Source/core/platform/image-decoders/gif/GIFImageReader.cpp - Issue 15914009: More tolerant about malformed GIF files

Side by Side Diff: Source/core/platform/image-decoders/gif/GIFImageReader.cpp

Issue 15914009: More tolerant about malformed GIF files (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: comments Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /* -- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -- */	1 /* -- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -- */

2 /* *** BEGIN LICENSE BLOCK ***	2 /* *** BEGIN LICENSE BLOCK ***

3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

4 *	4 *

5 * The contents of this file are subject to the Mozilla Public License Version	5 * The contents of this file are subject to the Mozilla Public License Version

6 * 1.1 (the "License"); you may not use this file except in compliance with	6 * 1.1 (the "License"); you may not use this file except in compliance with

7 * the License. You may obtain a copy of the License at	7 * the License. You may obtain a copy of the License at

8 * http://www.mozilla.org/MPL/	8 * http://www.mozilla.org/MPL/

9 *	9 *

10 * Software distributed under the License is distributed on an "AS IS" basis,	10 * Software distributed under the License is distributed on an "AS IS" basis,

(...skipping 466 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
477 break;	477 break;

478 }	478 }

479	479

480 case GIFGlobalColormap: {	480 case GIFGlobalColormap: {

481 m_isGlobalColormapDefined = true;	481 m_isGlobalColormapDefined = true;

482 GETN(1, GIFImageStart);	482 GETN(1, GIFImageStart);

483 break;	483 break;

484 }	484 }

485	485

486 case GIFImageStart: {	486 case GIFImageStart: {

487 if (*currentComponent == ';') { // terminator.	487 if (*currentComponent == ';') { // terminator.
	Peter Kasting 2013/05/29 04:30:17 Nit: You can nuke this block entirely and let it b Nit: You can nuke this block entirely and let it be handled by the catchall code below, if you update the comment below to begin like: Having handled the extension and image separator tokens above, the only other valid token is ';', which terminates the file. In the case of other characters, the GIF87a spec tells us... Alpha Left Google 2013/05/29 19:38:58 Done. Show quoted text On 2013/05/29 04:30:17, Peter Kasting wrote: > Nit: You can nuke this block entirely and let it be handled by the catchall code > below, if you update the comment below to begin like: > > Having handled the extension and image separator tokens above, the only other > valid token is ';', which terminates the file. In the case of other characters, > the GIF87a spec tells us... Done.
488 GETN(0, GIFDone);	488 GETN(0, GIFDone);

489 break;	489 break;

490 }	490 }

491	491

492 if (*currentComponent == '!') { // extension.	492 if (*currentComponent == '!') { // extension.

493 GETN(2, GIFExtension);	493 GETN(2, GIFExtension);

494 break;	494 break;

495 }	495 }

496	496

	497 if (*currentComponent == ',') { // image separator.

	498 GETN(9, GIFImageHeader);

	499 break;

	500 }

	501

497 // If we get anything other than ',' (image separator), '!'	502 // If we get anything other than ',' (image separator), '!'

498 // (extension), or ';' (trailer), there is extraneous data	503 // (extension), or ';' (trailer), there is extraneous data

499 // between blocks. The GIF87a spec tells us to keep reading	504 // between blocks. The GIF87a spec tells us to keep reading

500 // until we find an image separator, but GIF89a says such	505 // until we find an image separator, but GIF89a says such

501 // a file is corrupt. We follow GIF89a and bail out.	506 // a file is corrupt. We follow Mozilla's implementation and

502 if (*currentComponent != ',')	507 // proceed as if the file were correctly terminated, so the

503 return false;	508 // GIF will display.

504	509 GETN(0, GIFDone);

505 GETN(9, GIFImageHeader);

506 break;	510 break;

507 }	511 }

508	512

509 case GIFExtension: {	513 case GIFExtension: {

510 size_t bytesInBlock = currentComponent[1];	514 size_t bytesInBlock = currentComponent[1];

511 GIFState es = GIFSkipBlock;	515 GIFState es = GIFSkipBlock;

512	516

513 switch (*currentComponent) {	517 switch (*currentComponent) {

514 case 0xf9:	518 case 0xf9:

515 es = GIFControlExtension;	519 es = GIFControlExtension;

(...skipping 300 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
816 rowPosition = 0;	820 rowPosition = 0;

817 rowsRemaining = m_frameContext->height;	821 rowsRemaining = m_frameContext->height;

818	822

819 // Clearing the whole suffix table lets us be more tolerant of bad data.	823 // Clearing the whole suffix table lets us be more tolerant of bad data.

820 suffix.fill(0);	824 suffix.fill(0);

821 for (int i = 0; i < clearCode; i++)	825 for (int i = 0; i < clearCode; i++)

822 suffix[i] = i;	826 suffix[i] = i;

823 stackp = 0;	827 stackp = 0;

824 return true;	828 return true;

825 }	829 }

OLD	NEW

« Source/WebKit/chromium/tests/GIFImageDecoderTest.cpp ('K') | « Source/WebKit/chromium/tests/GIFImageDecoderTest.cpp ('k') | no next file » | no next file with comments »