From fd12ec5584d9a17f310a2c0c408a438ef3b1ce63 Mon Sep 17 00:00:00 2001 From: Lei Zhang Date: Mon, 5 Oct 2015 10:16:20 -0700 Subject: Disable JBIG2 cache; prevent data corruption - try 2. Also change CJBig2_SymbolDict::DeepCopy() to return a unique_ptr to prevent a potential leak if the cache size was 0. BUG=pdfium:207 R=tsepez@chromium.org, jbreiden@google.com Review URL: https://codereview.chromium.org/1374633004 . --- core/src/fxcodec/jbig2/JBig2_SymbolDict.cpp | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'core/src/fxcodec/jbig2/JBig2_SymbolDict.cpp') diff --git a/core/src/fxcodec/jbig2/JBig2_SymbolDict.cpp b/core/src/fxcodec/jbig2/JBig2_SymbolDict.cpp index ef02df1072..1ec56dfacc 100644 --- a/core/src/fxcodec/jbig2/JBig2_SymbolDict.cpp +++ b/core/src/fxcodec/jbig2/JBig2_SymbolDict.cpp @@ -7,6 +7,7 @@ #include "JBig2_SymbolDict.h" #include "../../../include/fxcrt/fx_memory.h" +#include "JBig2_Image.h" CJBig2_SymbolDict::CJBig2_SymbolDict() { SDNUMEXSYMS = 0; @@ -15,15 +16,16 @@ CJBig2_SymbolDict::CJBig2_SymbolDict() { m_gbContext = m_grContext = NULL; } -CJBig2_SymbolDict* CJBig2_SymbolDict::DeepCopy() { - CJBig2_SymbolDict* src = this; - if (src->m_bContextRetained || src->m_gbContext || src->m_grContext) { - return NULL; - } - CJBig2_SymbolDict* dst = new CJBig2_SymbolDict; +nonstd::unique_ptr CJBig2_SymbolDict::DeepCopy() const { + nonstd::unique_ptr dst; + const CJBig2_SymbolDict* src = this; + if (src->m_bContextRetained || src->m_gbContext || src->m_grContext) + return dst; + + dst.reset(new CJBig2_SymbolDict); dst->SDNUMEXSYMS = src->SDNUMEXSYMS; dst->SDEXSYMS = FX_Alloc(CJBig2_Image*, src->SDNUMEXSYMS); - for (FX_DWORD i = 0; i < src->SDNUMEXSYMS; i++) { + for (FX_DWORD i = 0; i < src->SDNUMEXSYMS; ++i) { if (src->SDEXSYMS[i]) { dst->SDEXSYMS[i] = new CJBig2_Image(*(src->SDEXSYMS[i])); } else { -- cgit v1.2.3