Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1816)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp

Issue 372453005: Fix uninitialized coords and one of infinite loops (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp
diff --git a/core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp b/core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp
index 4b4f929179042f9f97e9381e83d781e16aeebbca..f7722cf41a6ac60383645863f3b338f171c3ac0d 100644
--- a/core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp
+++ b/core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp
@@ -663,6 +663,32 @@ struct CPDF_PatchDrawer {
}
}
};
+
+FX_BOOL _CheckCoonTensorPara(CPDF_MeshStream &stream)
Tom Sepez 2014/07/14 21:38:01 nit: static
Tom Sepez 2014/07/15 18:27:25 nit: const CPDF_MeshStream&
+{
+ FX_BOOL bCoorBits = ( stream.m_nCoordBits== 1 ||
Tom Sepez 2014/07/14 21:38:01 nit: space before ==
+ stream.m_nCoordBits == 2 ||
+ stream.m_nCoordBits == 4 ||
+ stream.m_nCoordBits == 8 ||
+ stream.m_nCoordBits == 12 ||
+ stream.m_nCoordBits == 16 ||
+ stream.m_nCoordBits == 24 ||
+ stream.m_nCoordBits == 32 );
+
+ FX_BOOL bCompBits = ( stream.m_nCompBits == 1 ||
+ stream.m_nCompBits == 2 ||
+ stream.m_nCompBits == 4 ||
+ stream.m_nCompBits == 8 ||
+ stream.m_nCompBits == 12 ||
+ stream.m_nCompBits == 16 );
+
+ FX_BOOL bFlagBits = ( stream.m_nFlagBits == 2 ||
+ stream.m_nFlagBits == 4 ||
+ stream.m_nFlagBits == 8 );
+
+ return bCoorBits && bCompBits && bFlagBits;
+}
+
static void _DrawCoonPatchMeshes(FX_BOOL bTensor, CFX_DIBitmap* pBitmap, CFX_AffineMatrix* pObject2Bitmap,
CPDF_Stream* pShadingStream, CPDF_Function** pFuncs, int nFuncs,
CPDF_ColorSpace* pCS, int fill_mode, int alpha)
@@ -677,6 +703,10 @@ static void _DrawCoonPatchMeshes(FX_BOOL bTensor, CFX_DIBitmap* pBitmap, CFX_Aff
if (!stream.Load(pShadingStream, pFuncs, nFuncs, pCS)) {
return;
}
+
+ if (!_CheckCoonTensorPara(stream))
Tom Sepez 2014/07/14 21:38:01 nit: { } per other tests that just return in this
+ return;
+
CPDF_PatchDrawer patch;
patch.alpha = alpha;
patch.pDevice = &device;
@@ -688,6 +718,12 @@ static void _DrawCoonPatchMeshes(FX_BOOL bTensor, CFX_DIBitmap* pBitmap, CFX_Aff
pPoints[i].m_Flag = FXPT_BEZIERTO;
}
CFX_FloatPoint coords[16];
+ for(FX_DWORD i = 0; i < 16; i++)
+ {
Tom Sepez 2014/07/15 18:35:45 nit: brace on previous line to match style.
+ coords[i].x = 0.0;
+ coords[i].y = 0.0;
+ }
+
int point_count = bTensor ? 16 : 12;
while (!stream.m_BitStream.IsEOF()) {
FX_DWORD flag = stream.GetFlag();
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698