Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(842)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: core/src/fxcodec/codec/fx_codec_jpx_opj.cpp

Issue 489703004: Bounds check before fixed-size memcmp() in CJPX_Decoder::Init(). (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: Fix silly typos. Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 PDFium Authors. All rights reserved. 1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6 6
7 #include "../../../include/fxcodec/fx_codec.h" 7 #include "../../../include/fxcodec/fx_codec.h"
8 #include "codec_int.h" 8 #include "codec_int.h"
9 #include "../fx_libopenjpeg/libopenjpeg20/openjpeg.h" 9 #include "../fx_libopenjpeg/libopenjpeg20/openjpeg.h"
10 #include "../lcms2/include/fx_lcms2.h" 10 #include "../lcms2/include/fx_lcms2.h"
11 namespace {
12 const unsigned char szJP2Header[] = { 0x00, 0x00, 0x00, 0x0c, 0x6a, 0x50, 0x20, 0x20, 0x0d, 0x0a, 0x87, 0x0a };
jun_fang 2014/08/26 22:18:43 can we move this definition into CJPX_Decoder::Ini
13 } // namespace
11 static void fx_error_callback(const char *msg, void *client_data) 14 static void fx_error_callback(const char *msg, void *client_data)
12 { 15 {
13 (void)client_data; 16 (void)client_data;
14 } 17 }
15 static void fx_warning_callback(const char *msg, void *client_data) 18 static void fx_warning_callback(const char *msg, void *client_data)
16 { 19 {
17 (void)client_data; 20 (void)client_data;
18 } 21 }
19 static void fx_info_callback(const char *msg, void *client_data) 22 static void fx_info_callback(const char *msg, void *client_data)
20 { 23 {
(...skipping 553 matching lines...) Expand 10 before | Expand all | Expand 10 after
574 } 577 }
575 if(l_stream) { 578 if(l_stream) {
576 opj_stream_destroy(l_stream); 579 opj_stream_destroy(l_stream);
577 } 580 }
578 if(image) { 581 if(image) {
579 opj_image_destroy(image); 582 opj_image_destroy(image);
580 } 583 }
581 } 584 }
582 FX_BOOL CJPX_Decoder::Init(const unsigned char* src_data, int src_size) 585 FX_BOOL CJPX_Decoder::Init(const unsigned char* src_data, int src_size)
583 { 586 {
584 opj_dparameters_t parameters; 587 if (!src_data || src_size < sizeof(szJP2Header)) {
588 return FALSE;
589 }
585 image = NULL; 590 image = NULL;
586 m_SrcData = src_data; 591 m_SrcData = src_data;
587 m_SrcSize = src_size; 592 m_SrcSize = src_size;
588 decodeData srcData; 593 decodeData srcData;
589 srcData.offset = 0; 594 srcData.offset = 0;
590 srcData.src_size = src_size; 595 srcData.src_size = src_size;
591 srcData.src_data = src_data; 596 srcData.src_data = src_data;
592 l_stream = fx_opj_stream_create_memory_stream(&srcData, OPJ_J2K_STREAM_CHUNK _SIZE, 1); 597 l_stream = fx_opj_stream_create_memory_stream(&srcData, OPJ_J2K_STREAM_CHUNK _SIZE, 1);
593 if (l_stream == NULL) { 598 if (l_stream == NULL) {
594 return FALSE; 599 return FALSE;
595 } 600 }
601 opj_dparameters_t parameters;
596 opj_set_default_decoder_parameters(&parameters); 602 opj_set_default_decoder_parameters(&parameters);
597 parameters.decod_format = 0; 603 parameters.decod_format = 0;
598 parameters.cod_format = 3; 604 parameters.cod_format = 3;
599 if(FXSYS_memcmp32(m_SrcData, "\x00\x00\x00\x0c\x6a\x50\x20\x20\x0d\x0a\x87\x 0a", 12) == 0) { 605 if(FXSYS_memcmp32(m_SrcData, szJP2Header, sizeof(szJP2Header)) == 0) {
600 l_codec = opj_create_decompress(OPJ_CODEC_JP2); 606 l_codec = opj_create_decompress(OPJ_CODEC_JP2);
601 parameters.decod_format = 1; 607 parameters.decod_format = 1;
602 } else { 608 } else {
603 l_codec = opj_create_decompress(OPJ_CODEC_J2K); 609 l_codec = opj_create_decompress(OPJ_CODEC_J2K);
604 } 610 }
605 if(!l_codec) { 611 if(!l_codec) {
606 return FALSE; 612 return FALSE;
607 } 613 }
608 opj_set_info_handler(l_codec, fx_info_callback, 00); 614 opj_set_info_handler(l_codec, fx_info_callback, 00);
609 opj_set_warning_handler(l_codec, fx_warning_callback, 00); 615 opj_set_warning_handler(l_codec, fx_warning_callback, 00);
(...skipping 172 matching lines...) Expand 10 before | Expand all | Expand 10 after
782 FX_BOOL CCodec_JpxModule::Decode(void* ctx, FX_LPBYTE dest_data, int pitch, FX_B OOL bTranslateColor, FX_LPBYTE offsets) 788 FX_BOOL CCodec_JpxModule::Decode(void* ctx, FX_LPBYTE dest_data, int pitch, FX_B OOL bTranslateColor, FX_LPBYTE offsets)
783 { 789 {
784 CJPX_Decoder* pDecoder = (CJPX_Decoder*)ctx; 790 CJPX_Decoder* pDecoder = (CJPX_Decoder*)ctx;
785 return pDecoder->Decode(dest_data, pitch, bTranslateColor, offsets); 791 return pDecoder->Decode(dest_data, pitch, bTranslateColor, offsets);
786 } 792 }
787 void CCodec_JpxModule::DestroyDecoder(void* ctx) 793 void CCodec_JpxModule::DestroyDecoder(void* ctx)
788 { 794 {
789 CJPX_Decoder* pDecoder = (CJPX_Decoder*)ctx; 795 CJPX_Decoder* pDecoder = (CJPX_Decoder*)ctx;
790 delete pDecoder; 796 delete pDecoder;
791 } 797 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698