tag_loaders.cpp

Sandro Santilli Wed, 12 Dec 2007 12:29:19 -0800

CVSROOT:        /sources/gnash
Module name:    gnash
Changes by:     Sandro Santilli <strk>  07/12/12 20:29:10


Modified files:
        .              : ChangeLog 
        server/swf     : tag_loaders.cpp 

Log message:
        (read_jpeg_tables): survive malformed swf with empty JPEGTABLES tag.

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.5148&r2=1.5149
http://cvs.savannah.gnu.org/viewcvs/gnash/server/swf/tag_loaders.cpp?cvsroot=gnash&r1=1.167&r2=1.168

Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.5148
retrieving revision 1.5149
diff -u -b -r1.5148 -r1.5149
--- ChangeLog   12 Dec 2007 19:48:27 -0000      1.5148
+++ ChangeLog   12 Dec 2007 20:29:09 -0000      1.5149
@@ -1,5 +1,7 @@
 2007-12-12 Sandro Santilli <[EMAIL PROTECTED]>
 
+       * server/swf/tag_loaders.cpp (read_jpeg_tables): survive malformed swf
+         with empty JPEGTABLES tag.
        * server/swf/tag_loaders.cpp (StreamAdapter::readFunc): don't attempt
          to fetch 0 bytes from underlying stream... Fixes bug #21779.
 

Index: server/swf/tag_loaders.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/swf/tag_loaders.cpp,v
retrieving revision 1.167
retrieving revision 1.168
diff -u -b -r1.167 -r1.168
--- server/swf/tag_loaders.cpp  12 Dec 2007 19:48:27 -0000      1.167
+++ server/swf/tag_loaders.cpp  12 Dec 2007 20:29:10 -0000      1.168
@@ -17,7 +17,7 @@
 // Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 //
 
-/* $Id: tag_loaders.cpp,v 1.167 2007/12/12 19:48:27 strk Exp $ */
+/* $Id: tag_loaders.cpp,v 1.168 2007/12/12 20:29:10 strk Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -113,7 +113,7 @@
                if ( bytesLeft < (unsigned)bytes )
                {
                        if ( ! bytesLeft ) return 0;
-                       log_debug("Requested to read past end of stream range");
+                       //log_debug("Requested to read past end of stream 
range");
                        bytes = bytesLeft;
                }
                unsigned actuallyRead = br->s.read((char*)dst, bytes);
@@ -230,11 +230,22 @@
         log_parse(_("  jpeg_tables_loader"));
     );
 
+    unsigned long currPos = in->get_position();
+    unsigned long endPos = in->get_tag_end_position();
+
+    if ( endPos == currPos )
+    {
+        IF_VERBOSE_MALFORMED_SWF(
+        log_swferror(_("No bytes to read in JPEGTABLES tag at offset %lu"), 
currPos);
+        );
+        return;
+    }
+
     std::auto_ptr<jpeg::input> j_in;
 
     try
     {
-       std::auto_ptr<tu_file> ad( StreamAdapter::getFile(*in, 
in->get_tag_end_position()) );
+        std::auto_ptr<tu_file> ad( StreamAdapter::getFile(*in, endPos) );
        //  transfer ownerhip to the jpeg::input
         j_in.reset(jpeg::input::create_swf_jpeg2_header_only(ad.release(), 
true));
 


_______________________________________________
Gnash-commit mailing list
Gnash-commit@gnu.org
http://lists.gnu.org/mailman/listinfo/gnash-commit

[Gnash-commit] gnash ChangeLog server/swf/tag_loaders.cpp

Reply via email to