Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(202)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: core/fxcodec/jbig2/JBig2_Context.cpp

Issue 2242363002: [M53] Bound total pixels in JBig2 images to avoid overflows later. (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@2785
Patch Set: Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « BUILD.gn ('k') | core/fxcodec/jbig2/JBig2_GrdProc.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: core/fxcodec/jbig2/JBig2_Context.cpp
diff --git a/core/fxcodec/jbig2/JBig2_Context.cpp b/core/fxcodec/jbig2/JBig2_Context.cpp
index 8dde290be6df11c362579eb35424f198156fa573..fdb326819cf4d3f4447f92d7e74f3c63ae5b8bac 100644
--- a/core/fxcodec/jbig2/JBig2_Context.cpp
+++ b/core/fxcodec/jbig2/JBig2_Context.cpp
@@ -939,7 +939,7 @@ int32_t CJBig2_Context::parseTextRegion(CJBig2_Segment* pSegment) {
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (ri.y + ri.height > m_pPage->m_nHeight)) {
+ (ri.y + ri.height > m_pPage->height())) {
m_pPage->expand(ri.y + ri.height, (pPageInfo->m_cFlags & 4) ? 1 : 0);
}
}
@@ -1030,8 +1030,8 @@ int32_t CJBig2_Context::parseHalftoneRegion(CJBig2_Segment* pSegment,
pHRD->HNUMPATS = pPatternDict->NUMPATS;
pHRD->HPATS = pPatternDict->HDPATS;
- pHRD->HPW = pPatternDict->HDPATS[0]->m_nWidth;
- pHRD->HPH = pPatternDict->HDPATS[0]->m_nHeight;
+ pHRD->HPW = pPatternDict->HDPATS[0]->width();
+ pHRD->HPH = pPatternDict->HDPATS[0]->height();
pSegment->m_nResultType = JBIG2_IMAGE_POINTER;
if (pHRD->HMMR == 0) {
const size_t size = GetHuffContextSize(pHRD->HTEMPLATE);
@@ -1057,7 +1057,7 @@ int32_t CJBig2_Context::parseHalftoneRegion(CJBig2_Segment* pSegment,
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if (pPageInfo->m_bIsStriped == 1 &&
- ri.y + ri.height > m_pPage->m_nHeight) {
+ ri.y + ri.height > m_pPage->height()) {
m_pPage->expand(ri.y + ri.height, (pPageInfo->m_cFlags & 4) ? 1 : 0);
}
}
@@ -1123,7 +1123,7 @@ int32_t CJBig2_Context::parseGenericRegion(CJBig2_Segment* pSegment,
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (m_ri.y + m_ri.height > m_pPage->m_nHeight)) {
+ (m_ri.y + m_ri.height > m_pPage->height())) {
m_pPage->expand(m_ri.y + m_ri.height,
(pPageInfo->m_cFlags & 4) ? 1 : 0);
}
@@ -1158,7 +1158,7 @@ int32_t CJBig2_Context::parseGenericRegion(CJBig2_Segment* pSegment,
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (m_ri.y + m_ri.height > m_pPage->m_nHeight)) {
+ (m_ri.y + m_ri.height > m_pPage->height())) {
m_pPage->expand(m_ri.y + m_ri.height,
(pPageInfo->m_cFlags & 4) ? 1 : 0);
}
@@ -1231,7 +1231,7 @@ int32_t CJBig2_Context::parseGenericRefinementRegion(CJBig2_Segment* pSegment) {
if (!m_bBufSpecified) {
JBig2PageInfo* pPageInfo = m_PageInfoList.back();
if ((pPageInfo->m_bIsStriped == 1) &&
- (ri.y + ri.height > m_pPage->m_nHeight)) {
+ (ri.y + ri.height > m_pPage->height())) {
m_pPage->expand(ri.y + ri.height, (pPageInfo->m_cFlags & 4) ? 1 : 0);
}
}
« no previous file with comments | « BUILD.gn ('k') | core/fxcodec/jbig2/JBig2_GrdProc.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698