diff options
| author | Robin Watts <robin.watts@artifex.com> | 2012-04-05 18:01:54 +0100 |
|---|---|---|
| committer | Robin Watts <robin.watts@artifex.com> | 2012-04-05 18:26:34 +0100 |
| commit | e7b13e1de4b29f36ed536bb863e5d81768550490 (patch) | |
| tree | 82b9645887a4eb1223f49e76f4f8872204019fa0 /fitz | |
| parent | ff55e72b741b955bbd0e23bd9d724c6682a181ac (diff) | |
| download | mupdf-e7b13e1de4b29f36ed536bb863e5d81768550490.tar.xz | |
Fix potential problems on malloc failure.
Don't reset the size of arrays until we have successfully resized them.
Diffstat (limited to 'fitz')
| -rw-r--r-- | fitz/dev_text.c | 20 | ||||
| -rw-r--r-- | fitz/res_text.c | 10 |
2 files changed, 18 insertions, 12 deletions
diff --git a/fitz/dev_text.c b/fitz/dev_text.c index 5e7f8164..cd76830d 100644 --- a/fitz/dev_text.c +++ b/fitz/dev_text.c @@ -129,8 +129,9 @@ append_char(fz_context *ctx, fz_text_span *span, int c, fz_rect bbox) { if (span->len == span->cap) { - span->cap = MAX(64, span->cap * 2); - span->text = fz_resize_array(ctx, span->text, span->cap, sizeof(*span->text)); + int new_cap = MAX(64, span->cap * 2); + span->text = fz_resize_array(ctx, span->text, new_cap, sizeof(*span->text)); + span->cap = new_cap; } span->bbox = fz_union_rect(span->bbox, bbox); span->text[span->len].c = c; @@ -154,8 +155,9 @@ append_span(fz_context *ctx, fz_text_line *line, fz_text_span *span) return; if (line->len == line->cap) { - line->cap = MAX(8, line->cap * 2); - line->spans = fz_resize_array(ctx, line->spans, line->cap, sizeof(*line->spans)); + int new_cap = MAX(8, line->cap * 2); + line->spans = fz_resize_array(ctx, line->spans, new_cap, sizeof(*line->spans)); + line->cap = new_cap; } line->bbox = fz_union_rect(line->bbox, span->bbox); line->spans[line->len++] = *span; @@ -174,8 +176,9 @@ append_line(fz_context *ctx, fz_text_block *block, fz_text_line *line) { if (block->len == block->cap) { - block->cap = MAX(16, block->cap * 2); - block->lines = fz_resize_array(ctx, block->lines, block->cap, sizeof *block->lines); + int new_cap = MAX(16, block->cap * 2); + block->lines = fz_resize_array(ctx, block->lines, new_cap, sizeof *block->lines); + block->cap = new_cap; } block->bbox = fz_union_rect(block->bbox, line->bbox); block->lines[block->len++] = *line; @@ -201,8 +204,9 @@ lookup_block_for_line(fz_context *ctx, fz_text_page *page, fz_text_line *line) if (page->len == page->cap) { - page->cap = MAX(16, page->cap * 2); - page->blocks = fz_resize_array(ctx, page->blocks, page->cap, sizeof(*page->blocks)); + int new_cap = MAX(16, page->cap * 2); + page->blocks = fz_resize_array(ctx, page->blocks, new_cap, sizeof(*page->blocks)); + page->cap = new_cap; } page->blocks[page->len].bbox = fz_empty_rect; diff --git a/fitz/res_text.c b/fitz/res_text.c index 643b4c9f..6b5e3e3a 100644 --- a/fitz/res_text.c +++ b/fitz/res_text.c @@ -100,11 +100,13 @@ fz_bound_text(fz_context *ctx, fz_text *text, fz_matrix ctm) static void fz_grow_text(fz_context *ctx, fz_text *text, int n) { - if (text->len + n < text->cap) + int new_cap = text->cap; + if (text->len + n < new_cap) return; - while (text->len + n > text->cap) - text->cap = text->cap + 36; - text->items = fz_resize_array(ctx, text->items, text->cap, sizeof(fz_text_item)); + while (text->len + n > new_cap) + new_cap = new_cap + 36; + text->items = fz_resize_array(ctx, text->items, new_cap, sizeof(fz_text_item)); + text->cap = new_cap; } void |