Annotation of /trunk/ghostscript-gpl/patches/ghostscript-gpl-8.70-jbig2dec-nullderef.patch
Parent Directory | Revision Log
Revision 907 -
(hide annotations)
(download)
Mon Oct 26 18:29:14 2009 UTC (14 years, 11 months ago) by niro
File size: 3591 byte(s)
Mon Oct 26 18:29:14 2009 UTC (14 years, 11 months ago) by niro
File size: 3591 byte(s)
patchset for ghostscript-gpl
1 | niro | 907 | diff -up ghostscript-8.70/jbig2dec/jbig2_generic.c.jbig2dec-nullderef ghostscript-8.70/jbig2dec/jbig2_generic.c |
2 | --- ghostscript-8.70/jbig2dec/jbig2_generic.c.jbig2dec-nullderef 2009-05-29 07:48:44.000000000 +0100 | ||
3 | +++ ghostscript-8.70/jbig2dec/jbig2_generic.c 2009-08-03 17:51:13.864875636 +0100 | ||
4 | @@ -596,6 +596,10 @@ jbig2_immediate_generic_region(Jbig2Ctx | ||
5 | memcpy (params.gbat, gbat, gbat_bytes); | ||
6 | |||
7 | image = jbig2_image_new(ctx, rsi.width, rsi.height); | ||
8 | + if (image == NULL) | ||
9 | + return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, | ||
10 | + "failed to allocate buffer for image"); | ||
11 | + | ||
12 | jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, segment->number, | ||
13 | "allocated %d x %d image buffer for region decode results", | ||
14 | rsi.width, rsi.height); | ||
15 | diff -up ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c.jbig2dec-nullderef ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c | ||
16 | --- ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c.jbig2dec-nullderef 2009-05-29 07:48:44.000000000 +0100 | ||
17 | +++ ghostscript-8.70/jbig2dec/jbig2_symbol_dict.c 2009-08-03 17:52:35.318750131 +0100 | ||
18 | @@ -367,6 +367,11 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, | ||
19 | memcpy(region_params.gbat, params->sdat, sdat_bytes); | ||
20 | |||
21 | image = jbig2_image_new(ctx, SYMWIDTH, HCHEIGHT); | ||
22 | + if (image == NULL) { | ||
23 | + jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, | ||
24 | + "failed to allocate image storage"); | ||
25 | + return NULL; | ||
26 | + } | ||
27 | |||
28 | code = jbig2_decode_generic_region(ctx, segment, ®ion_params, | ||
29 | as, image, GB_stats); | ||
30 | @@ -517,6 +522,11 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, | ||
31 | ID, RDX, RDY); | ||
32 | |||
33 | image = jbig2_image_new(ctx, SYMWIDTH, HCHEIGHT); | ||
34 | + if (image == NULL) { | ||
35 | + jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, | ||
36 | + "failed to allocate image storage"); | ||
37 | + return NULL; | ||
38 | + } | ||
39 | |||
40 | /* Table 18 */ | ||
41 | rparams.GRTEMPLATE = params->SDRTEMPLATE; | ||
42 | @@ -635,6 +645,16 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, | ||
43 | for (j = HCFIRSTSYM; j < NSYMSDECODED; j++) { | ||
44 | Jbig2Image *glyph; | ||
45 | glyph = jbig2_image_new(ctx, SDNEWSYMWIDTHS[j], HCHEIGHT); | ||
46 | + if (glyph == NULL) { | ||
47 | + jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, | ||
48 | + "error allocating image storage for glyph"); | ||
49 | + while (--j >= HCFIRSTSYM) { | ||
50 | + jbig2_image_release(ctx, SDNEWSYMS->glyphs[j]); | ||
51 | + SDNEWSYMS->glyphs[j] = NULL; | ||
52 | + } | ||
53 | + jbig2_image_release(ctx, image); | ||
54 | + return NULL; | ||
55 | + } | ||
56 | jbig2_image_compose(ctx, glyph, image, | ||
57 | -x, 0, JBIG2_COMPOSE_REPLACE); | ||
58 | x += SDNEWSYMWIDTHS[j]; | ||
59 | diff -up ghostscript-8.70/jbig2dec/jbig2_text.c.jbig2dec-nullderef ghostscript-8.70/jbig2dec/jbig2_text.c | ||
60 | --- ghostscript-8.70/jbig2dec/jbig2_text.c.jbig2dec-nullderef 2009-05-29 07:48:44.000000000 +0100 | ||
61 | +++ ghostscript-8.70/jbig2dec/jbig2_text.c 2009-08-03 17:53:05.166750610 +0100 | ||
62 | @@ -312,6 +312,9 @@ jbig2_decode_text_region(Jbig2Ctx *ctx, | ||
63 | IBO = IB; | ||
64 | refimage = jbig2_image_new(ctx, IBO->width + RDW, | ||
65 | IBO->height + RDH); | ||
66 | + if (image == NULL) | ||
67 | + return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, | ||
68 | + "could not allocate image storage"); | ||
69 | |||
70 | /* Table 12 */ | ||
71 | rparams.GRTEMPLATE = params->SBRTEMPLATE; | ||
72 | @@ -676,6 +679,9 @@ jbig2_parse_text_region(Jbig2Ctx *ctx, J | ||
73 | } | ||
74 | |||
75 | image = jbig2_image_new(ctx, region_info.width, region_info.height); | ||
76 | + if (image == NULL) | ||
77 | + return jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, | ||
78 | + "unable to allocate image storage"); | ||
79 | |||
80 | ws = jbig2_word_stream_buf_new(ctx, segment_data + offset, segment->data_length - offset); | ||
81 | if (!params.SBHUFF) { |