From 2a824f1c0ed786aed0dd15a0ea60dc90999e2b2c Mon Sep 17 00:00:00 2001 From: Lei Zhang Date: Mon, 8 Jun 2015 13:24:48 -0700 Subject: Fix potentially massive memory leak in CPDF_DIBSource::LoadJpxBitmap(). Leaks can happen in several places. For this particular bug, it happens when there is a colorspace component count mismatch. BUG=497191 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1153633009 --- core/src/fpdfapi/fpdf_render/render_int.h | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) (limited to 'core/src/fpdfapi/fpdf_render/render_int.h') diff --git a/core/src/fpdfapi/fpdf_render/render_int.h b/core/src/fpdfapi/fpdf_render/render_int.h index cf2074f5bd..529128e8f9 100644 --- a/core/src/fpdfapi/fpdf_render/render_int.h +++ b/core/src/fpdfapi/fpdf_render/render_int.h @@ -1,17 +1,18 @@ // Copyright 2014 PDFium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. - + // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com #ifndef CORE_SRC_FPDFAPI_FPDF_RENDER_RENDER_INT_H_ #define CORE_SRC_FPDFAPI_FPDF_RENDER_RENDER_INT_H_ +#include "../../../../third_party/base/nonstd_unique_ptr.h" #include "../../../include/fpdfapi/fpdf_pageobj.h" class CPDF_QuickStretcher; #define TYPE3_MAX_BLUES 16 -class CPDF_Type3Glyphs +class CPDF_Type3Glyphs { public: CPDF_Type3Glyphs() @@ -27,7 +28,7 @@ public: int m_TopBlueCount, m_BottomBlueCount; }; class CFX_GlyphBitmap; -class CPDF_Type3Cache +class CPDF_Type3Cache { public: CPDF_Type3Cache(CPDF_Type3Font* pFont) @@ -41,7 +42,7 @@ protected: CPDF_Type3Font* m_pFont; CFX_MapByteStringToPtr m_SizeMap; }; -class CPDF_TransferFunc +class CPDF_TransferFunc { public: CPDF_Document* m_pPDFDoc; @@ -53,7 +54,7 @@ public: }; typedef CFX_MapPtrTemplate*> CPDF_Type3CacheMap; typedef CFX_MapPtrTemplate*> CPDF_TransferFuncMap; -class CPDF_DocRenderData +class CPDF_DocRenderData { public: CPDF_DocRenderData(CPDF_Document* pPDFDoc = NULL); @@ -80,7 +81,7 @@ public: CFX_AffineMatrix m_Matrix; }; typedef CFX_ArrayTemplate<_PDF_RenderItem> CPDF_RenderLayer; -class IPDF_ObjectRenderer +class IPDF_ObjectRenderer { public: static IPDF_ObjectRenderer* Create(int type); @@ -89,7 +90,7 @@ public: virtual FX_BOOL Continue(IFX_Pause* pPause) = 0; FX_BOOL m_Result; }; -class CPDF_RenderStatus +class CPDF_RenderStatus { public: CPDF_RenderStatus(); @@ -181,7 +182,7 @@ protected: FX_ARGB m_T3FillColor; int m_curBlend; }; -class CPDF_ImageLoader +class CPDF_ImageLoader { public: CPDF_ImageLoader() @@ -207,7 +208,7 @@ protected: FX_INT32 m_nDownsampleWidth; FX_INT32 m_nDownsampleHeight; }; -class CPDF_ProgressiveImageLoaderHandle +class CPDF_ProgressiveImageLoaderHandle { public: CPDF_ProgressiveImageLoaderHandle(); @@ -260,7 +261,7 @@ protected: FX_BOOL DrawMaskedImage(); FX_BOOL DrawPatternImage(const CFX_Matrix* pObj2Device); }; -class CPDF_ScaledRenderBuffer +class CPDF_ScaledRenderBuffer { public: CPDF_ScaledRenderBuffer(); @@ -285,7 +286,7 @@ private: CFX_AffineMatrix m_Matrix; }; class ICodec_ScanlineDecoder; -class CPDF_QuickStretcher +class CPDF_QuickStretcher { public: CPDF_QuickStretcher(); @@ -302,7 +303,7 @@ public: CPDF_StreamAcc m_StreamAcc; int m_LineIndex; }; -class CPDF_DeviceBuffer +class CPDF_DeviceBuffer { public: CPDF_DeviceBuffer(); @@ -326,7 +327,7 @@ private: CFX_DIBitmap* m_pBitmap; CFX_AffineMatrix m_Matrix; }; -class CPDF_ImageCache +class CPDF_ImageCache { public: CPDF_ImageCache(CPDF_Document* pDoc, CPDF_Stream* pStream); @@ -443,7 +444,7 @@ protected: DIB_COMP_DATA* m_pCompData; FX_LPBYTE m_pLineBuf; FX_LPBYTE m_pMaskedLine; - CFX_DIBitmap* m_pCachedBitmap; + nonstd::unique_ptr m_pCachedBitmap; ICodec_ScanlineDecoder* m_pDecoder; }; #define FPDF_HUGE_IMAGE_SIZE 60000000 -- cgit v1.2.3