From 182d129bcee8f7731b9bbfde0064295ad3b37271 Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Thu, 12 Nov 2015 10:43:27 -0800 Subject: Clear decoders after the image decoder in the /Filter array. During decoding, when an image decoder is encountered, any subsequent decoders are ignored, but remain in the array. However, later on CPDF_DIBSource::ValidateDictParam expects the image decoder to be the last in the array, causing issues. A check is also added in CPDF_DIBSource::GetScanline to ensure that the calculated pitch value is <= the (4-aligned) pitch value in the cached bitmap to prevent future issues. Also cleans up some NULL usages. BUG=552046 R=jun_fang@foxitsoftware.com, tsepez@chromium.org Review URL: https://codereview.chromium.org/1406943005 . --- core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp') diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp index 990bf5f0e2..edf80d0618 100644 --- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp +++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp @@ -496,13 +496,18 @@ CPDF_Stream* CPDF_Array::GetStream(FX_DWORD i) const { CPDF_Array* CPDF_Array::GetArray(FX_DWORD i) const { return ToArray(GetElementValue(i)); } -void CPDF_Array::RemoveAt(FX_DWORD i) { - ASSERT(IsArray()); +void CPDF_Array::RemoveAt(FX_DWORD i, int nCount) { if (i >= (FX_DWORD)m_Objects.GetSize()) return; - if (CPDF_Object* p = static_cast(m_Objects.GetAt(i))) - p->Release(); - m_Objects.RemoveAt(i); + + if (nCount <= 0 || nCount > m_Objects.GetSize() - i) + return; + + for (int j = 0; j < nCount; ++j) { + if (CPDF_Object* p = static_cast(m_Objects.GetAt(i + j))) + p->Release(); + } + m_Objects.RemoveAt(i, nCount); } void CPDF_Array::SetAt(FX_DWORD i, CPDF_Object* pObj, -- cgit v1.2.3