Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(67)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: core/fxcodec/jbig2/JBig2_Context.cpp

Issue 2202013002: Bound total pixels in JBig2 images to avoid overflows later. (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: Add tests Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « BUILD.gn ('k') | core/fxcodec/jbig2/JBig2_GrdProc.cpp » ('j') | core/fxcodec/jbig2/JBig2_Image_unittest.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: core/fxcodec/jbig2/JBig2_Context.cpp
diff --git a/core/fxcodec/jbig2/JBig2_Context.cpp b/core/fxcodec/jbig2/JBig2_Context.cpp
index 256ce3910a2484a0efbf76bfb24f492a9af1cbbf..911eb0bf63c755bc782d2c37bfa95d902f511276 100644
--- a/core/fxcodec/jbig2/JBig2_Context.cpp
+++ b/core/fxcodec/jbig2/JBig2_Context.cpp
@@ -924,7 +924,7 @@ int32_t CJBig2_Context::parseTextRegion(CJBig2_Segment* pSegment) {
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (ri.y + ri.height > m_pPage->m_nHeight)) {
+ (ri.y + ri.height > m_pPage->height())) {
m_pPage->expand(ri.y + ri.height, (pPageInfo->m_cFlags & 4) ? 1 : 0);
}
}
@@ -1015,8 +1015,8 @@ int32_t CJBig2_Context::parseHalftoneRegion(CJBig2_Segment* pSegment,
pHRD->HNUMPATS = pPatternDict->NUMPATS;
pHRD->HPATS = pPatternDict->HDPATS;
- pHRD->HPW = pPatternDict->HDPATS[0]->m_nWidth;
- pHRD->HPH = pPatternDict->HDPATS[0]->m_nHeight;
+ pHRD->HPW = pPatternDict->HDPATS[0]->width();
+ pHRD->HPH = pPatternDict->HDPATS[0]->height();
pSegment->m_nResultType = JBIG2_IMAGE_POINTER;
if (pHRD->HMMR == 0) {
const size_t size = GetHuffContextSize(pHRD->HTEMPLATE);
@@ -1042,7 +1042,7 @@ int32_t CJBig2_Context::parseHalftoneRegion(CJBig2_Segment* pSegment,
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if (pPageInfo->m_bIsStriped == 1 &&
- ri.y + ri.height > m_pPage->m_nHeight) {
+ ri.y + ri.height > m_pPage->height()) {
m_pPage->expand(ri.y + ri.height, (pPageInfo->m_cFlags & 4) ? 1 : 0);
}
}
@@ -1108,7 +1108,7 @@ int32_t CJBig2_Context::parseGenericRegion(CJBig2_Segment* pSegment,
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (m_ri.y + m_ri.height > m_pPage->m_nHeight)) {
+ (m_ri.y + m_ri.height > m_pPage->height())) {
m_pPage->expand(m_ri.y + m_ri.height,
(pPageInfo->m_cFlags & 4) ? 1 : 0);
}
@@ -1142,7 +1142,7 @@ int32_t CJBig2_Context::parseGenericRegion(CJBig2_Segment* pSegment,
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (m_ri.y + m_ri.height > m_pPage->m_nHeight)) {
+ (m_ri.y + m_ri.height > m_pPage->height())) {
m_pPage->expand(m_ri.y + m_ri.height,
(pPageInfo->m_cFlags & 4) ? 1 : 0);
}
@@ -1215,7 +1215,7 @@ int32_t CJBig2_Context::parseGenericRefinementRegion(CJBig2_Segment* pSegment) {
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (ri.y + ri.height > m_pPage->m_nHeight)) {
+ (ri.y + ri.height > m_pPage->height())) {
m_pPage->expand(ri.y + ri.height, (pPageInfo->m_cFlags & 4) ? 1 : 0);
}
}
« no previous file with comments | « BUILD.gn ('k') | core/fxcodec/jbig2/JBig2_GrdProc.cpp » ('j') | core/fxcodec/jbig2/JBig2_Image_unittest.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698