From bf4aa2cc93a67826247e887b2ba26a1b965eb616 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Tue, 19 May 2015 14:56:52 -0700 Subject: Revert "Remove FX_Alloc() null checks now that it can't return NULL." This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660. Reason for revert: broke javascript tests. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1145843005 --- core/src/fxcodec/codec/fx_codec.cpp | 3 +++ core/src/fxcodec/codec/fx_codec_fax.cpp | 12 +++++++++ core/src/fxcodec/codec/fx_codec_flate.cpp | 42 ++++++++++++++++++++++++++--- core/src/fxcodec/codec/fx_codec_icc.cpp | 6 +++++ core/src/fxcodec/codec/fx_codec_jbig.cpp | 6 +++++ core/src/fxcodec/codec/fx_codec_jpx_opj.cpp | 6 +++++ 6 files changed, 72 insertions(+), 3 deletions(-) (limited to 'core/src/fxcodec') diff --git a/core/src/fxcodec/codec/fx_codec.cpp b/core/src/fxcodec/codec/fx_codec.cpp index c325cccdd4..e8aad711f3 100644 --- a/core/src/fxcodec/codec/fx_codec.cpp +++ b/core/src/fxcodec/codec/fx_codec.cpp @@ -333,6 +333,9 @@ FX_BOOL CCodec_RLScanlineDecoder::Create(FX_LPCBYTE src_buf, FX_DWORD src_size, m_Pitch = (width * nComps * bpc + 31) / 32 * 4; m_dwLineBytes = (width * nComps * bpc + 7) / 8; m_pScanline = FX_Alloc(FX_BYTE, m_Pitch); + if (m_pScanline == NULL) { + return FALSE; + } return CheckDestSize(); } FX_BOOL CCodec_RLScanlineDecoder::v_Rewind() diff --git a/core/src/fxcodec/codec/fx_codec_fax.cpp b/core/src/fxcodec/codec/fx_codec_fax.cpp index dc2ee2aacd..33e89e4f92 100644 --- a/core/src/fxcodec/codec/fx_codec_fax.cpp +++ b/core/src/fxcodec/codec/fx_codec_fax.cpp @@ -622,7 +622,13 @@ FX_BOOL CCodec_FaxDecoder::Create(FX_LPCBYTE src_buf, FX_DWORD src_size, int wid m_OutputWidth = m_OrigWidth; m_OutputHeight = m_OrigHeight; m_pScanlineBuf = FX_Alloc(FX_BYTE, m_Pitch); + if (m_pScanlineBuf == NULL) { + return FALSE; + } m_pRefBuf = FX_Alloc(FX_BYTE, m_Pitch); + if (m_pRefBuf == NULL) { + return FALSE; + } m_pSrcBuf = src_buf; m_SrcSize = src_size; m_nComps = 1; @@ -699,6 +705,9 @@ extern "C" { pitch = (width + 7) / 8; } FX_LPBYTE ref_buf = FX_Alloc(FX_BYTE, pitch); + if (ref_buf == NULL) { + return; + } FXSYS_memset8(ref_buf, 0xff, pitch); int bitpos = *pbitpos; for (int iRow = 0; iRow < height; iRow ++) { @@ -936,6 +945,9 @@ CCodec_FaxEncoder::CCodec_FaxEncoder(FX_LPCBYTE src_buf, int width, int height, m_Rows = height; m_Pitch = pitch; m_pRefLine = FX_Alloc(FX_BYTE, m_Pitch); + if (m_pRefLine == NULL) { + return; + } FXSYS_memset8(m_pRefLine, 0xff, m_Pitch); m_pLineBuf = FX_Alloc2D(FX_BYTE, m_Pitch, 8); m_DestBuf.EstimateSize(0, 10240); diff --git a/core/src/fxcodec/codec/fx_codec_flate.cpp b/core/src/fxcodec/codec/fx_codec_flate.cpp index 7a19e8b855..4d43cc554b 100644 --- a/core/src/fxcodec/codec/fx_codec_flate.cpp +++ b/core/src/fxcodec/codec/fx_codec_flate.cpp @@ -583,8 +583,8 @@ class CCodec_FlateScanlineDecoder : public CCodec_ScanlineDecoder public: CCodec_FlateScanlineDecoder(); ~CCodec_FlateScanlineDecoder(); - void Create(FX_LPCBYTE src_buf, FX_DWORD src_size, int width, int height, int nComps, int bpc, - int predictor, int Colors, int BitsPerComponent, int Columns); + FX_BOOL Create(FX_LPCBYTE src_buf, FX_DWORD src_size, int width, int height, int nComps, int bpc, + int predictor, int Colors, int BitsPerComponent, int Columns); virtual void Destroy() { delete this; @@ -630,7 +630,7 @@ CCodec_FlateScanlineDecoder::~CCodec_FlateScanlineDecoder() FPDFAPI_FlateEnd(m_pFlate); } } -void CCodec_FlateScanlineDecoder::Create(FX_LPCBYTE src_buf, FX_DWORD src_size, int width, int height, +FX_BOOL CCodec_FlateScanlineDecoder::Create(FX_LPCBYTE src_buf, FX_DWORD src_size, int width, int height, int nComps, int bpc, int predictor, int Colors, int BitsPerComponent, int Columns) { m_SrcBuf = src_buf; @@ -642,6 +642,9 @@ void CCodec_FlateScanlineDecoder::Create(FX_LPCBYTE src_buf, FX_DWORD src_size, m_bColorTransformed = FALSE; m_Pitch = (width * nComps * bpc + 7) / 8; m_pScanline = FX_Alloc(FX_BYTE, m_Pitch); + if (m_pScanline == NULL) { + return FALSE; + } m_Predictor = 0; if (predictor) { if (predictor >= 10) { @@ -660,10 +663,20 @@ void CCodec_FlateScanlineDecoder::Create(FX_LPCBYTE src_buf, FX_DWORD src_size, m_Columns = Columns; m_PredictPitch = (m_BitsPerComponent * m_Colors * m_Columns + 7) / 8; m_pLastLine = FX_Alloc(FX_BYTE, m_PredictPitch); + if (m_pLastLine == NULL) { + return FALSE; + } m_pPredictRaw = FX_Alloc(FX_BYTE, m_PredictPitch + 1); + if (m_pPredictRaw == NULL) { + return FALSE; + } m_pPredictBuffer = FX_Alloc(FX_BYTE, m_PredictPitch); + if (m_pPredictBuffer == NULL) { + return FALSE; + } } } + return TRUE; } FX_BOOL CCodec_FlateScanlineDecoder::v_Rewind() { @@ -739,6 +752,8 @@ static void FlateUncompress(FX_LPCBYTE src_buf, FX_DWORD src_size, FX_DWORD orig FX_LPBYTE guess_buf = FX_Alloc(FX_BYTE, guess_size + 1); FX_LPBYTE cur_buf = guess_buf; + if (!guess_buf) + goto fail; guess_buf[guess_size] = '\0'; context = FPDFAPI_FlateInit(my_alloc_func, my_free_func); if (!context) @@ -794,6 +809,12 @@ static void FlateUncompress(FX_LPCBYTE src_buf, FX_DWORD src_size, FX_DWORD orig // |avail_buf_size| == 0 case. result_tmp_bufs.Add(cur_buf); cur_buf = FX_Alloc(FX_BYTE, buf_size + 1); + if (!cur_buf) { + for (FX_INT32 i = 0; i < result_tmp_bufs.GetSize(); i++) { + FX_Free(result_tmp_bufs[i]); + } + goto fail; + } cur_buf[buf_size] = '\0'; } dest_size = FPDFAPI_FlateGetTotalOut(context); @@ -802,6 +823,12 @@ static void FlateUncompress(FX_LPCBYTE src_buf, FX_DWORD src_size, FX_DWORD orig dest_buf = result_tmp_bufs[0]; } else { FX_LPBYTE result_buf = FX_Alloc(FX_BYTE, dest_size); + if (!result_buf) { + for (FX_INT32 i = 0; i < result_tmp_bufs.GetSize(); i++) { + FX_Free(result_tmp_bufs[i]); + } + goto fail; + } FX_DWORD result_pos = 0; for (FX_INT32 i = 0; i < result_tmp_bufs.GetSize(); i++) { FX_LPBYTE tmp_buf = result_tmp_bufs[i]; @@ -860,6 +887,9 @@ FX_DWORD CCodec_FlateModule::FlateOrLZWDecode(FX_BOOL bLZW, const FX_BYTE* src_b { nonstd::unique_ptr decoder(new CLZWDecoder); dest_buf = FX_Alloc( FX_BYTE, dest_size + 1); + if (dest_buf == NULL) { + return -1; + } dest_buf[dest_size] = '\0'; decoder->Decode(dest_buf, dest_size, src_buf, offset, bEarlyChange); } @@ -888,6 +918,9 @@ FX_BOOL CCodec_FlateModule::Encode(const FX_BYTE* src_buf, FX_DWORD src_size, } FX_LPBYTE pSrcBuf = NULL; pSrcBuf = FX_Alloc(FX_BYTE, src_size); + if (pSrcBuf == NULL) { + return FALSE; + } FXSYS_memcpy32(pSrcBuf, src_buf, src_size); FX_BOOL ret = TRUE; if (predictor == 2) { @@ -906,6 +939,9 @@ FX_BOOL CCodec_FlateModule::Encode(FX_LPCBYTE src_buf, FX_DWORD src_size, FX_LPB { dest_size = src_size + src_size / 1000 + 12; dest_buf = FX_Alloc( FX_BYTE, dest_size); + if (dest_buf == NULL) { + return FALSE; + } unsigned long temp_size = dest_size; FPDFAPI_FlateCompress(dest_buf, &temp_size, src_buf, src_size); dest_size = (FX_DWORD)temp_size; diff --git a/core/src/fxcodec/codec/fx_codec_icc.cpp b/core/src/fxcodec/codec/fx_codec_icc.cpp index 26b4c1adfc..a984fecc30 100644 --- a/core/src/fxcodec/codec/fx_codec_icc.cpp +++ b/core/src/fxcodec/codec/fx_codec_icc.cpp @@ -285,6 +285,9 @@ ICodec_IccModule::IccCS CCodec_IccModule::GetProfileCS(IFX_FileRead* pFile) ICodec_IccModule::IccCS cs; FX_DWORD dwSize = (FX_DWORD)pFile->GetSize(); FX_LPBYTE pBuf = FX_Alloc(FX_BYTE, dwSize); + if (pBuf == NULL) { + return IccCS_Unknown; + } pFile->ReadBlock(pBuf, 0, dwSize); cs = GetProfileCS(pBuf, dwSize); FX_Free(pBuf); @@ -488,6 +491,9 @@ FX_LPVOID CCodec_IccModule::CreateTransform(ICodec_IccModule::IccParam* pInputPa CFX_IccTransformCache* pTransformCache; if (!m_MapTranform.Lookup(TransformKey, (FX_LPVOID&)pTransformCache)) { pCmm = FX_Alloc(CLcmsCmm, 1); + if (pCmm == NULL) { + return NULL; + } pCmm->m_nSrcComponents = T_CHANNELS(dwInputProfileType); pCmm->m_nDstComponents = T_CHANNELS(dwOutputProfileType); pCmm->m_bLab = T_COLORSPACE(pInputParam->dwFormat) == PT_Lab; diff --git a/core/src/fxcodec/codec/fx_codec_jbig.cpp b/core/src/fxcodec/codec/fx_codec_jbig.cpp index 8fcd9f4711..278d9cbcf6 100644 --- a/core/src/fxcodec/codec/fx_codec_jbig.cpp +++ b/core/src/fxcodec/codec/fx_codec_jbig.cpp @@ -53,6 +53,9 @@ FX_BOOL CCodec_Jbig2Module::Decode(IFX_FileRead* file_ptr, CJBig2_Image* dest_image = NULL; FX_DWORD src_size = (FX_DWORD)file_ptr->GetSize(); FX_LPBYTE src_buf = FX_Alloc(FX_BYTE, src_size); + if (src_buf == NULL) { + return FALSE; + } int ret = 0; if(!file_ptr->ReadBlock(src_buf, 0, src_size)) { goto failed; @@ -130,6 +133,9 @@ FXCODEC_STATUS CCodec_Jbig2Module::StartDecode(void* pJbig2Context, IFX_FileRead m_pJbig2Context->m_dest_image = NULL; m_pJbig2Context->m_src_size = (FX_DWORD)file_ptr->GetSize(); m_pJbig2Context->m_src_buf = FX_Alloc(FX_BYTE, m_pJbig2Context->m_src_size); + if (m_pJbig2Context->m_src_buf == NULL) { + return FXCODEC_STATUS_ERR_MEMORY; + } int ret = 0; if(!file_ptr->ReadBlock((void*)m_pJbig2Context->m_src_buf, 0, m_pJbig2Context->m_src_size)) { goto failed; diff --git a/core/src/fxcodec/codec/fx_codec_jpx_opj.cpp b/core/src/fxcodec/codec/fx_codec_jpx_opj.cpp index 1a1616c0a1..3546f574f9 100644 --- a/core/src/fxcodec/codec/fx_codec_jpx_opj.cpp +++ b/core/src/fxcodec/codec/fx_codec_jpx_opj.cpp @@ -715,8 +715,14 @@ FX_BOOL CJPX_Decoder::Decode(FX_LPBYTE dest_buf, int pitch, FX_BOOL bTranslateCo } FXSYS_memset8(dest_buf, 0xff, image->y1 * pitch); FX_BYTE** channel_bufs = FX_Alloc(FX_BYTE*, image->numcomps); + if (channel_bufs == NULL) { + return FALSE; + } FX_BOOL result = FALSE; int* adjust_comps = FX_Alloc(int, image->numcomps); + if (adjust_comps == NULL) { + goto done; + } for (i = 0; i < (int)image->numcomps; i ++) { channel_bufs[i] = dest_buf + offsets[i]; adjust_comps[i] = image->comps[i].prec - 8; -- cgit v1.2.3