From a8edb9b209d75b844165b041fc49e1db302d9c51 Mon Sep 17 00:00:00 2001 From: Sebastian Rasmussen Date: Sat, 29 Oct 2016 15:00:50 +0800 Subject: Plug pixmap leak when fz_convert_pixmap() throws. --- source/fitz/load-jpx.c | 28 ++++++++++++++++++++++------ source/fitz/load-jxr.c | 11 ++++++++++- source/fitz/load-pnm.c | 14 +++++++------- source/fitz/load-tiff.c | 18 ++++++++---------- source/pdf/pdf-image.c | 10 +++++++++- source/tools/pdfextract.c | 14 +++++++------- 6 files changed, 63 insertions(+), 32 deletions(-) (limited to 'source') diff --git a/source/fitz/load-jpx.c b/source/fitz/load-jpx.c index f93a0775..b94a6392 100644 --- a/source/fitz/load-jpx.c +++ b/source/fitz/load-jpx.c @@ -427,10 +427,18 @@ jpx_read_image(fz_context *ctx, fz_jpxd *state, unsigned char *data, size_t size /* CMYK is a subtractive colorspace, we want additive for premul alpha */ if (state->pix->n == 5) { - fz_pixmap *tmp = fz_new_pixmap(ctx, fz_device_rgb(ctx), state->pix->w, state->pix->h, 1); - fz_convert_pixmap(ctx, tmp, state->pix); + fz_pixmap *rgb = fz_new_pixmap(ctx, fz_device_rgb(ctx), state->pix->w, state->pix->h, 1); + + fz_try(ctx) + fz_convert_pixmap(ctx, rgb, state->pix); + fz_catch(ctx) + { + fz_drop_pixmap(ctx, rgb); + fz_rethrow(ctx); + } + fz_drop_pixmap(ctx, state->pix); - state->pix = tmp; + state->pix = rgb; } if (alphas > 0 && prealphas == 0) @@ -914,10 +922,18 @@ jpx_read_image(fz_context *ctx, unsigned char *data, size_t size, fz_colorspace /* CMYK is a subtractive colorspace, we want additive for premul alpha */ if (n == 4) { - fz_pixmap *tmp = fz_new_pixmap(ctx, fz_device_rgb(ctx), w, h, 1); - fz_convert_pixmap(ctx, tmp, img); + fz_pixmap *rgb = fz_new_pixmap(ctx, fz_device_rgb(ctx), w, h, 1); + + fz_try(ctx) + fz_convert_pixmap(ctx, rgb, img); + fz_catch(ctx) + { + fz_drop_pixmap(ctx, rgb); + fz_rethrow(ctx); + } + fz_drop_pixmap(ctx, img); - img = tmp; + img = rgb; } fz_premultiply_pixmap(ctx, img); } diff --git a/source/fitz/load-jxr.c b/source/fitz/load-jxr.c index a501e341..e61d6e7a 100644 --- a/source/fitz/load-jxr.c +++ b/source/fitz/load-jxr.c @@ -414,9 +414,18 @@ fz_load_jxr(fz_context *ctx, unsigned char *data, size_t size) if (info.comps >= 4) { fz_pixmap *rgb = fz_new_pixmap(ctx, fz_device_rgb(ctx), image->w, image->h, 1); - fz_convert_pixmap(ctx, rgb, image); + rgb->xres = image->xres; rgb->yres = image->yres; + + fz_try(ctx) + fz_convert_pixmap(ctx, rgb, image); + fz_catch(ctx) + { + fz_drop_pixmap(ctx, rgb); + fz_rethrow(ctx); + } + fz_drop_pixmap(ctx, image); image = rgb; } diff --git a/source/fitz/load-pnm.c b/source/fitz/load-pnm.c index 4c827e43..f724eb09 100644 --- a/source/fitz/load-pnm.c +++ b/source/fitz/load-pnm.c @@ -568,20 +568,20 @@ pam_binary_read_image(fz_context *ctx, struct info *pnm, unsigned char *p, unsig if (img->n > 4) { fz_pixmap *rgb = fz_new_pixmap(ctx, fz_device_rgb(ctx), img->w, img->h, 1); + rgb->xres = img->xres; rgb->yres = img->yres; fz_try(ctx) - { fz_convert_pixmap(ctx, rgb, img); - fz_drop_pixmap(ctx, img); - img = rgb; - rgb = NULL; - } - fz_always(ctx) - fz_drop_pixmap(ctx, rgb); fz_catch(ctx) + { + fz_drop_pixmap(ctx, rgb); fz_rethrow(ctx); + } + + fz_drop_pixmap(ctx, img); + img = rgb; } fz_premultiply_pixmap(ctx, img); diff --git a/source/fitz/load-tiff.c b/source/fitz/load-tiff.c index 60b0e8a6..117b9816 100644 --- a/source/fitz/load-tiff.c +++ b/source/fitz/load-tiff.c @@ -1288,21 +1288,19 @@ fz_load_tiff_subimage(fz_context *ctx, unsigned char *buf, size_t len, int subim { fz_pixmap *rgb = fz_new_pixmap(ctx, fz_device_rgb(ctx), image->w, image->h, 1); - fz_var(rgb); + rgb->xres = image->xres; + rgb->yres = image->yres; fz_try(ctx) - { fz_convert_pixmap(ctx, rgb, image); - rgb->xres = image->xres; - rgb->yres = image->yres; - fz_drop_pixmap(ctx, image); - image = rgb; - rgb = NULL; - } - fz_always(ctx) - fz_drop_pixmap(ctx, rgb); fz_catch(ctx) + { + fz_drop_pixmap(ctx, rgb); fz_rethrow(ctx); + } + + fz_drop_pixmap(ctx, image); + image = rgb; } fz_premultiply_pixmap(ctx, image); diff --git a/source/pdf/pdf-image.c b/source/pdf/pdf-image.c index b669948b..141ee171 100644 --- a/source/pdf/pdf-image.c +++ b/source/pdf/pdf-image.c @@ -47,7 +47,15 @@ pdf_load_image_imp(fz_context *ctx, pdf_document *doc, pdf_obj *rdb, pdf_obj *di if (tile->n != 2) fz_warn(ctx, "soft mask should be grayscale"); gray = fz_new_pixmap_with_bbox(ctx, fz_device_gray(ctx), fz_pixmap_bbox(ctx, tile, &bbox), 0); - fz_convert_pixmap(ctx, gray, tile); + + fz_try(ctx) + fz_convert_pixmap(ctx, gray, tile); + fz_catch(ctx) + { + fz_drop_pixmap(ctx, gray); + fz_rethrow(ctx); + } + fz_drop_pixmap(ctx, tile); tile = gray; } diff --git a/source/tools/pdfextract.c b/source/tools/pdfextract.c index d65befdd..e8e03965 100644 --- a/source/tools/pdfextract.c +++ b/source/tools/pdfextract.c @@ -28,20 +28,20 @@ static int isfontdesc(pdf_obj *obj) return pdf_name_eq(ctx, type, PDF_NAME_FontDescriptor); } -static void writepixmap(fz_context *ctx, fz_pixmap *pix, char *file, int rgb) +static void writepixmap(fz_context *ctx, fz_pixmap *pix, char *file, int dorgb) { char buf[1024]; - fz_pixmap *converted = NULL; + fz_pixmap *rgb = NULL; if (!pix) return; - if (rgb && pix->colorspace && pix->colorspace != fz_device_rgb(ctx)) + if (dorgb && pix->colorspace && pix->colorspace != fz_device_rgb(ctx)) { fz_irect bbox; - converted = fz_new_pixmap_with_bbox(ctx, fz_device_rgb(ctx), fz_pixmap_bbox(ctx, pix, &bbox), pix->alpha); - fz_convert_pixmap(ctx, converted, pix); - pix = converted; + rgb = fz_new_pixmap_with_bbox(ctx, fz_device_rgb(ctx), fz_pixmap_bbox(ctx, pix, &bbox), pix->alpha); + fz_convert_pixmap(ctx, rgb, pix); + pix = rgb; } if (pix->n - pix->alpha <= 3) @@ -57,7 +57,7 @@ static void writepixmap(fz_context *ctx, fz_pixmap *pix, char *file, int rgb) fz_save_pixmap_as_pam(ctx, pix, buf); } - fz_drop_pixmap(ctx, converted); + fz_drop_pixmap(ctx, rgb); } static void -- cgit v1.2.3