diff options
author | Robin Watts <robin.watts@artifex.com> | 2012-04-05 18:01:54 +0100 |
---|---|---|
committer | Robin Watts <robin.watts@artifex.com> | 2012-04-05 18:26:34 +0100 |
commit | e7b13e1de4b29f36ed536bb863e5d81768550490 (patch) | |
tree | 82b9645887a4eb1223f49e76f4f8872204019fa0 | |
parent | ff55e72b741b955bbd0e23bd9d724c6682a181ac (diff) | |
download | mupdf-e7b13e1de4b29f36ed536bb863e5d81768550490.tar.xz |
Fix potential problems on malloc failure.
Don't reset the size of arrays until we have successfully resized them.
-rw-r--r-- | apps/mupdfinfo.c | 14 | ||||
-rw-r--r-- | draw/draw_edge.c | 5 | ||||
-rw-r--r-- | fitz/dev_text.c | 20 | ||||
-rw-r--r-- | fitz/res_text.c | 10 | ||||
-rw-r--r-- | pdf/base_object.c | 10 | ||||
-rw-r--r-- | pdf/pdf_cmap.c | 10 | ||||
-rw-r--r-- | pdf/pdf_function.c | 5 | ||||
-rw-r--r-- | pdf/pdf_metrics.c | 10 | ||||
-rw-r--r-- | pdf/pdf_page.c | 4 | ||||
-rw-r--r-- | pdf/pdf_shade.c | 15 |
10 files changed, 60 insertions, 43 deletions
diff --git a/apps/mupdfinfo.c b/apps/mupdfinfo.c index e02d8d1a..a54f92bd 100644 --- a/apps/mupdfinfo.c +++ b/apps/mupdfinfo.c @@ -209,9 +209,9 @@ gatherdimensions(int page, pdf_obj *pageref, pdf_obj *pageobj) if (j < dims) return; + dim = fz_resize_array(ctx, dim, dims+1, sizeof(struct info)); dims++; - dim = fz_resize_array(ctx, dim, dims, sizeof(struct info)); dim[dims - 1].page = page; dim[dims - 1].pageref = pageref; dim[dims - 1].pageobj = pageobj; @@ -254,9 +254,9 @@ gatherfonts(int page, pdf_obj *pageref, pdf_obj *pageobj, pdf_obj *dict) if (k < fonts) continue; + font = fz_resize_array(ctx, font, fonts+1, sizeof(struct info)); fonts++; - font = fz_resize_array(ctx, font, fonts, sizeof(struct info)); font[fonts - 1].page = page; font[fonts - 1].pageref = pageref; font[fonts - 1].pageobj = pageobj; @@ -323,9 +323,9 @@ gatherimages(int page, pdf_obj *pageref, pdf_obj *pageobj, pdf_obj *dict) if (k < images) continue; + image = fz_resize_array(ctx, image, images+1, sizeof(struct info)); images++; - image = fz_resize_array(ctx, image, images, sizeof(struct info)); image[images - 1].page = page; image[images - 1].pageref = pageref; image[images - 1].pageobj = pageobj; @@ -381,9 +381,9 @@ gatherforms(int page, pdf_obj *pageref, pdf_obj *pageobj, pdf_obj *dict) if (k < forms) continue; + form = fz_resize_array(ctx, form, forms+1, sizeof(struct info)); forms++; - form = fz_resize_array(ctx, form, forms, sizeof(struct info)); form[forms - 1].page = page; form[forms - 1].pageref = pageref; form[forms - 1].pageobj = pageobj; @@ -426,9 +426,9 @@ gatherpsobjs(int page, pdf_obj *pageref, pdf_obj *pageobj, pdf_obj *dict) if (k < psobjs) continue; + psobj = fz_resize_array(ctx, psobj, psobjs+1, sizeof(struct info)); psobjs++; - psobj = fz_resize_array(ctx, psobj, psobjs, sizeof(struct info)); psobj[psobjs - 1].page = page; psobj[psobjs - 1].pageref = pageref; psobj[psobjs - 1].pageobj = pageobj; @@ -469,9 +469,9 @@ gathershadings(int page, pdf_obj *pageref, pdf_obj *pageobj, pdf_obj *dict) if (k < shadings) continue; + shading = fz_resize_array(ctx, shading, shadings+1, sizeof(struct info)); shadings++; - shading = fz_resize_array(ctx, shading, shadings, sizeof(struct info)); shading[shadings - 1].page = page; shading[shadings - 1].pageref = pageref; shading[shadings - 1].pageobj = pageobj; @@ -537,9 +537,9 @@ gatherpatterns(int page, pdf_obj *pageref, pdf_obj *pageobj, pdf_obj *dict) if (k < patterns) continue; + pattern = fz_resize_array(ctx, pattern, patterns+1, sizeof(struct info)); patterns++; - pattern = fz_resize_array(ctx, pattern, patterns, sizeof(struct info)); pattern[patterns - 1].page = page; pattern[patterns - 1].pageref = pageref; pattern[patterns - 1].pageobj = pageobj; diff --git a/draw/draw_edge.c b/draw/draw_edge.c index 12ba72fc..53b67b73 100644 --- a/draw/draw_edge.c +++ b/draw/draw_edge.c @@ -307,8 +307,9 @@ fz_insert_gel_raw(fz_gel *gel, int x0, int y0, int x1, int y1) if (y1 > gel->bbox.y1) gel->bbox.y1 = y1; if (gel->len + 1 == gel->cap) { - gel->cap = gel->cap + 512; - gel->edges = fz_resize_array(gel->ctx, gel->edges, gel->cap, sizeof(fz_edge)); + int new_cap = gel->cap + 512; + gel->edges = fz_resize_array(gel->ctx, gel->edges, new_cap, sizeof(fz_edge)); + gel->cap = new_cap; } edge = &gel->edges[gel->len++]; diff --git a/fitz/dev_text.c b/fitz/dev_text.c index 5e7f8164..cd76830d 100644 --- a/fitz/dev_text.c +++ b/fitz/dev_text.c @@ -129,8 +129,9 @@ append_char(fz_context *ctx, fz_text_span *span, int c, fz_rect bbox) { if (span->len == span->cap) { - span->cap = MAX(64, span->cap * 2); - span->text = fz_resize_array(ctx, span->text, span->cap, sizeof(*span->text)); + int new_cap = MAX(64, span->cap * 2); + span->text = fz_resize_array(ctx, span->text, new_cap, sizeof(*span->text)); + span->cap = new_cap; } span->bbox = fz_union_rect(span->bbox, bbox); span->text[span->len].c = c; @@ -154,8 +155,9 @@ append_span(fz_context *ctx, fz_text_line *line, fz_text_span *span) return; if (line->len == line->cap) { - line->cap = MAX(8, line->cap * 2); - line->spans = fz_resize_array(ctx, line->spans, line->cap, sizeof(*line->spans)); + int new_cap = MAX(8, line->cap * 2); + line->spans = fz_resize_array(ctx, line->spans, new_cap, sizeof(*line->spans)); + line->cap = new_cap; } line->bbox = fz_union_rect(line->bbox, span->bbox); line->spans[line->len++] = *span; @@ -174,8 +176,9 @@ append_line(fz_context *ctx, fz_text_block *block, fz_text_line *line) { if (block->len == block->cap) { - block->cap = MAX(16, block->cap * 2); - block->lines = fz_resize_array(ctx, block->lines, block->cap, sizeof *block->lines); + int new_cap = MAX(16, block->cap * 2); + block->lines = fz_resize_array(ctx, block->lines, new_cap, sizeof *block->lines); + block->cap = new_cap; } block->bbox = fz_union_rect(block->bbox, line->bbox); block->lines[block->len++] = *line; @@ -201,8 +204,9 @@ lookup_block_for_line(fz_context *ctx, fz_text_page *page, fz_text_line *line) if (page->len == page->cap) { - page->cap = MAX(16, page->cap * 2); - page->blocks = fz_resize_array(ctx, page->blocks, page->cap, sizeof(*page->blocks)); + int new_cap = MAX(16, page->cap * 2); + page->blocks = fz_resize_array(ctx, page->blocks, new_cap, sizeof(*page->blocks)); + page->cap = new_cap; } page->blocks[page->len].bbox = fz_empty_rect; diff --git a/fitz/res_text.c b/fitz/res_text.c index 643b4c9f..6b5e3e3a 100644 --- a/fitz/res_text.c +++ b/fitz/res_text.c @@ -100,11 +100,13 @@ fz_bound_text(fz_context *ctx, fz_text *text, fz_matrix ctm) static void fz_grow_text(fz_context *ctx, fz_text *text, int n) { - if (text->len + n < text->cap) + int new_cap = text->cap; + if (text->len + n < new_cap) return; - while (text->len + n > text->cap) - text->cap = text->cap + 36; - text->items = fz_resize_array(ctx, text->items, text->cap, sizeof(fz_text_item)); + while (text->len + n > new_cap) + new_cap = new_cap + 36; + text->items = fz_resize_array(ctx, text->items, new_cap, sizeof(fz_text_item)); + text->cap = new_cap; } void diff --git a/pdf/base_object.c b/pdf/base_object.c index 00032fb8..6f0c5d99 100644 --- a/pdf/base_object.c +++ b/pdf/base_object.c @@ -438,9 +438,10 @@ static void pdf_array_grow(pdf_obj *obj) { int i; + int new_cap = (obj->u.a.cap * 3) / 2; - obj->u.a.cap = (obj->u.a.cap * 3) / 2; - obj->u.a.items = fz_resize_array(obj->ctx, obj->u.a.items, obj->u.a.cap, sizeof(pdf_obj*)); + obj->u.a.items = fz_resize_array(obj->ctx, obj->u.a.items, new_cap, sizeof(pdf_obj*)); + obj->u.a.cap = new_cap; for (i = obj->u.a.len ; i < obj->u.a.cap; i++) obj->u.a.items[i] = NULL; @@ -607,9 +608,10 @@ static void pdf_dict_grow(pdf_obj *obj) { int i; + int new_cap = (obj->u.d.cap * 3) / 2; - obj->u.d.cap = (obj->u.d.cap * 3) / 2; - obj->u.d.items = fz_resize_array(obj->ctx, obj->u.d.items, obj->u.d.cap, sizeof(struct keyval)); + obj->u.d.items = fz_resize_array(obj->ctx, obj->u.d.items, new_cap, sizeof(struct keyval)); + obj->u.d.cap = new_cap; for (i = obj->u.d.len; i < obj->u.d.cap; i++) { diff --git a/pdf/pdf_cmap.c b/pdf/pdf_cmap.c index 3c4d07bc..71066986 100644 --- a/pdf/pdf_cmap.c +++ b/pdf/pdf_cmap.c @@ -189,8 +189,9 @@ add_table(fz_context *ctx, pdf_cmap *cmap, int value) } if (cmap->tlen + 1 > cmap->tcap) { - cmap->tcap = cmap->tcap > 1 ? (cmap->tcap * 3) / 2 : 256; - cmap->table = fz_resize_array(ctx, cmap->table, cmap->tcap, sizeof(unsigned short)); + int new_cap = cmap->tcap > 1 ? (cmap->tcap * 3) / 2 : 256; + cmap->table = fz_resize_array(ctx, cmap->table, new_cap, sizeof(unsigned short)); + cmap->tcap = new_cap; } cmap->table[cmap->tlen++] = value; } @@ -210,8 +211,9 @@ add_range(fz_context *ctx, pdf_cmap *cmap, int low, int high, int flag, int offs } if (cmap->rlen + 1 > cmap->rcap) { - cmap->rcap = cmap->rcap > 1 ? (cmap->rcap * 3) / 2 : 256; - cmap->ranges = fz_resize_array(ctx, cmap->ranges, cmap->rcap, sizeof(pdf_range)); + int new_cap = cmap->rcap > 1 ? (cmap->rcap * 3) / 2 : 256; + cmap->ranges = fz_resize_array(ctx, cmap->ranges, new_cap, sizeof(pdf_range)); + cmap->rcap = new_cap; } cmap->ranges[cmap->rlen].low = low; pdf_range_set_high(&cmap->ranges[cmap->rlen], high); diff --git a/pdf/pdf_function.c b/pdf/pdf_function.c index cbcd8aa7..67c34836 100644 --- a/pdf/pdf_function.c +++ b/pdf/pdf_function.c @@ -692,8 +692,9 @@ resize_code(fz_context *ctx, pdf_function *func, int newsize) { if (newsize >= func->u.p.cap) { - func->u.p.cap = func->u.p.cap + 64; - func->u.p.code = fz_resize_array(ctx, func->u.p.code, func->u.p.cap, sizeof(psobj)); + int new_cap = func->u.p.cap + 64; + func->u.p.code = fz_resize_array(ctx, func->u.p.code, new_cap, sizeof(psobj)); + func->u.p.cap = new_cap; } } diff --git a/pdf/pdf_metrics.c b/pdf/pdf_metrics.c index 888757c0..7c09ad4e 100644 --- a/pdf/pdf_metrics.c +++ b/pdf/pdf_metrics.c @@ -25,8 +25,9 @@ pdf_add_hmtx(fz_context *ctx, pdf_font_desc *font, int lo, int hi, int w) { if (font->hmtx_len + 1 >= font->hmtx_cap) { - font->hmtx_cap = font->hmtx_cap + 16; - font->hmtx = fz_resize_array(ctx, font->hmtx, font->hmtx_cap, sizeof(pdf_hmtx)); + int new_cap = font->hmtx_cap + 16; + font->hmtx = fz_resize_array(ctx, font->hmtx, new_cap, sizeof(pdf_hmtx)); + font->hmtx_cap = new_cap; } font->hmtx[font->hmtx_len].lo = lo; @@ -40,8 +41,9 @@ pdf_add_vmtx(fz_context *ctx, pdf_font_desc *font, int lo, int hi, int x, int y, { if (font->vmtx_len + 1 >= font->vmtx_cap) { - font->vmtx_cap = font->vmtx_cap + 16; - font->vmtx = fz_resize_array(ctx, font->vmtx, font->vmtx_cap, sizeof(pdf_vmtx)); + int new_cap = font->vmtx_cap + 16; + font->vmtx = fz_resize_array(ctx, font->vmtx, new_cap, sizeof(pdf_vmtx)); + font->vmtx_cap = new_cap; } font->vmtx[font->vmtx_len].lo = lo; diff --git a/pdf/pdf_page.c b/pdf/pdf_page.c index 312d70b0..bbc335bb 100644 --- a/pdf/pdf_page.c +++ b/pdf/pdf_page.c @@ -80,9 +80,9 @@ pdf_load_page_tree_node(pdf_document *xref, pdf_obj *node, struct info info) if (xref->page_len == xref->page_cap) { fz_warn(ctx, "found more pages than expected"); + xref->page_refs = fz_resize_array(ctx, xref->page_refs, xref->page_cap+1, sizeof(pdf_obj*)); + xref->page_objs = fz_resize_array(ctx, xref->page_objs, xref->page_cap+1, sizeof(pdf_obj*)); xref->page_cap ++; - xref->page_refs = fz_resize_array(ctx, xref->page_refs, xref->page_cap, sizeof(pdf_obj*)); - xref->page_objs = fz_resize_array(ctx, xref->page_objs, xref->page_cap, sizeof(pdf_obj*)); } xref->page_refs[xref->page_len] = pdf_keep_obj(node); diff --git a/pdf/pdf_shade.c b/pdf/pdf_shade.c index 589b7613..0847f4d2 100644 --- a/pdf/pdf_shade.c +++ b/pdf/pdf_shade.c @@ -15,16 +15,19 @@ struct vertex static void pdf_grow_mesh(fz_context *ctx, fz_shade *shade, int amount) { - if (shade->mesh_len + amount < shade->mesh_cap) + int cap = shade->mesh_cap; + + if (shade->mesh_len + amount < cap) return; - if (shade->mesh_cap == 0) - shade->mesh_cap = 1024; + if (cap == 0) + cap = 1024; - while (shade->mesh_len + amount > shade->mesh_cap) - shade->mesh_cap = (shade->mesh_cap * 3) / 2; + while (shade->mesh_len + amount > cap) + cap = (cap * 3) / 2; - shade->mesh = fz_resize_array(ctx, shade->mesh, shade->mesh_cap, sizeof(float)); + shade->mesh = fz_resize_array(ctx, shade->mesh, cap, sizeof(float)); + shade->mesh_cap = cap; } static void |