| OLD | NEW |
|---|
| 1 // Copyright 2016 PDFium Authors. All rights reserved. | 1 // Copyright 2016 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" | 7 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 1059 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1070 dwCaculatedSize *= totalWidth; | 1070 dwCaculatedSize *= totalWidth; |
| 1071 if (!dwCaculatedSize.IsValid() || | 1071 if (!dwCaculatedSize.IsValid() || |
| 1072 dwCaculatedSize.ValueOrDie() > dwTotalSize) { | 1072 dwCaculatedSize.ValueOrDie() > dwTotalSize) { |
| 1073 continue; | 1073 continue; |
| 1074 } | 1074 } |
| 1075 | 1075 |
| 1076 const uint8_t* segstart = pData + segindex * totalWidth; | 1076 const uint8_t* segstart = pData + segindex * totalWidth; |
| 1077 FX_SAFE_UINT32 dwMaxObjNum = startnum; | 1077 FX_SAFE_UINT32 dwMaxObjNum = startnum; |
| 1078 dwMaxObjNum += count; | 1078 dwMaxObjNum += count; |
| 1079 uint32_t dwV5Size = m_ObjectInfo.empty() ? 0 : GetLastObjNum() + 1; | 1079 uint32_t dwV5Size = m_ObjectInfo.empty() ? 0 : GetLastObjNum() + 1; |
| 1080 if (!dwMaxObjNum.IsValid()) | 1080 if (!dwMaxObjNum.IsValid() || dwMaxObjNum.ValueOrDie() > dwV5Size) |
| 1081 continue; | 1081 continue; |
| 1082 // When the max object number is larger than the defined size, try to | |
| 1083 // increase the size to accomodate more objects. | |
| 1084 // Some software messes this up, see chromium:596947. | |
| 1085 if (dwMaxObjNum.ValueOrDie() > dwV5Size) | |
| 1086 ShrinkObjectMap(dwMaxObjNum.ValueOrDie()); | |
| 1087 | 1082 |
| 1088 for (uint32_t j = 0; j < count; j++) { | 1083 for (uint32_t j = 0; j < count; j++) { |
| 1089 int32_t type = 1; | 1084 int32_t type = 1; |
| 1090 const uint8_t* entrystart = segstart + j * totalWidth; | 1085 const uint8_t* entrystart = segstart + j * totalWidth; |
| 1091 if (WidthArray[0]) | 1086 if (WidthArray[0]) |
| 1092 type = GetVarInt(entrystart, WidthArray[0]); | 1087 type = GetVarInt(entrystart, WidthArray[0]); |
| 1093 | 1088 |
| 1094 if (GetObjectType(startnum + j) == 255) { | 1089 if (GetObjectType(startnum + j) == 255) { |
| 1095 FX_FILESIZE offset = | 1090 FX_FILESIZE offset = |
| 1096 GetVarInt(entrystart + WidthArray[0], WidthArray[1]); | 1091 GetVarInt(entrystart + WidthArray[0], WidthArray[1]); |
| (...skipping 578 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1675 if (!LoadLinearizedAllCrossRefV4(m_LastXRefOffset, m_dwXrefStartObjNum) && | 1670 if (!LoadLinearizedAllCrossRefV4(m_LastXRefOffset, m_dwXrefStartObjNum) && |
| 1676 !LoadLinearizedAllCrossRefV5(m_LastXRefOffset)) { | 1671 !LoadLinearizedAllCrossRefV5(m_LastXRefOffset)) { |
| 1677 m_LastXRefOffset = 0; | 1672 m_LastXRefOffset = 0; |
| 1678 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; | 1673 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; |
| 1679 return FORMAT_ERROR; | 1674 return FORMAT_ERROR; |
| 1680 } | 1675 } |
| 1681 | 1676 |
| 1682 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; | 1677 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; |
| 1683 return SUCCESS; | 1678 return SUCCESS; |
| 1684 } | 1679 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1946693002:
Revert of Relax a couple checks to allow certain non-standard PDF files. (Closed)
Base URL: https://pdfium.googlesource.com/pdfium.git@master