summaryrefslogtreecommitdiff
path: root/core
diff options
context:
space:
mode:
authorNicolas Pena <npm@chromium.org>2017-05-12 14:36:06 -0400
committerChromium commit bot <commit-bot@chromium.org>2017-05-12 18:56:06 +0000
commitef73cf5838ab3a902872d9fc57a90621cc3d7f21 (patch)
treeeed3efc2f90742ea509b39ab529f23f8c77b8443 /core
parent2199ab8e048ae19ee3ae01afe640ce3a66092a00 (diff)
downloadpdfium-chromium/3099.tar.xz
Rename ErrorData and fix potential leakchromium/3100chromium/3099
This CL fixes a leak that can be caused by a longjmp in ErrorData. The method is renamed to express the fact that it includes such, and a followup should remove the jmps altogether. Bug: chromium:721488 Change-Id: Iefcc82a77a30ff77b7973b05611440a8d5bf275e Reviewed-on: https://pdfium-review.googlesource.com/5450 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
Diffstat (limited to 'core')
-rw-r--r--core/fxcodec/codec/fx_codec_progress.cpp3
-rw-r--r--core/fxcodec/lgif/cgifcontext.cpp2
-rw-r--r--core/fxcodec/lgif/cgifcontext.h3
-rw-r--r--core/fxcodec/lgif/fx_gif.cpp29
4 files changed, 24 insertions, 13 deletions
diff --git a/core/fxcodec/codec/fx_codec_progress.cpp b/core/fxcodec/codec/fx_codec_progress.cpp
index aa97ac4bb2..4cbae5cc75 100644
--- a/core/fxcodec/codec/fx_codec_progress.cpp
+++ b/core/fxcodec/codec/fx_codec_progress.cpp
@@ -1804,8 +1804,7 @@ FXCODEC_STATUS CCodec_ProgressiveDecoder::GetFrames(int32_t& frames) {
m_status = FXCODEC_STATUS_DECODE_READY;
return m_status;
}
- if (m_pGifContext.get())
- m_pGifContext = nullptr;
+ m_pGifContext = nullptr;
m_status = FXCODEC_STATUS_ERROR;
return m_status;
}
diff --git a/core/fxcodec/lgif/cgifcontext.cpp b/core/fxcodec/lgif/cgifcontext.cpp
index aa2aba6075..b7a513c7e8 100644
--- a/core/fxcodec/lgif/cgifcontext.cpp
+++ b/core/fxcodec/lgif/cgifcontext.cpp
@@ -33,7 +33,7 @@ CGifContext::CGifContext(CCodec_GifModule* gif_module, char* error_string)
CGifContext::~CGifContext() {}
-void CGifContext::ErrorData(const char* err_msg) {
+void CGifContext::ThrowError(const char* err_msg) {
strncpy(err_ptr, err_msg, GIF_MAX_ERROR_SIZE - 1);
longjmp(jmpbuf, 1);
}
diff --git a/core/fxcodec/lgif/cgifcontext.h b/core/fxcodec/lgif/cgifcontext.h
index 2ee8fbe396..e65d6c7b0b 100644
--- a/core/fxcodec/lgif/cgifcontext.h
+++ b/core/fxcodec/lgif/cgifcontext.h
@@ -21,7 +21,8 @@ class CGifContext {
CGifContext(CCodec_GifModule* gif_module, char* error_string);
~CGifContext();
- void ErrorData(const char* err_msg);
+ // TODO(npm): Remove longjmp from this method!!!
+ void ThrowError(const char* err_msg);
void RecordCurrentPosition(uint32_t* cur_pos_ptr);
void ReadScanline(int32_t row_num, uint8_t* row_buf);
bool GetRecordPosition(uint32_t cur_pos,
diff --git a/core/fxcodec/lgif/fx_gif.cpp b/core/fxcodec/lgif/fx_gif.cpp
index b9ff41cc2e..dd80dc65f7 100644
--- a/core/fxcodec/lgif/fx_gif.cpp
+++ b/core/fxcodec/lgif/fx_gif.cpp
@@ -11,6 +11,7 @@
#include "core/fxcodec/lbmp/fx_bmp.h"
#include "core/fxcodec/lgif/cgifcontext.h"
+#include "third_party/base/logging.h"
#include "third_party/base/ptr_util.h"
#include "third_party/base/stl_util.h"
@@ -118,7 +119,8 @@ GifDecodeStatus gif_decode_extension(CGifContext* context) {
GifDecodeStatus gif_decode_image_info(CGifContext* context) {
if (context->width == 0 || context->height == 0) {
- context->ErrorData("No Image Header Info");
+ context->ThrowError("No Image Header Info");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
uint32_t skip_size_org = context->skip_size;
@@ -141,7 +143,9 @@ GifDecodeStatus gif_decode_image_info(CGifContext* context) {
context->width ||
gif_image->m_ImageInfo.top + gif_image->m_ImageInfo.height >
context->height) {
- context->ErrorData("Image Data Out Of LSD, The File May Be Corrupt");
+ gif_image = nullptr;
+ context->ThrowError("Image Data Out Of LSD, The File May Be Corrupt");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
GifLF* gif_img_info_lf_ptr = (GifLF*)&gif_img_info_ptr->local_flag;
@@ -178,7 +182,8 @@ void gif_decoding_failure_at_tail_cleanup(CGifContext* context,
GifImage* gif_image_ptr) {
gif_image_ptr->m_ImageRowBuf.clear();
gif_save_decoding_status(context, GIF_D_STATUS_TAIL);
- context->ErrorData("Decode Image Data Error");
+ context->ThrowError("Decode Image Data Error");
+ NOTREACHED();
}
} // namespace
@@ -361,7 +366,8 @@ GifDecodeStatus gif_read_header(CGifContext* context) {
if (strncmp(gif_header_ptr->signature, GIF_SIGNATURE, 3) != 0 ||
gif_header_ptr->version[0] != '8' || gif_header_ptr->version[2] != 'a') {
- context->ErrorData("Not A Gif Image");
+ context->ThrowError("Not A Gif Image");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
GifLSD* gif_lsd_ptr = nullptr;
@@ -499,7 +505,8 @@ GifDecodeStatus gif_load_frame(CGifContext* context, int32_t frame_num) {
GifImage* gif_image_ptr = context->m_Images[frame_num].get();
uint32_t gif_img_row_bytes = gif_image_ptr->m_ImageInfo.width;
if (gif_img_row_bytes == 0) {
- context->ErrorData("Error Invalid Number of Row Bytes");
+ context->ThrowError("Error Invalid Number of Row Bytes");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
if (context->decode_status == GIF_D_STATUS_TAIL) {
@@ -522,7 +529,8 @@ GifDecodeStatus gif_load_frame(CGifContext* context, int32_t frame_num) {
(bool)((GifLF*)&gif_image_ptr->m_ImageInfo.local_flag)->interlace);
if (!bRes) {
gif_image_ptr->m_ImageRowBuf.clear();
- context->ErrorData("Error Read Record Position Data");
+ context->ThrowError("Error Read Record Position Data");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
} else {
@@ -540,13 +548,15 @@ GifDecodeStatus gif_load_frame(CGifContext* context, int32_t frame_num) {
(bool)((GifLF*)&gif_image_ptr->m_ImageInfo.local_flag)->interlace);
if (!bRes) {
gif_image_ptr->m_ImageRowBuf.clear();
- context->ErrorData("Error Read Record Position Data");
+ context->ThrowError("Error Read Record Position Data");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
}
if (gif_image_ptr->image_code_size >= 32) {
gif_image_ptr->m_ImageRowBuf.clear();
- context->ErrorData("Error Invalid Code Size");
+ context->ThrowError("Error Invalid Code Size");
+ NOTREACHED();
return GifDecodeStatus::Error;
}
if (!context->m_ImgDecoder.get())
@@ -643,7 +653,8 @@ GifDecodeStatus gif_load_frame(CGifContext* context, int32_t frame_num) {
}
gif_save_decoding_status(context, GIF_D_STATUS_TAIL);
}
- context->ErrorData("Decode Image Data Error");
+ context->ThrowError("Decode Image Data Error");
+ NOTREACHED();
return GifDecodeStatus::Error;
}