Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(376)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: core/fxcodec/jbig2/JBig2_GrrdProc.cpp

Issue 2202013002: Bound total pixels in JBig2 images to avoid overflows later. (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: Add tests Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « core/fxcodec/jbig2/JBig2_GrdProc.cpp ('k') | core/fxcodec/jbig2/JBig2_Image.h » ('j') | core/fxcodec/jbig2/JBig2_Image_unittest.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: core/fxcodec/jbig2/JBig2_GrrdProc.cpp
diff --git a/core/fxcodec/jbig2/JBig2_GrrdProc.cpp b/core/fxcodec/jbig2/JBig2_GrrdProc.cpp
index 25c9ea2d8a90e495384ccaf9c64bb8d8d568e619..672692da5441dd014faf42013b23356d305605dd 100644
--- a/core/fxcodec/jbig2/JBig2_GrrdProc.cpp
+++ b/core/fxcodec/jbig2/JBig2_GrrdProc.cpp
@@ -20,13 +20,13 @@ CJBig2_Image* CJBig2_GRRDProc::decode(CJBig2_ArithDecoder* pArithDecoder,
if (GRTEMPLATE == 0) {
if ((GRAT[0] == -1) && (GRAT[1] == -1) && (GRAT[2] == -1) &&
(GRAT[3] == -1) && (GRREFERENCEDX == 0) &&
- (GRW == (uint32_t)GRREFERENCE->m_nWidth)) {
+ (GRW == (uint32_t)GRREFERENCE->width())) {
return decode_Template0_opt(pArithDecoder, grContext);
}
return decode_Template0_unopt(pArithDecoder, grContext);
}
- if ((GRREFERENCEDX == 0) && (GRW == (uint32_t)GRREFERENCE->m_nWidth))
+ if ((GRREFERENCEDX == 0) && (GRW == (uint32_t)GRREFERENCE->width()))
return decode_Template1_opt(pArithDecoder, grContext);
return decode_Template1_unopt(pArithDecoder, grContext);
}
@@ -162,10 +162,10 @@ CJBig2_Image* CJBig2_GRRDProc::decode_Template0_opt(
FX_BOOL LTP = FALSE;
uint8_t* pLine = GRREG->m_pData;
uint8_t* pLineR = GRREFERENCE->m_pData;
- intptr_t nStride = GRREG->m_nStride;
- intptr_t nStrideR = GRREFERENCE->m_nStride;
- int32_t GRWR = GRREFERENCE->m_nWidth;
- int32_t GRHR = GRREFERENCE->m_nHeight;
+ intptr_t nStride = GRREG->stride();
+ intptr_t nStrideR = GRREFERENCE->stride();
+ int32_t GRWR = GRREFERENCE->width();
+ int32_t GRHR = GRREFERENCE->height();
if (GRREFERENCEDY < -GRHR + 1 || GRREFERENCEDY > GRHR - 1)
GRREFERENCEDY = 0;
intptr_t nOffset = -GRREFERENCEDY * nStrideR;
@@ -396,10 +396,10 @@ CJBig2_Image* CJBig2_GRRDProc::decode_Template1_opt(
FX_BOOL LTP = FALSE;
uint8_t* pLine = GRREG->m_pData;
uint8_t* pLineR = GRREFERENCE->m_pData;
- intptr_t nStride = GRREG->m_nStride;
- intptr_t nStrideR = GRREFERENCE->m_nStride;
- int32_t GRWR = GRREFERENCE->m_nWidth;
- int32_t GRHR = GRREFERENCE->m_nHeight;
+ intptr_t nStride = GRREG->stride();
+ intptr_t nStrideR = GRREFERENCE->stride();
+ int32_t GRWR = GRREFERENCE->width();
+ int32_t GRHR = GRREFERENCE->height();
if (GRREFERENCEDY < -GRHR + 1 || GRREFERENCEDY > GRHR - 1) {
GRREFERENCEDY = 0;
}
« no previous file with comments | « core/fxcodec/jbig2/JBig2_GrdProc.cpp ('k') | core/fxcodec/jbig2/JBig2_Image.h » ('j') | core/fxcodec/jbig2/JBig2_Image_unittest.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698