diff options
| author | Daiki Ueno <ueno@unixuser.org> | 2011-01-09 18:48:50 +0000 |
|---|---|---|
| committer | Albert Astals Cid <aacid@kde.org> | 2011-01-09 18:49:52 +0000 |
| commit | 7bcf4e1f050c16e7a72ca633589602b252ab46cc (patch) | |
| tree | 9263dcf6aa7b1d3b22237fa05d9e7496e7577d4f | |
| parent | 0ab173a55af9aa3df4c09e120e7f775f80d23f90 (diff) | |
Do not crash in case jpeg_create_decompress fails
Bug 32890
| -rw-r--r-- | poppler/DCTStream.cc | 21 | ||||
| -rw-r--r-- | poppler/DCTStream.h | 8 |
2 files changed, 18 insertions, 11 deletions
diff --git a/poppler/DCTStream.cc b/poppler/DCTStream.cc index 212a8bd3..78cd59de 100644 --- a/poppler/DCTStream.cc +++ b/poppler/DCTStream.cc @@ -8,6 +8,7 @@ // Copyright 2005-2010 Albert Astals Cid <aacid@kde.org> // Copyright 2009 Ryszard Trojnacki <rysiek@menel.com> // Copyright 2010 Carlos Garcia Campos <carlosgc@gnome.org> +// Copyright 2011 Daiki Ueno <ueno@unixuser.org> // //======================================================================== @@ -70,14 +71,14 @@ DCTStream::~DCTStream() { static void exitErrorHandler(jpeg_common_struct *error) { j_decompress_ptr cinfo = (j_decompress_ptr)error; - str_src_mgr * src = (struct str_src_mgr *)cinfo->src; - longjmp(src->setjmp_buffer, 1); + str_error_mgr * err = (struct str_error_mgr *)cinfo->err; + longjmp(err->setjmp_buffer, 1); } void DCTStream::init() { - jpeg_std_error(&jerr); - jerr.error_exit = &exitErrorHandler; + jpeg_std_error(&err.pub); + err.pub.error_exit = &exitErrorHandler; src.pub.init_source = str_init_source; src.pub.fill_input_buffer = str_fill_input_buffer; src.pub.skip_input_data = str_skip_input_data; @@ -90,9 +91,11 @@ void DCTStream::init() current = NULL; limit = NULL; - cinfo.err = &jerr; - jpeg_create_decompress(&cinfo); - cinfo.src = (jpeg_source_mgr *)&src; + cinfo.err = &err.pub; + if (!setjmp(err.setjmp_buffer)) { + jpeg_create_decompress(&cinfo); + cinfo.src = (jpeg_source_mgr *)&src; + } row_buffer = NULL; } @@ -138,7 +141,7 @@ void DCTStream::reset() { } } - if (!setjmp(src.setjmp_buffer)) { + if (!setjmp(err.setjmp_buffer)) { jpeg_read_header(&cinfo, TRUE); // figure out color transform @@ -182,7 +185,7 @@ void DCTStream::reset() { if (current == limit) { \ if (cinfo.output_scanline < cinfo.output_height) \ { \ - if (!setjmp(src.setjmp_buffer)) \ + if (!setjmp(err.setjmp_buffer)) \ { \ if (!jpeg_read_scanlines(&cinfo, row_buffer, 1)) c = EOF; \ else { \ diff --git a/poppler/DCTStream.h b/poppler/DCTStream.h index 2694f368..fb85e5ff 100644 --- a/poppler/DCTStream.h +++ b/poppler/DCTStream.h @@ -8,6 +8,7 @@ // Copyright 2005 Martin Kretzschmar <martink@gnome.org> // Copyright 2005-2007, 2009, 2010 Albert Astals Cid <aacid@kde.org> // Copyright 2010 Carlos Garcia Campos <carlosgc@gnome.org> +// Copyright 2011 Daiki Ueno <ueno@unixuser.org> // //======================================================================== @@ -50,9 +51,12 @@ struct str_src_mgr { JOCTET buffer; Stream *str; int index; - jmp_buf setjmp_buffer; }; +struct str_error_mgr { + struct jpeg_error_mgr pub; + jmp_buf setjmp_buffer; +}; class DCTStream: public FilterStream { public: @@ -77,7 +81,7 @@ private: JSAMPLE *current; JSAMPLE *limit; struct jpeg_decompress_struct cinfo; - struct jpeg_error_mgr jerr; + struct str_error_mgr err; struct str_src_mgr src; JSAMPARRAY row_buffer; }; |