poppler/DCTStream.cc | 21 ++++++++++++--------- poppler/DCTStream.h | 8 ++++++-- 2 files changed, 18 insertions(+), 11 deletions(-)
New commits: commit 7bcf4e1f050c16e7a72ca633589602b252ab46cc Author: Daiki Ueno <[email protected]> Date: Sun Jan 9 18:48:50 2011 +0000 Do not crash in case jpeg_create_decompress fails Bug 32890 diff --git a/poppler/DCTStream.cc b/poppler/DCTStream.cc index 212a8bd..78cd59d 100644 --- a/poppler/DCTStream.cc +++ b/poppler/DCTStream.cc @@ -8,6 +8,7 @@ // Copyright 2005-2010 Albert Astals Cid <[email protected]> // Copyright 2009 Ryszard Trojnacki <[email protected]> // Copyright 2010 Carlos Garcia Campos <[email protected]> +// Copyright 2011 Daiki Ueno <[email protected]> // //======================================================================== @@ -70,14 +71,14 @@ DCTStream::~DCTStream() { static void exitErrorHandler(jpeg_common_struct *error) { j_decompress_ptr cinfo = (j_decompress_ptr)error; - str_src_mgr * src = (struct str_src_mgr *)cinfo->src; - longjmp(src->setjmp_buffer, 1); + str_error_mgr * err = (struct str_error_mgr *)cinfo->err; + longjmp(err->setjmp_buffer, 1); } void DCTStream::init() { - jpeg_std_error(&jerr); - jerr.error_exit = &exitErrorHandler; + jpeg_std_error(&err.pub); + err.pub.error_exit = &exitErrorHandler; src.pub.init_source = str_init_source; src.pub.fill_input_buffer = str_fill_input_buffer; src.pub.skip_input_data = str_skip_input_data; @@ -90,9 +91,11 @@ void DCTStream::init() current = NULL; limit = NULL; - cinfo.err = &jerr; - jpeg_create_decompress(&cinfo); - cinfo.src = (jpeg_source_mgr *)&src; + cinfo.err = &err.pub; + if (!setjmp(err.setjmp_buffer)) { + jpeg_create_decompress(&cinfo); + cinfo.src = (jpeg_source_mgr *)&src; + } row_buffer = NULL; } @@ -138,7 +141,7 @@ void DCTStream::reset() { } } - if (!setjmp(src.setjmp_buffer)) { + if (!setjmp(err.setjmp_buffer)) { jpeg_read_header(&cinfo, TRUE); // figure out color transform @@ -182,7 +185,7 @@ void DCTStream::reset() { if (current == limit) { \ if (cinfo.output_scanline < cinfo.output_height) \ { \ - if (!setjmp(src.setjmp_buffer)) \ + if (!setjmp(err.setjmp_buffer)) \ { \ if (!jpeg_read_scanlines(&cinfo, row_buffer, 1)) c = EOF; \ else { \ diff --git a/poppler/DCTStream.h b/poppler/DCTStream.h index 2694f36..fb85e5f 100644 --- a/poppler/DCTStream.h +++ b/poppler/DCTStream.h @@ -8,6 +8,7 @@ // Copyright 2005 Martin Kretzschmar <[email protected]> // Copyright 2005-2007, 2009, 2010 Albert Astals Cid <[email protected]> // Copyright 2010 Carlos Garcia Campos <[email protected]> +// Copyright 2011 Daiki Ueno <[email protected]> // //======================================================================== @@ -50,9 +51,12 @@ struct str_src_mgr { JOCTET buffer; Stream *str; int index; - jmp_buf setjmp_buffer; }; +struct str_error_mgr { + struct jpeg_error_mgr pub; + jmp_buf setjmp_buffer; +}; class DCTStream: public FilterStream { public: @@ -77,7 +81,7 @@ private: JSAMPLE *current; JSAMPLE *limit; struct jpeg_decompress_struct cinfo; - struct jpeg_error_mgr jerr; + struct str_error_mgr err; struct str_src_mgr src; JSAMPARRAY row_buffer; }; _______________________________________________ poppler mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/poppler
