Add bounds check into JBIG2 Arith decoder.

Currently when the BitStream runs out of bits it pretends that it still has content and will continue to return the last byte over and over again. This Cl updates the jbig decoder to detect that the bit stream is complete and returns a decode error. Bug: chromium:665056 Change-Id: I61ca75713e677a2c280e80374b8dcfd48bee67d8 Reviewed-on: https://pdfium-review.googlesource.com/3244 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
author: Dan Sinclair <dsinclair@chromium.org> 2017-03-28 12:44:58 -0400
committer: Chromium commit bot <commit-bot@chromium.org> 2017-03-28 17:07:05 +0000
commit: eed6421dc45a5cc74986b2ef0870974c829f829e (patch)
tree: f2da4f8ddf08ca108a8a47381e5cb7dc1bd85d3e /core/fxcodec/jbig2/JBig2_BitStream.cpp
parent: 8149ae111536d6f7272e676ad4b95b1b194d11b8 (diff)
download: pdfium-eed6421dc45a5cc74986b2ef0870974c829f829e.tar.xz
1 files changed, 9 insertions, 9 deletions
diff --git a/core/fxcodec/jbig2/JBig2_BitStream.cpp b/core/fxcodec/jbig2/JBig2_BitStream.cpp
index 3346521aca..67d82f49a7 100644
--- a/core/fxcodec/jbig2/JBig2_BitStream.cpp
+++ b/core/fxcodec/jbig2/JBig2_BitStream.cpp
@@ -27,7 +27,7 @@ CJBig2_BitStream::CJBig2_BitStream(CPDF_StreamAcc* pSrcStream)
 CJBig2_BitStream::~CJBig2_BitStream() {}
 
 int32_t CJBig2_BitStream::readNBits(uint32_t dwBits, uint32_t* dwResult) {
-  if (!IsInBound())
+  if (!IsInBounds())
     return -1;
 
   uint32_t dwBitPos = getBitPos();
@@ -49,7 +49,7 @@ int32_t CJBig2_BitStream::readNBits(uint32_t dwBits, uint32_t* dwResult) {
 }
 
 int32_t CJBig2_BitStream::readNBits(uint32_t dwBits, int32_t* nResult) {
-  if (!IsInBound())
+  if (!IsInBounds())
     return -1;
 
   uint32_t dwBitPos = getBitPos();
@@ -71,7 +71,7 @@ int32_t CJBig2_BitStream::readNBits(uint32_t dwBits, int32_t* nResult) {
 }
 
 int32_t CJBig2_BitStream::read1Bit(uint32_t* dwResult) {
-  if (!IsInBound())
+  if (!IsInBounds())
     return -1;
 
   *dwResult = (m_pBuf[m_dwByteIdx] >> (7 - m_dwBitIdx)) & 0x01;
@@ -80,7 +80,7 @@ int32_t CJBig2_BitStream::read1Bit(uint32_t* dwResult) {
 }
 
 int32_t CJBig2_BitStream::read1Bit(bool* bResult) {
-  if (!IsInBound())
+  if (!IsInBounds())
     return -1;
 
   *bResult = (m_pBuf[m_dwByteIdx] >> (7 - m_dwBitIdx)) & 0x01;
@@ -89,7 +89,7 @@ int32_t CJBig2_BitStream::read1Bit(bool* bResult) {
 }
 
 int32_t CJBig2_BitStream::read1Byte(uint8_t* cResult) {
-  if (!IsInBound())
+  if (!IsInBounds())
     return -1;
 
   *cResult = m_pBuf[m_dwByteIdx];
@@ -124,16 +124,16 @@ void CJBig2_BitStream::alignByte() {
 }
 
 uint8_t CJBig2_BitStream::getCurByte() const {
-  return IsInBound() ? m_pBuf[m_dwByteIdx] : 0;
+  return IsInBounds() ? m_pBuf[m_dwByteIdx] : 0;
 }
 
 void CJBig2_BitStream::incByteIdx() {
-  if (IsInBound())
+  if (IsInBounds())
     ++m_dwByteIdx;
 }
 
 uint8_t CJBig2_BitStream::getCurByte_arith() const {
-  return IsInBound() ? m_pBuf[m_dwByteIdx] : 0xFF;
+  return IsInBounds() ? m_pBuf[m_dwByteIdx] : 0xFF;
 }
 
 uint8_t CJBig2_BitStream::getNextByte_arith() const {
@@ -182,7 +182,7 @@ void CJBig2_BitStream::AdvanceBit() {
   }
 }
 
-bool CJBig2_BitStream::IsInBound() const {
+bool CJBig2_BitStream::IsInBounds() const {
   return m_dwByteIdx < m_dwLength;
 }
author	Dan Sinclair <dsinclair@chromium.org>	2017-03-28 12:44:58 -0400
committer	Chromium commit bot <commit-bot@chromium.org>	2017-03-28 17:07:05 +0000
commit	eed6421dc45a5cc74986b2ef0870974c829f829e (patch)
tree	f2da4f8ddf08ca108a8a47381e5cb7dc1bd85d3e /core/fxcodec/jbig2/JBig2_BitStream.cpp
parent	8149ae111536d6f7272e676ad4b95b1b194d11b8 (diff)
download	pdfium-eed6421dc45a5cc74986b2ef0870974c829f829e.tar.xz