| OLD | NEW |
|---|
| 1 // Copyright 2015 PDFium Authors. All rights reserved. | 1 // Copyright 2015 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "core/fxcodec/jbig2/JBig2_TrdProc.h" | 7 #include "core/fxcodec/jbig2/JBig2_TrdProc.h" |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 | 10 |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 107 (pHuffmanDecoder->decodeAValue(SBHUFFRDY, &RDYI) != 0) || | 107 (pHuffmanDecoder->decodeAValue(SBHUFFRDY, &RDYI) != 0) || |
| 108 (pHuffmanDecoder->decodeAValue(SBHUFFRSIZE, &nVal) != 0)) { | 108 (pHuffmanDecoder->decodeAValue(SBHUFFRSIZE, &nVal) != 0)) { |
| 109 return nullptr; | 109 return nullptr; |
| 110 } | 110 } |
| 111 pStream->alignByte(); | 111 pStream->alignByte(); |
| 112 uint32_t nTmp = pStream->getOffset(); | 112 uint32_t nTmp = pStream->getOffset(); |
| 113 CJBig2_Image* IBOI = SBSYMS[IDI]; | 113 CJBig2_Image* IBOI = SBSYMS[IDI]; |
| 114 if (!IBOI) | 114 if (!IBOI) |
| 115 return nullptr; | 115 return nullptr; |
| 116 | 116 |
| 117 uint32_t WOI = IBOI->m_nWidth; | 117 uint32_t WOI = IBOI->width(); |
| 118 uint32_t HOI = IBOI->m_nHeight; | 118 uint32_t HOI = IBOI->height(); |
| 119 if ((int)(WOI + RDWI) < 0 || (int)(HOI + RDHI) < 0) | 119 if ((int)(WOI + RDWI) < 0 || (int)(HOI + RDHI) < 0) |
| 120 return nullptr; | 120 return nullptr; |
| 121 | 121 |
| 122 std::unique_ptr<CJBig2_GRRDProc> pGRRD(new CJBig2_GRRDProc()); | 122 std::unique_ptr<CJBig2_GRRDProc> pGRRD(new CJBig2_GRRDProc()); |
| 123 pGRRD->GRW = WOI + RDWI; | 123 pGRRD->GRW = WOI + RDWI; |
| 124 pGRRD->GRH = HOI + RDHI; | 124 pGRRD->GRH = HOI + RDHI; |
| 125 pGRRD->GRTEMPLATE = SBRTEMPLATE; | 125 pGRRD->GRTEMPLATE = SBRTEMPLATE; |
| 126 pGRRD->GRREFERENCE = IBOI; | 126 pGRRD->GRREFERENCE = IBOI; |
| 127 pGRRD->GRREFERENCEDX = (RDWI >> 2) + RDXI; | 127 pGRRD->GRREFERENCEDX = (RDWI >> 2) + RDXI; |
| 128 pGRRD->GRREFERENCEDY = (RDHI >> 2) + RDYI; | 128 pGRRD->GRREFERENCEDY = (RDHI >> 2) + RDYI; |
| (...skipping 14 matching lines...) Expand all Loading... |
| 143 pStream->alignByte(); | 143 pStream->alignByte(); |
| 144 pStream->offset(2); | 144 pStream->offset(2); |
| 145 if ((uint32_t)nVal != (pStream->getOffset() - nTmp)) { | 145 if ((uint32_t)nVal != (pStream->getOffset() - nTmp)) { |
| 146 delete IBI; | 146 delete IBI; |
| 147 return nullptr; | 147 return nullptr; |
| 148 } | 148 } |
| 149 } | 149 } |
| 150 if (!IBI) { | 150 if (!IBI) { |
| 151 continue; | 151 continue; |
| 152 } | 152 } |
| 153 uint32_t WI = IBI->m_nWidth; | 153 uint32_t WI = IBI->width(); |
| 154 uint32_t HI = IBI->m_nHeight; | 154 uint32_t HI = IBI->height(); |
| 155 if (TRANSPOSED == 0 && ((REFCORNER == JBIG2_CORNER_TOPRIGHT) || | 155 if (TRANSPOSED == 0 && ((REFCORNER == JBIG2_CORNER_TOPRIGHT) || |
| 156 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { | 156 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { |
| 157 CURS = CURS + WI - 1; | 157 CURS = CURS + WI - 1; |
| 158 } else if (TRANSPOSED == 1 && ((REFCORNER == JBIG2_CORNER_BOTTOMLEFT) || | 158 } else if (TRANSPOSED == 1 && ((REFCORNER == JBIG2_CORNER_BOTTOMLEFT) || |
| 159 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { | 159 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { |
| 160 CURS = CURS + HI - 1; | 160 CURS = CURS + HI - 1; |
| 161 } | 161 } |
| 162 int32_t SI = CURS; | 162 int32_t SI = CURS; |
| 163 if (TRANSPOSED == 0) { | 163 if (TRANSPOSED == 0) { |
| 164 switch (REFCORNER) { | 164 switch (REFCORNER) { |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 320 int32_t RDXI; | 320 int32_t RDXI; |
| 321 int32_t RDYI; | 321 int32_t RDYI; |
| 322 pIARDW->decode(pArithDecoder, &RDWI); | 322 pIARDW->decode(pArithDecoder, &RDWI); |
| 323 pIARDH->decode(pArithDecoder, &RDHI); | 323 pIARDH->decode(pArithDecoder, &RDHI); |
| 324 pIARDX->decode(pArithDecoder, &RDXI); | 324 pIARDX->decode(pArithDecoder, &RDXI); |
| 325 pIARDY->decode(pArithDecoder, &RDYI); | 325 pIARDY->decode(pArithDecoder, &RDYI); |
| 326 CJBig2_Image* IBOI = SBSYMS[IDI]; | 326 CJBig2_Image* IBOI = SBSYMS[IDI]; |
| 327 if (!IBOI) | 327 if (!IBOI) |
| 328 return nullptr; | 328 return nullptr; |
| 329 | 329 |
| 330 uint32_t WOI = IBOI->m_nWidth; | 330 uint32_t WOI = IBOI->width(); |
| 331 uint32_t HOI = IBOI->m_nHeight; | 331 uint32_t HOI = IBOI->height(); |
| 332 if ((int)(WOI + RDWI) < 0 || (int)(HOI + RDHI) < 0) | 332 if ((int)(WOI + RDWI) < 0 || (int)(HOI + RDHI) < 0) |
| 333 return nullptr; | 333 return nullptr; |
| 334 | 334 |
| 335 std::unique_ptr<CJBig2_GRRDProc> pGRRD(new CJBig2_GRRDProc()); | 335 std::unique_ptr<CJBig2_GRRDProc> pGRRD(new CJBig2_GRRDProc()); |
| 336 pGRRD->GRW = WOI + RDWI; | 336 pGRRD->GRW = WOI + RDWI; |
| 337 pGRRD->GRH = HOI + RDHI; | 337 pGRRD->GRH = HOI + RDHI; |
| 338 pGRRD->GRTEMPLATE = SBRTEMPLATE; | 338 pGRRD->GRTEMPLATE = SBRTEMPLATE; |
| 339 pGRRD->GRREFERENCE = IBOI; | 339 pGRRD->GRREFERENCE = IBOI; |
| 340 pGRRD->GRREFERENCEDX = (RDWI >> 1) + RDXI; | 340 pGRRD->GRREFERENCEDX = (RDWI >> 1) + RDXI; |
| 341 pGRRD->GRREFERENCEDY = (RDHI >> 1) + RDYI; | 341 pGRRD->GRREFERENCEDY = (RDHI >> 1) + RDYI; |
| 342 pGRRD->TPGRON = 0; | 342 pGRRD->TPGRON = 0; |
| 343 pGRRD->GRAT[0] = SBRAT[0]; | 343 pGRRD->GRAT[0] = SBRAT[0]; |
| 344 pGRRD->GRAT[1] = SBRAT[1]; | 344 pGRRD->GRAT[1] = SBRAT[1]; |
| 345 pGRRD->GRAT[2] = SBRAT[2]; | 345 pGRRD->GRAT[2] = SBRAT[2]; |
| 346 pGRRD->GRAT[3] = SBRAT[3]; | 346 pGRRD->GRAT[3] = SBRAT[3]; |
| 347 IBI.reset(pGRRD->decode(pArithDecoder, grContext)); | 347 IBI.reset(pGRRD->decode(pArithDecoder, grContext)); |
| 348 pIBI = IBI.get(); | 348 pIBI = IBI.get(); |
| 349 } | 349 } |
| 350 if (!pIBI) | 350 if (!pIBI) |
| 351 return nullptr; | 351 return nullptr; |
| 352 | 352 |
| 353 uint32_t WI = pIBI->m_nWidth; | 353 uint32_t WI = pIBI->width(); |
| 354 uint32_t HI = pIBI->m_nHeight; | 354 uint32_t HI = pIBI->height(); |
| 355 if (TRANSPOSED == 0 && ((REFCORNER == JBIG2_CORNER_TOPRIGHT) || | 355 if (TRANSPOSED == 0 && ((REFCORNER == JBIG2_CORNER_TOPRIGHT) || |
| 356 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { | 356 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { |
| 357 CURS += WI - 1; | 357 CURS += WI - 1; |
| 358 } else if (TRANSPOSED == 1 && ((REFCORNER == JBIG2_CORNER_BOTTOMLEFT) || | 358 } else if (TRANSPOSED == 1 && ((REFCORNER == JBIG2_CORNER_BOTTOMLEFT) || |
| 359 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { | 359 (REFCORNER == JBIG2_CORNER_BOTTOMRIGHT))) { |
| 360 CURS += HI - 1; | 360 CURS += HI - 1; |
| 361 } | 361 } |
| 362 int32_t SI = CURS; | 362 int32_t SI = CURS; |
| 363 if (TRANSPOSED == 0) { | 363 if (TRANSPOSED == 0) { |
| 364 switch (REFCORNER) { | 364 switch (REFCORNER) { |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 396 CURS += WI - 1; | 396 CURS += WI - 1; |
| 397 } else if (TRANSPOSED == 1 && ((REFCORNER == JBIG2_CORNER_TOPLEFT) || | 397 } else if (TRANSPOSED == 1 && ((REFCORNER == JBIG2_CORNER_TOPLEFT) || |
| 398 (REFCORNER == JBIG2_CORNER_TOPRIGHT))) { | 398 (REFCORNER == JBIG2_CORNER_TOPRIGHT))) { |
| 399 CURS += HI - 1; | 399 CURS += HI - 1; |
| 400 } | 400 } |
| 401 ++NINSTANCES; | 401 ++NINSTANCES; |
| 402 } | 402 } |
| 403 } | 403 } |
| 404 return SBREG.release(); | 404 return SBREG.release(); |
| 405 } | 405 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2202013002:
Bound total pixels in JBig2 images to avoid overflows later. (Closed)
Base URL: https://pdfium.googlesource.com/pdfium.git@master