[fltk.commit] [Library] r9710 - in branches/branch-3.0: include/fltk3 src/fltk3 src/fltk3images

Fri, 09 Nov 2012 08:30:04 -0800 

Author: manolo
Date: 2012-11-09 08:29:43 -0800 (Fri, 09 Nov 2012)
New Revision: 9710
Log:
Fix STR#2881: the new static function RGBImage::max_size(size) allows to 
control the maximum
memory size allowed when creating an RGBImage.

Modified:
   branches/branch-3.0/include/fltk3/Image.h
   branches/branch-3.0/src/fltk3/Image.cxx
   branches/branch-3.0/src/fltk3images/BMPImage.cxx
   branches/branch-3.0/src/fltk3images/JPEGImage.cxx
   branches/branch-3.0/src/fltk3images/PNGImage.cxx
   branches/branch-3.0/src/fltk3images/PNMImage.cxx

Modified: branches/branch-3.0/include/fltk3/Image.h
===================================================================
--- branches/branch-3.0/include/fltk3/Image.h   2012-11-09 16:02:08 UTC (rev 
9709)
+++ branches/branch-3.0/include/fltk3/Image.h   2012-11-09 16:29:43 UTC (rev 
9710)
@@ -33,6 +33,7 @@
 
 #include "Object.h"
 #include "enumerations.h"
+#include <stdlib.h>
 
 
 class Fl_Image;
@@ -190,6 +191,7 @@
     friend class QuartzGraphicsDriver;
     friend class GDIGraphicsDriver;
     friend class XlibGraphicsDriver;
+    static size_t max_size_;
   public:
     
     const uchar *array;
@@ -220,6 +222,21 @@
     virtual void label(fltk3::Widget*w);
     virtual void label(fltk3::MenuItem*m);
     virtual void uncache();
+    /** Sets the maximum allowed image size in bytes when creating an RGBImage 
object.
+     
+     The image size in bytes of an RGBImage object is the value of the product 
w() * h() * d().
+     If this product exceeds size, the created object of a derived class of 
RGBImage 
+     won't be loaded with the image data.
+     This does not apply to direct RGB image creation with 
+     RGBImage::RGBImage(const uchar *bits, int W, int H, int D, int LD).
+     The default max_size() value is essentially infinite. 
+     */
+    static void max_size(size_t size) { max_size_ = size;}
+    /** Returns the maximum allowed image size in bytes when creating an 
RGBImage object.
+     
+     \sa  void RGBImage::max_size(size_t)
+     */
+    static size_t max_size() {return max_size_;}
   };
   
 } // namespace

Modified: branches/branch-3.0/src/fltk3/Image.cxx
===================================================================
--- branches/branch-3.0/src/fltk3/Image.cxx     2012-11-09 16:02:08 UTC (rev 
9709)
+++ branches/branch-3.0/src/fltk3/Image.cxx     2012-11-09 16:29:43 UTC (rev 
9710)
@@ -176,6 +176,8 @@
 //
 // RGB image class...
 //
+size_t fltk3::RGBImage::max_size_ = ~((size_t)0);
+
 /**  The destructor free all memory and server resources that are used by  the 
image. */
 fltk3::RGBImage::~RGBImage() {
   uncache();

Modified: branches/branch-3.0/src/fltk3images/BMPImage.cxx
===================================================================
--- branches/branch-3.0/src/fltk3images/BMPImage.cxx    2012-11-09 16:02:08 UTC 
(rev 9709)
+++ branches/branch-3.0/src/fltk3images/BMPImage.cxx    2012-11-09 16:29:43 UTC 
(rev 9710)
@@ -36,6 +36,7 @@
 
 #include <fltk3images/BMPImage.h>
 #include <fltk3/utf8.h>
+#include <fltk3/run.h>
 #include <config.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -196,6 +197,11 @@
   d(bDepth);
   if (offbits) fseek(fp, offbits, SEEK_SET);
 
+  if (((size_t)w()) * h() * d() > max_size() ) {
+    fltk3::warning("BMP file \"%s\" is too large!\n", bmp);
+    fclose(fp);
+    return;
+  }
   array = new uchar[w() * h() * d()];
   alloc_array = 1;
 

Modified: branches/branch-3.0/src/fltk3images/JPEGImage.cxx
===================================================================
--- branches/branch-3.0/src/fltk3images/JPEGImage.cxx   2012-11-09 16:02:08 UTC 
(rev 9709)
+++ branches/branch-3.0/src/fltk3images/JPEGImage.cxx   2012-11-09 16:29:43 UTC 
(rev 9710)
@@ -37,6 +37,7 @@
 #include <fltk3images/JPEGImage.h>
 #include <fltk3/SharedImage.h>
 #include <fltk3/utf8.h>
+#include <fltk3/run.h>
 #include <config.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -135,6 +136,7 @@
   if (setjmp(jerr.errhand_))
   {
     // JPEG error handling...
+    fltk3::warning("JPEG file \"%s\" is too large or contains errors!\n", 
filename);
     // if any of the cleanup routines hits another error, we would end up 
     // in a loop. So instead, we decrement max_err for some upper cleanup 
limit.
     if ( ((*max_finish_decompress_err)-- > 0) && array)
@@ -175,6 +177,7 @@
   h(dinfo.output_height);
   d(dinfo.output_components);
   
+  if (((size_t)w()) * h() * d() > max_size() ) longjmp(jerr.errhand_, 1);
   array = new uchar[w() * h() * d()];
   alloc_array = 1;
   
@@ -313,6 +316,7 @@
   if (setjmp(jerr.errhand_))
   {
     // JPEG error handling...
+    fltk3::warning("JPEG data is too large or contains errors!\n");
     // if any of the cleanup routines hits another error, we would end up 
     // in a loop. So instead, we decrement max_err for some upper cleanup 
limit.
     if ( ((*max_finish_decompress_err)-- > 0) && array)
@@ -351,6 +355,7 @@
   h(dinfo.output_height);
   d(dinfo.output_components);
   
+  if (((size_t)w()) * h() * d() > max_size() ) longjmp(jerr.errhand_, 1);
   array = new uchar[w() * h() * d()];
   alloc_array = 1;
   

Modified: branches/branch-3.0/src/fltk3images/PNGImage.cxx
===================================================================
--- branches/branch-3.0/src/fltk3images/PNGImage.cxx    2012-11-09 16:02:08 UTC 
(rev 9709)
+++ branches/branch-3.0/src/fltk3images/PNGImage.cxx    2012-11-09 16:29:43 UTC 
(rev 9710)
@@ -139,7 +139,7 @@
   {
     png_destroy_read_struct(&pp, &info, NULL);
     if (!from_memory) fclose(fp);
-    fltk3::warning("PNG file or data \"%s\" contains errors!\n", name_png);
+    fltk3::warning("PNG file or data \"%s\" is too large or contains 
errors!\n", name_png);
     return;
   }
 
@@ -187,6 +187,7 @@
     png_set_tRNS_to_alpha(pp);
 #  endif // HAVE_PNG_GET_VALID && HAVE_PNG_SET_TRNS_TO_ALPHA
 
+  if (((size_t)w()) * h() * d() > max_size() ) longjmp(png_jmpbuf(pp), 1);
   array = new uchar[w() * h() * d()];
   alloc_array = 1;
 

Modified: branches/branch-3.0/src/fltk3images/PNMImage.cxx
===================================================================
--- branches/branch-3.0/src/fltk3images/PNMImage.cxx    2012-11-09 16:02:08 UTC 
(rev 9709)
+++ branches/branch-3.0/src/fltk3images/PNMImage.cxx    2012-11-09 16:29:43 UTC 
(rev 9710)
@@ -128,6 +128,11 @@
 
 //  printf("%s = %dx%dx%d\n", name, w(), h(), d());
 
+  if (((size_t)w()) * h() * d() > max_size() ) {
+    fltk3::warning("PNM file \"%s\" is too large!\n", name);
+    fclose(fp);
+    return;
+  }
   array       = new uchar[w() * h() * d()];
   alloc_array = 1;
 

_______________________________________________
fltk-commit mailing list
[email protected]
http://lists.easysw.com/mailman/listinfo/fltk-commit

Reply via email to