Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(255)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: core/fxcodec/lgif/fx_gif.cpp

Issue 2230683002: fix 617135 (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: core/fxcodec/lgif/fx_gif.cpp
diff --git a/core/fxcodec/lgif/fx_gif.cpp b/core/fxcodec/lgif/fx_gif.cpp
index d6db28b427373ab601e767a25ed1d73afd22a925..44993b30b15d953b6ac730ec8e6d5bd2f42df4fb 100644
--- a/core/fxcodec/lgif/fx_gif.cpp
+++ b/core/fxcodec/lgif/fx_gif.cpp
@@ -970,6 +970,14 @@ int32_t gif_load_frame(gif_decompress_struct_p gif_ptr, int32_t frame_num) {
if (gif_image_ptr->image_row_num >=
(int32_t)gif_image_ptr->image_info_ptr->height) {
gif_ptr->img_pass_num++;
+ if (gif_ptr->img_pass_num ==
+ sizeof(s_gif_interlace_step) / sizeof(int32_t)) {
Lei Zhang 2016/08/10 14:58:31 This can be: FX_ArraySize(s_gif_interlace_step)
+ FX_Free(gif_image_ptr->image_row_buf);
Tom Sepez 2016/08/10 17:23:22 Nit: we do this same cleanup in at least 3 places
+ gif_image_ptr->image_row_buf = nullptr;
+ gif_save_decoding_status(gif_ptr, GIF_D_STATUS_TAIL);
+ gif_error(gif_ptr, "Decode Image Data Error");
+ return 0;
+ }
gif_image_ptr->image_row_num =
s_gif_interlace_step[gif_ptr->img_pass_num] / 2;
}
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698