWIDTH; | 29 FX_DWORD SYMWIDTH, TOTWIDTH; |
| 27 int32_t DW; | 30 int32_t DW; |
| 28 CJBig2_Image* BS; | 31 CJBig2_Image* BS; |
| 29 FX_DWORD I, J, REFAGGNINST; | 32 FX_DWORD I, J, REFAGGNINST; |
| 30 FX_BOOL* EXFLAGS; | 33 FX_BOOL* EXFLAGS; |
| 31 FX_DWORD EXINDEX; | 34 FX_DWORD EXINDEX; |
| 32 FX_BOOL CUREXFLAG; | 35 FX_BOOL CUREXFLAG; |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 pGRD->TPGDON = 0; | 100 pGRD->TPGDON = 0; |
| 98 pGRD->USESKIP = 0; | 101 pGRD->USESKIP = 0; |
| 99 pGRD->GBAT[0] = SDAT[0]; | 102 pGRD->GBAT[0] = SDAT[0]; |
| 100 pGRD->GBAT[1] = SDAT[1]; | 103 pGRD->GBAT[1] = SDAT[1]; |
| 101 pGRD->GBAT[2] = SDAT[2]; | 104 pGRD->GBAT[2] = SDAT[2]; |
| 102 pGRD->GBAT[3] = SDAT[3]; | 105 pGRD->GBAT[3] = SDAT[3]; |
| 103 pGRD->GBAT[4] = SDAT[4]; | 106 pGRD->GBAT[4] = SDAT[4]; |
| 104 pGRD->GBAT[5] = SDAT[5]; | 107 pGRD->GBAT[5] = SDAT[5]; |
| 105 pGRD->GBAT[6] = SDAT[6]; | 108 pGRD->GBAT[6] = SDAT[6]; |
| 106 pGRD->GBAT[7] = SDAT[7]; | 109 pGRD->GBAT[7] = SDAT[7]; |
| 107 BS = pGRD->decode_Arith(pArithDecoder, gbContext); | 110 BS = pGRD->decode_Arith(pArithDecoder, vector_as_array(gbContext)); |
| 108 if (!BS) { | 111 if (!BS) { |
| 109 goto failed; | 112 goto failed; |
| 110 } | 113 } |
| 111 } else { | 114 } else { |
| 112 IAAI->decode(pArithDecoder, (int*)&REFAGGNINST); | 115 IAAI->decode(pArithDecoder, (int*)&REFAGGNINST); |
| 113 if (REFAGGNINST > 1) { | 116 if (REFAGGNINST > 1) { |
| 114 nonstd::unique_ptr<CJBig2_TRDProc> pDecoder(new CJBig2_TRDProc()); | 117 nonstd::unique_ptr<CJBig2_TRDProc> pDecoder(new CJBig2_TRDProc()); |
| 115 pDecoder->SBHUFF = SDHUFF; | 118 pDecoder->SBHUFF = SDHUFF; |
| 116 pDecoder->SBREFINE = 1; | 119 pDecoder->SBREFINE = 1; |
| 117 pDecoder->SBW = SYMWIDTH; | 120 pDecoder->SBW = SYMWIDTH; |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 185 ids.IADT = IADT.get(); | 188 ids.IADT = IADT.get(); |
| 186 ids.IAFS = IAFS.get(); | 189 ids.IAFS = IAFS.get(); |
| 187 ids.IADS = IADS.get(); | 190 ids.IADS = IADS.get(); |
| 188 ids.IAIT = IAIT.get(); | 191 ids.IAIT = IAIT.get(); |
| 189 ids.IARI = IARI.get(); | 192 ids.IARI = IARI.get(); |
| 190 ids.IARDW = IARDW.get(); | 193 ids.IARDW = IARDW.get(); |
| 191 ids.IARDH = IARDH.get(); | 194 ids.IARDH = IARDH.get(); |
| 192 ids.IARDX = IARDX.get(); | 195 ids.IARDX = IARDX.get(); |
| 193 ids.IARDY = IARDY.get(); | 196 ids.IARDY = IARDY.get(); |
| 194 ids.IAID = IAID.get(); | 197 ids.IAID = IAID.get(); |
| 195 BS = pDecoder->decode_Arith(pArithDecoder, grContext, &ids); | 198 BS = pDecoder->decode_Arith(pArithDecoder, vector_as_array(grContext), |
| 199 &ids); |
| 196 if (!BS) { | 200 if (!BS) { |
| 197 FX_Free(SBSYMS); | 201 FX_Free(SBSYMS); |
| 198 goto failed; | 202 goto failed; |
| 199 } | 203 } |
| 200 FX_Free(SBSYMS); | 204 FX_Free(SBSYMS); |
| 201 } else if (REFAGGNINST == 1) { | 205 } else if (REFAGGNINST == 1) { |
| 202 SBNUMSYMS = SDNUMINSYMS + NSYMSDECODED; | 206 SBNUMSYMS = SDNUMINSYMS + NSYMSDECODED; |
| 203 FX_DWORD IDI; | 207 FX_DWORD IDI; |
| 204 IAID->decode(pArithDecoder, &IDI); | 208 IAID->decode(pArithDecoder, &IDI); |
| 205 IARDX->decode(pArithDecoder, &RDXI); | 209 IARDX->decode(pArithDecoder, &RDXI); |
| (...skipping 14 matching lines...) Expand all Loading... |
| 220 pGRRD->GRH = HCHEIGHT; | 224 pGRRD->GRH = HCHEIGHT; |
| 221 pGRRD->GRTEMPLATE = SDRTEMPLATE; | 225 pGRRD->GRTEMPLATE = SDRTEMPLATE; |
| 222 pGRRD->GRREFERENCE = SBSYMS[IDI]; | 226 pGRRD->GRREFERENCE = SBSYMS[IDI]; |
| 223 pGRRD->GRREFERENCEDX = RDXI; | 227 pGRRD->GRREFERENCEDX = RDXI; |
| 224 pGRRD->GRREFERENCEDY = RDYI; | 228 pGRRD->GRREFERENCEDY = RDYI; |
| 225 pGRRD->TPGRON = 0; | 229 pGRRD->TPGRON = 0; |
| 226 pGRRD->GRAT[0] = SDRAT[0]; | 230 pGRRD->GRAT[0] = SDRAT[0]; |
| 227 pGRRD->GRAT[1] = SDRAT[1]; | 231 pGRRD->GRAT[1] = SDRAT[1]; |
| 228 pGRRD->GRAT[2] = SDRAT[2]; | 232 pGRRD->GRAT[2] = SDRAT[2]; |
| 229 pGRRD->GRAT[3] = SDRAT[3]; | 233 pGRRD->GRAT[3] = SDRAT[3]; |
| 230 BS = pGRRD->decode(pArithDecoder, grContext); | 234 BS = pGRRD->decode(pArithDecoder, vector_as_array(grContext)); |
| 231 if (!BS) { | 235 if (!BS) { |
| 232 FX_Free(SBSYMS); | 236 FX_Free(SBSYMS); |
| 233 goto failed; | 237 goto failed; |
| 234 } | 238 } |
| 235 FX_Free(SBSYMS); | 239 FX_Free(SBSYMS); |
| 236 } | 240 } |
| 237 } | 241 } |
| 238 SDNEWSYMS[NSYMSDECODED] = BS; | 242 SDNEWSYMS[NSYMSDECODED] = BS; |
| 239 BS = nullptr; | 243 BS = nullptr; |
| 240 NSYMSDECODED = NSYMSDECODED + 1; | 244 NSYMSDECODED = NSYMSDECODED + 1; |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 278 for (I = 0; I < NSYMSDECODED; I++) { | 282 for (I = 0; I < NSYMSDECODED; I++) { |
| 279 if (SDNEWSYMS[I]) { | 283 if (SDNEWSYMS[I]) { |
| 280 delete SDNEWSYMS[I]; | 284 delete SDNEWSYMS[I]; |
| 281 SDNEWSYMS[I] = nullptr; | 285 SDNEWSYMS[I] = nullptr; |
| 282 } | 286 } |
| 283 } | 287 } |
| 284 FX_Free(SDNEWSYMS); | 288 FX_Free(SDNEWSYMS); |
| 285 return nullptr; | 289 return nullptr; |
| 286 } | 290 } |
| 287 | 291 |
| 288 CJBig2_SymbolDict* CJBig2_SDDProc::decode_Huffman(CJBig2_BitStream* pStream, | 292 CJBig2_SymbolDict* CJBig2_SDDProc::decode_Huffman( |
| 289 JBig2ArithCtx* gbContext, | 293 CJBig2_BitStream* pStream, |
| 290 JBig2ArithCtx* grContext, | 294 std::vector<JBig2ArithCtx>* gbContext, |
| 291 IFX_Pause* pPause) { | 295 std::vector<JBig2ArithCtx>* grContext, |
| 296 IFX_Pause* pPause) { |
| 292 CJBig2_Image** SDNEWSYMS; | 297 CJBig2_Image** SDNEWSYMS; |
| 293 FX_DWORD* SDNEWSYMWIDTHS; | 298 FX_DWORD* SDNEWSYMWIDTHS; |
| 294 FX_DWORD HCHEIGHT, NSYMSDECODED; | 299 FX_DWORD HCHEIGHT, NSYMSDECODED; |
| 295 int32_t HCDH; | 300 int32_t HCDH; |
| 296 FX_DWORD SYMWIDTH, TOTWIDTH, HCFIRSTSYM; | 301 FX_DWORD SYMWIDTH, TOTWIDTH, HCFIRSTSYM; |
| 297 int32_t DW; | 302 int32_t DW; |
| 298 CJBig2_Image* BS, *BHC; | 303 CJBig2_Image* BS, *BHC; |
| 299 FX_DWORD I, J, REFAGGNINST; | 304 FX_DWORD I, J, REFAGGNINST; |
| 300 FX_BOOL* EXFLAGS; | 305 FX_BOOL* EXFLAGS; |
| 301 FX_DWORD EXINDEX; | 306 FX_DWORD EXINDEX; |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 433 pDecoder->SBHUFFRDW = SBHUFFRDW.get(); | 438 pDecoder->SBHUFFRDW = SBHUFFRDW.get(); |
| 434 pDecoder->SBHUFFRDH = SBHUFFRDH.get(); | 439 pDecoder->SBHUFFRDH = SBHUFFRDH.get(); |
| 435 pDecoder->SBHUFFRDX = SBHUFFRDX.get(); | 440 pDecoder->SBHUFFRDX = SBHUFFRDX.get(); |
| 436 pDecoder->SBHUFFRDY = SBHUFFRDY.get(); | 441 pDecoder->SBHUFFRDY = SBHUFFRDY.get(); |
| 437 pDecoder->SBHUFFRSIZE = SBHUFFRSIZE.get(); | 442 pDecoder->SBHUFFRSIZE = SBHUFFRSIZE.get(); |
| 438 pDecoder->SBRTEMPLATE = SDRTEMPLATE; | 443 pDecoder->SBRTEMPLATE = SDRTEMPLATE; |
| 439 pDecoder->SBRAT[0] = SDRAT[0]; | 444 pDecoder->SBRAT[0] = SDRAT[0]; |
| 440 pDecoder->SBRAT[1] = SDRAT[1]; | 445 pDecoder->SBRAT[1] = SDRAT[1]; |
| 441 pDecoder->SBRAT[2] = SDRAT[2]; | 446 pDecoder->SBRAT[2] = SDRAT[2]; |
| 442 pDecoder->SBRAT[3] = SDRAT[3]; | 447 pDecoder->SBRAT[3] = SDRAT[3]; |
| 443 BS = pDecoder->decode_Huffman(pStream, grContext); | 448 BS = pDecoder->decode_Huffman(pStream, vector_as_array(grContext)); |
| 444 if (!BS) { | 449 if (!BS) { |
| 445 FX_Free(SBSYMCODES); | 450 FX_Free(SBSYMCODES); |
| 446 FX_Free(SBSYMS); | 451 FX_Free(SBSYMS); |
| 447 goto failed; | 452 goto failed; |
| 448 } | 453 } |
| 449 FX_Free(SBSYMCODES); | 454 FX_Free(SBSYMCODES); |
| 450 FX_Free(SBSYMS); | 455 FX_Free(SBSYMS); |
| 451 } else if (REFAGGNINST == 1) { | 456 } else if (REFAGGNINST == 1) { |
| 452 SBNUMSYMS = SDNUMINSYMS + SDNUMNEWSYMS; | 457 SBNUMSYMS = SDNUMINSYMS + SDNUMNEWSYMS; |
| 453 nTmp = 1; | 458 nTmp = 1; |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 505 pGRRD->GRREFERENCE = SBSYMS[IDI]; | 510 pGRRD->GRREFERENCE = SBSYMS[IDI]; |
| 506 pGRRD->GRREFERENCEDX = RDXI; | 511 pGRRD->GRREFERENCEDX = RDXI; |
| 507 pGRRD->GRREFERENCEDY = RDYI; | 512 pGRRD->GRREFERENCEDY = RDYI; |
| 508 pGRRD->TPGRON = 0; | 513 pGRRD->TPGRON = 0; |
| 509 pGRRD->GRAT[0] = SDRAT[0]; | 514 pGRRD->GRAT[0] = SDRAT[0]; |
| 510 pGRRD->GRAT[1] = SDRAT[1]; | 515 pGRRD->GRAT[1] = SDRAT[1]; |
| 511 pGRRD->GRAT[2] = SDRAT[2]; | 516 pGRRD->GRAT[2] = SDRAT[2]; |
| 512 pGRRD->GRAT[3] = SDRAT[3]; | 517 pGRRD->GRAT[3] = SDRAT[3]; |
| 513 nonstd::unique_ptr<CJBig2_ArithDecoder> pArithDecoder( | 518 nonstd::unique_ptr<CJBig2_ArithDecoder> pArithDecoder( |
| 514 new CJBig2_ArithDecoder(pStream)); | 519 new CJBig2_ArithDecoder(pStream)); |
| 515 BS = pGRRD->decode(pArithDecoder.get(), grContext); | 520 BS = pGRRD->decode(pArithDecoder.get(), vector_as_array(grContext)); |
| 516 if (!BS) { | 521 if (!BS) { |
| 517 FX_Free(SBSYMS); | 522 FX_Free(SBSYMS); |
| 518 goto failed; | 523 goto failed; |
| 519 } | 524 } |
| 520 pStream->alignByte(); | 525 pStream->alignByte(); |
| 521 pStream->offset(2); | 526 pStream->offset(2); |
| 522 if ((FX_DWORD)nVal != (pStream->getOffset() - nTmp)) { | 527 if ((FX_DWORD)nVal != (pStream->getOffset() - nTmp)) { |
| 523 delete BS; | 528 delete BS; |
| 524 FX_Free(SBSYMS); | 529 FX_Free(SBSYMS); |
| 525 goto failed; | 530 goto failed; |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 617 failed: | 622 failed: |
| 618 for (I = 0; I < NSYMSDECODED; I++) { | 623 for (I = 0; I < NSYMSDECODED; I++) { |
| 619 delete SDNEWSYMS[I]; | 624 delete SDNEWSYMS[I]; |
| 620 } | 625 } |
| 621 FX_Free(SDNEWSYMS); | 626 FX_Free(SDNEWSYMS); |
| 622 if (SDREFAGG == 0) { | 627 if (SDREFAGG == 0) { |
| 623 FX_Free(SDNEWSYMWIDTHS); | 628 FX_Free(SDNEWSYMWIDTHS); |
| 624 } | 629 } |
| 625 return nullptr; | 630 return nullptr; |
| 626 } | 631 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1388203003:
Sanitize CJBig2_SymbolDict's memory usage. (Closed)
Base URL: https://pdfium.googlesource.com/pdfium@master