diff options
author | Robin Watts <robin.watts@artifex.com> | 2012-12-24 14:23:57 +0000 |
---|---|---|
committer | Robin Watts <robin.watts@artifex.com> | 2013-01-03 13:05:17 +0000 |
commit | 511a2bf0411f29e4620d0a23dea8771976cd1a37 (patch) | |
tree | 9913d2df9b79bbd12db79d14f5a3ae9c9d93d831 /fitz/stm_read.c | |
parent | 98cc01d82be792e600e13e88de9712fffa3240d5 (diff) | |
download | mupdf-511a2bf0411f29e4620d0a23dea8771976cd1a37.tar.xz |
Improve mutool clean behaviour on broken streams.
When cleaning a file with a corrupt stream in it, historically mupdf
would give up when it encountered such a stream. This is often not
what is desired, as information can be lost.
The changes herein allow us to use our best efforts when reading
a stream, so that broken streams are reproduced in the output
cleaned file.
Problem found in a test file, pdf_001/2599.pdf.asan.58.1778 supplied
by Mateusz "j00ru" Jurczyk and Gynvael Coldwind of the Google
Security Team using Address Sanitizer. Many thanks!
Diffstat (limited to 'fitz/stm_read.c')
-rw-r--r-- | fitz/stm_read.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/fitz/stm_read.c b/fitz/stm_read.c index 848ceef1..84fd877f 100644 --- a/fitz/stm_read.c +++ b/fitz/stm_read.c @@ -92,12 +92,21 @@ fz_fill_buffer(fz_stream *stm) fz_buffer * fz_read_all(fz_stream *stm, int initial) { + return fz_read_best(stm, initial, NULL); +} + +fz_buffer * +fz_read_best(fz_stream *stm, int initial, int *truncated) +{ fz_buffer *buf = NULL; int n; fz_context *ctx = stm->ctx; fz_var(buf); + if (truncated) + *truncated = 0; + fz_try(ctx) { if (initial < 1024) @@ -124,8 +133,15 @@ fz_read_all(fz_stream *stm, int initial) } fz_catch(ctx) { - fz_drop_buffer(ctx, buf); - fz_rethrow(ctx); + if (truncated) + { + *truncated = 1; + } + else + { + fz_drop_buffer(ctx, buf); + fz_rethrow(ctx); + } } fz_trim_buffer(ctx, buf); |