From bf4aa2cc93a67826247e887b2ba26a1b965eb616 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Tue, 19 May 2015 14:56:52 -0700 Subject: Revert "Remove FX_Alloc() null checks now that it can't return NULL." This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660. Reason for revert: broke javascript tests. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1145843005 --- core/src/fxge/agg/agg23/agg_array.h | 6 ++- core/src/fxge/agg/agg23/fx_agg_path_storage.cpp | 3 ++ .../agg/agg23/fx_agg_rasterizer_scanline_aa.cpp | 6 +++ core/src/fxge/dib/fx_dib_composite.cpp | 37 +++++++++++++ core/src/fxge/dib/fx_dib_convert.cpp | 12 +++++ core/src/fxge/dib/fx_dib_engine.cpp | 6 +++ core/src/fxge/dib/fx_dib_main.cpp | 15 ++++-- core/src/fxge/ge/fx_ge_font.cpp | 6 +++ core/src/fxge/ge/fx_ge_fontmap.cpp | 19 +++++-- core/src/fxge/ge/fx_ge_path.cpp | 63 +++++++++++++++------- core/src/fxge/ge/fx_ge_ps.cpp | 10 ++++ core/src/fxge/ge/fx_ge_text.cpp | 3 ++ core/src/fxge/win32/fx_win32_device.cpp | 3 ++ core/src/fxge/win32/fx_win32_dib.cpp | 13 +++++ core/src/fxge/win32/fx_win32_gdipext.cpp | 28 ++++++++++ core/src/fxge/win32/fx_win32_print.cpp | 3 ++ 16 files changed, 207 insertions(+), 26 deletions(-) (limited to 'core/src/fxge') diff --git a/core/src/fxge/agg/agg23/agg_array.h b/core/src/fxge/agg/agg23/agg_array.h index 810eb4ef22..b3b5f2b877 100644 --- a/core/src/fxge/agg/agg23/agg_array.h +++ b/core/src/fxge/agg/agg23/agg_array.h @@ -111,8 +111,12 @@ void pod_array::capacity(unsigned cap, unsigned extra_tail) m_capacity = 0; } else if(full_cap > m_capacity) { FX_Free(m_array); + m_array = 0; + m_capacity = 0; m_array = FX_Alloc(T, full_cap); - m_capacity = full_cap; + if (m_array) { + m_capacity = full_cap; + } } } template diff --git a/core/src/fxge/agg/agg23/fx_agg_path_storage.cpp b/core/src/fxge/agg/agg23/fx_agg_path_storage.cpp index b62d4baa1c..b4b184e0a4 100644 --- a/core/src/fxge/agg/agg23/fx_agg_path_storage.cpp +++ b/core/src/fxge/agg/agg23/fx_agg_path_storage.cpp @@ -71,6 +71,9 @@ void path_storage::allocate_block(unsigned nb) FX_Alloc( FX_FLOAT, block_size * 2 + block_size / (sizeof(FX_FLOAT) / sizeof(unsigned char))); + if (!m_coord_blocks[nb]) { + return; + } m_cmd_blocks[nb] = (unsigned char*)(m_coord_blocks[nb] + block_size * 2); m_total_blocks++; diff --git a/core/src/fxge/agg/agg23/fx_agg_rasterizer_scanline_aa.cpp b/core/src/fxge/agg/agg23/fx_agg_rasterizer_scanline_aa.cpp index 1c32d96cab..634d10a3be 100644 --- a/core/src/fxge/agg/agg23/fx_agg_rasterizer_scanline_aa.cpp +++ b/core/src/fxge/agg/agg23/fx_agg_rasterizer_scanline_aa.cpp @@ -117,6 +117,9 @@ void outline_aa::allocate_block() if(m_cur_block >= m_num_blocks) { if(m_num_blocks >= m_max_blocks) { cell_aa** new_cells = FX_Alloc( cell_aa*, m_max_blocks + cell_block_pool); + if (!new_cells) { + return; + } if(m_cells) { FXSYS_memcpy32(new_cells, m_cells, m_max_blocks * sizeof(cell_aa*)); FX_Free(m_cells); @@ -125,6 +128,9 @@ void outline_aa::allocate_block() m_max_blocks += cell_block_pool; } m_cells[m_num_blocks++] = FX_Alloc(cell_aa, cell_block_size); + if (!m_cells[m_num_blocks - 1]) { + return; + } } m_cur_cell_ptr = m_cells[m_cur_block++]; } diff --git a/core/src/fxge/dib/fx_dib_composite.cpp b/core/src/fxge/dib/fx_dib_composite.cpp index e385bc9ffe..ae72fc5a43 100644 --- a/core/src/fxge/dib/fx_dib_composite.cpp +++ b/core/src/fxge/dib/fx_dib_composite.cpp @@ -3601,6 +3601,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB if ((dest_format & 0xff) == 8) { int pal_count = 1 << (src_format & 0xff); FX_LPBYTE gray_pal = FX_Alloc(FX_BYTE, pal_count); + if (!gray_pal) { + return; + } pDestPalette = (FX_DWORD*)gray_pal; for (int i = 0; i < pal_count; i ++) { FX_DWORD color = isSrcCmyk ? FXCMYK_TODIB(pSrcPalette[i]) : FXARGB_TODIB(pSrcPalette[i]); @@ -3610,6 +3613,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB } else { int palsize = 1 << (src_format & 0xff); pDestPalette = FX_Alloc(FX_DWORD, palsize); + if (!pDestPalette) { + return; + } for (int i = 0; i < palsize; i ++) { FX_DWORD color = isSrcCmyk ? FXCMYK_TODIB(pSrcPalette[i]) : FXARGB_TODIB(pSrcPalette[i]); pIccModule->TranslateScanline(pIccTransform, (FX_LPBYTE)&color, (FX_LPCBYTE)&color, 1); @@ -3619,6 +3625,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB } else { int pal_count = 1 << (src_format & 0xff); FX_LPBYTE gray_pal = FX_Alloc(FX_BYTE, pal_count); + if (!gray_pal) { + return; + } if (pal_count == 2) { gray_pal[0] = 0; gray_pal[1] = 255; @@ -3632,6 +3641,10 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB pDestPalette = (FX_DWORD*)gray_pal; } else { pDestPalette = FX_Alloc(FX_DWORD, pal_count); + if (!pDestPalette) { + FX_Free(gray_pal); + return; + } for (int i = 0; i < pal_count; i ++) { pIccModule->TranslateScanline(pIccTransform, (FX_LPBYTE)&pDestPalette[i], &gray_pal[i], 1); pDestPalette[i] = isDstCmyk ? FXCMYK_TODIB(pDestPalette[i]) : FXARGB_TODIB(pDestPalette[i]); @@ -3644,6 +3657,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB if ((dest_format & 0xff) == 8) { int pal_count = 1 << (src_format & 0xff); FX_LPBYTE gray_pal = FX_Alloc(FX_BYTE, pal_count); + if (!gray_pal) { + return; + } pDestPalette = (FX_DWORD*)gray_pal; if (isSrcCmyk) { for (int i = 0; i < pal_count; i ++) { @@ -3661,6 +3677,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB } else { int palsize = 1 << (src_format & 0xff); pDestPalette = FX_Alloc(FX_DWORD, palsize); + if (!pDestPalette) { + return; + } if (isDstCmyk == isSrcCmyk) { FXSYS_memcpy32(pDestPalette, pSrcPalette, palsize * sizeof(FX_DWORD)); } else { @@ -3677,6 +3696,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB if ((dest_format & 0xff) == 8) { int pal_count = 1 << (src_format & 0xff); FX_LPBYTE gray_pal = FX_Alloc(FX_BYTE, pal_count); + if (!gray_pal) { + return; + } if (pal_count == 2) { gray_pal[0] = 0; gray_pal[1] = 255; @@ -3689,6 +3711,9 @@ inline void _ScanlineCompositor_InitSourcePalette(FXDIB_Format src_format, FXDIB } else { int palsize = 1 << (src_format & 0xff); pDestPalette = FX_Alloc(FX_DWORD, palsize); + if (!pDestPalette) { + return; + } if (palsize == 2) { pDestPalette[0] = isSrcCmyk ? 255 : 0xff000000; pDestPalette[1] = isSrcCmyk ? 0 : 0xffffffff; @@ -4438,13 +4463,25 @@ FX_BOOL CFX_BitmapComposer::SetInfo(int width, int height, FXDIB_Format src_form } if (m_bVertical) { m_pScanlineV = FX_Alloc(FX_BYTE, m_pBitmap->GetBPP() / 8 * width + 4); + if (!m_pScanlineV) { + return FALSE; + } m_pClipScanV = FX_Alloc(FX_BYTE, m_pBitmap->GetHeight()); + if (!m_pClipScanV) { + return FALSE; + } if (m_pBitmap->m_pAlphaMask) { m_pScanlineAlphaV = FX_Alloc(FX_BYTE, width + 4); + if (!m_pScanlineAlphaV) { + return FALSE; + } } } if (m_BitmapAlpha < 255) { m_pAddClipScan = FX_Alloc(FX_BYTE, m_bVertical ? m_pBitmap->GetHeight() : m_pBitmap->GetWidth()); + if (!m_pAddClipScan) { + return FALSE; + } } return TRUE; } diff --git a/core/src/fxge/dib/fx_dib_convert.cpp b/core/src/fxge/dib/fx_dib_convert.cpp index dacc43db64..4a8befe5e3 100644 --- a/core/src/fxge/dib/fx_dib_convert.cpp +++ b/core/src/fxge/dib/fx_dib_convert.cpp @@ -236,6 +236,9 @@ FX_BOOL CFX_Palette::BuildPalette(const CFX_DIBSource* pBitmap, int pal_type) FX_Free(m_pPalette); } m_pPalette = FX_Alloc(FX_DWORD, 256); + if (!m_pPalette) { + return FALSE; + } int bpp = pBitmap->GetBPP() / 8; int width = pBitmap->GetWidth(); int height = pBitmap->GetHeight(); @@ -248,7 +251,13 @@ FX_BOOL CFX_Palette::BuildPalette(const CFX_DIBSource* pBitmap, int pal_type) m_aLut = NULL; } m_cLut = FX_Alloc(FX_DWORD, 4096); + if (!m_cLut) { + return FALSE; + } m_aLut = FX_Alloc(FX_DWORD, 4096); + if (!m_aLut) { + return FALSE; + } int row, col; m_lut = 0; for (row = 0; row < height; row++) { @@ -859,6 +868,9 @@ FX_BOOL ConvertBuffer(FXDIB_Format dest_format, FX_LPBYTE dest_buf, int dest_pit return ConvertBuffer(FXDIB_8bppMask, dest_buf, dest_pitch, width, height, pSrcBitmap, src_left, src_top, d_pal, pIccTransform); } d_pal = FX_Alloc(FX_DWORD, 256); + if (!d_pal) { + return FALSE; + } if (((src_format & 0xff) == 1 || (src_format & 0xff) == 8) && pSrcBitmap->GetPalette()) { return _ConvertBuffer_Plt2PltRgb8(dest_buf, dest_pitch, width, height, pSrcBitmap, src_left, src_top, d_pal, pIccTransform); } else if ((src_format & 0xff) >= 24) { diff --git a/core/src/fxge/dib/fx_dib_engine.cpp b/core/src/fxge/dib/fx_dib_engine.cpp index b486def167..7c40171c2b 100644 --- a/core/src/fxge/dib/fx_dib_engine.cpp +++ b/core/src/fxge/dib/fx_dib_engine.cpp @@ -796,8 +796,14 @@ FX_BOOL CFX_ImageStretcher::StartQuickStretch() } size *= m_DestBPP; m_pScanline = FX_Alloc(FX_BYTE, (size / 8 + 3) / 4 * 4); + if (!m_pScanline) { + return FALSE; + } if (m_pSource->m_pAlphaMask) { m_pMaskScanline = FX_Alloc(FX_BYTE, (m_ClipRect.Width() + 3) / 4 * 4); + if (!m_pMaskScanline) { + return FALSE; + } } if (m_pSource->GetWidth() * m_pSource->GetHeight() < MAX_PROGRESSIVE_STRETCH_PIXELS) { ContinueQuickStretch(NULL); diff --git a/core/src/fxge/dib/fx_dib_main.cpp b/core/src/fxge/dib/fx_dib_main.cpp index f55b2f5737..a54c9abed0 100644 --- a/core/src/fxge/dib/fx_dib_main.cpp +++ b/core/src/fxge/dib/fx_dib_main.cpp @@ -85,12 +85,12 @@ FX_BOOL CFX_DIBitmap::Create(int width, int height, FXDIB_Format format, FX_LPBY int oomlimit = _MAX_OOM_LIMIT_; if (oomlimit >= 0 && size >= oomlimit) { m_pBuffer = FX_TryAlloc(FX_BYTE, size); - if (m_pBuffer == NULL) { - return FALSE; - } } else { m_pBuffer = FX_Alloc(FX_BYTE, size); } + if (m_pBuffer == NULL) { + return FALSE; + } } m_Width = width; m_Height = height; @@ -202,6 +202,9 @@ void CFX_DIBSource::BuildPalette() } if (GetBPP() == 1) { m_pPalette = FX_Alloc(FX_DWORD, 2); + if (!m_pPalette) { + return; + } if(IsCmykImage()) { m_pPalette[0] = 0xff; m_pPalette[1] = 0; @@ -211,6 +214,9 @@ void CFX_DIBSource::BuildPalette() } } else if (GetBPP() == 8) { m_pPalette = FX_Alloc(FX_DWORD, 256); + if (!m_pPalette) { + return; + } if(IsCmykImage()) { for (int i = 0; i < 256; i ++) { m_pPalette[i] = 0xff - i; @@ -525,6 +531,9 @@ void CFX_DIBSource::CopyPalette(const FX_DWORD* pSrc, FX_DWORD size) if (m_pPalette == NULL) { m_pPalette = FX_Alloc(FX_DWORD, pal_size); } + if (!m_pPalette) { + return; + } if (pal_size > size) { pal_size = size; } diff --git a/core/src/fxge/ge/fx_ge_font.cpp b/core/src/fxge/ge/fx_ge_font.cpp index 1896218cbf..104a23998d 100644 --- a/core/src/fxge/ge/fx_ge_font.cpp +++ b/core/src/fxge/ge/fx_ge_font.cpp @@ -104,6 +104,9 @@ extern "C" { FX_BOOL _LoadFile(FXFT_Library library, FXFT_Face* Face, IFX_FileRead* pFile, FXFT_Stream* stream) { FXFT_Stream stream1 = (FXFT_Stream)FX_Alloc(FX_BYTE, sizeof (FXFT_StreamRec)); + if (!stream1) { + return FALSE; + } stream1->base = NULL; stream1->size = (unsigned long)pFile->GetSize(); stream1->pos = 0; @@ -174,6 +177,9 @@ static FXFT_Face FT_LoadFont(FX_LPBYTE pData, int size) FX_BOOL CFX_Font::LoadEmbedded(FX_LPCBYTE data, FX_DWORD size) { m_pFontDataAllocation = FX_Alloc(FX_BYTE, size); + if (!m_pFontDataAllocation) { + return FALSE; + } FXSYS_memcpy32(m_pFontDataAllocation, data, size); m_Face = FT_LoadFont((FX_LPBYTE)m_pFontDataAllocation, size); m_pFontData = (FX_LPBYTE)m_pFontDataAllocation; diff --git a/core/src/fxge/ge/fx_ge_fontmap.cpp b/core/src/fxge/ge/fx_ge_fontmap.cpp index 74f97d1b2e..f058f03bce 100644 --- a/core/src/fxge/ge/fx_ge_fontmap.cpp +++ b/core/src/fxge/ge/fx_ge_fontmap.cpp @@ -564,6 +564,9 @@ CFX_ByteString CFX_FontMapper::GetPSNameFromTT(void* hFont) FX_DWORD size = m_pFontInfo->GetFontData(hFont, 0x6e616d65, NULL, 0); if (size) { FX_LPBYTE buffer = FX_Alloc(FX_BYTE, size); + if (!buffer) { + return result; + } m_pFontInfo->GetFontData(hFont, 0x6e616d65, buffer, size); result = _FPDF_GetNameFromTT(buffer, 6); FX_Free(buffer); @@ -1206,15 +1209,21 @@ FXFT_Face CFX_FontMapper::FindSubstFont(const CFX_ByteString& name, FX_BOOL bTru face = m_pFontMgr->GetCachedTTCFace(ttc_size, checksum, ttc_size - font_size, pFontData); if (face == NULL) { pFontData = FX_Alloc(FX_BYTE, ttc_size); - m_pFontInfo->GetFontData(hFont, 0x74746366, pFontData, ttc_size); - face = m_pFontMgr->AddCachedTTCFace(ttc_size, checksum, pFontData, ttc_size, - ttc_size - font_size); + if (pFontData) { + m_pFontInfo->GetFontData(hFont, 0x74746366, pFontData, ttc_size); + face = m_pFontMgr->AddCachedTTCFace(ttc_size, checksum, pFontData, ttc_size, + ttc_size - font_size); + } } } else { FX_LPBYTE pFontData; face = m_pFontMgr->GetCachedFace(SubstName, weight, bItalic, pFontData); if (face == NULL) { pFontData = FX_Alloc(FX_BYTE, font_size); + if (!pFontData) { + m_pFontInfo->DeleteFont(hFont); + return NULL; + } m_pFontInfo->GetFontData(hFont, 0, pFontData, font_size); face = m_pFontMgr->AddCachedFace(SubstName, weight, bItalic, pFontData, font_size, m_pFontInfo->GetFaceIndex(hFont)); } @@ -1371,6 +1380,10 @@ void CFX_FolderFontInfo::ScanFile(CFX_ByteString& path) } FX_DWORD face_bytes = nFaces * 4; FX_LPBYTE offsets = FX_Alloc(FX_BYTE, face_bytes); + if (!offsets) { + FXSYS_fclose(pFile); + return; + } readCnt = FXSYS_fread(offsets, face_bytes, 1, pFile); if (readCnt != face_bytes) { FX_Free(offsets); diff --git a/core/src/fxge/ge/fx_ge_path.cpp b/core/src/fxge/ge/fx_ge_path.cpp index 5982082f7b..b96a2f1163 100644 --- a/core/src/fxge/ge/fx_ge_path.cpp +++ b/core/src/fxge/ge/fx_ge_path.cpp @@ -4,10 +4,8 @@ // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com -#include "../../../../third_party/base/numerics/safe_math.h" #include "../../../include/fxcrt/fx_basic.h" #include "../../../include/fxge/fx_ge.h" - CFX_ClipRgn::CFX_ClipRgn(int width, int height) { m_Type = RectI; @@ -122,7 +120,7 @@ CFX_PathData::~CFX_PathData() FX_Free(m_pPoints); } } -void CFX_PathData::SetPointCount(int nPoints) +FX_BOOL CFX_PathData::SetPointCount(int nPoints) { m_PointCount = nPoints; if (m_AllocCount < nPoints) { @@ -131,13 +129,20 @@ void CFX_PathData::SetPointCount(int nPoints) m_pPoints = NULL; } m_pPoints = FX_Alloc(FX_PATHPOINT, nPoints); + if (!m_pPoints) { + return FALSE; + } m_AllocCount = nPoints; } + return TRUE; } -void CFX_PathData::AllocPointCount(int nPoints) +FX_BOOL CFX_PathData::AllocPointCount(int nPoints) { if (m_AllocCount < nPoints) { FX_PATHPOINT* pNewBuf = FX_Alloc(FX_PATHPOINT, nPoints); + if (!pNewBuf) { + return FALSE; + } if (m_PointCount) { FXSYS_memcpy32(pNewBuf, m_pPoints, m_PointCount * sizeof(FX_PATHPOINT)); } @@ -147,11 +152,16 @@ void CFX_PathData::AllocPointCount(int nPoints) m_pPoints = pNewBuf; m_AllocCount = nPoints; } + return TRUE; } CFX_PathData::CFX_PathData(const CFX_PathData& src) { + m_pPoints = NULL; m_PointCount = m_AllocCount = src.m_PointCount; m_pPoints = FX_Alloc(FX_PATHPOINT, src.m_PointCount); + if (!m_pPoints) { + return; + } FXSYS_memcpy32(m_pPoints, src.m_pPoints, sizeof(FX_PATHPOINT) * m_PointCount); } void CFX_PathData::TrimPoints(int nPoints) @@ -161,23 +171,29 @@ void CFX_PathData::TrimPoints(int nPoints) } SetPointCount(nPoints); } -void CFX_PathData::AddPointCount(int addPoints) +FX_BOOL CFX_PathData::AddPointCount(int addPoints) { - pdfium::base::CheckedNumeric new_count = m_PointCount; - new_count += addPoints; - m_PointCount = new_count.ValueOrDie(); - AllocPointCount(m_PointCount); + int new_count = m_PointCount + addPoints; + if (!AllocPointCount(new_count)) { + return FALSE; + } + m_PointCount = new_count; + return TRUE; } -void CFX_PathData::Append(const CFX_PathData* pSrc, const CFX_AffineMatrix* pMatrix) +FX_BOOL CFX_PathData::Append(const CFX_PathData* pSrc, const CFX_AffineMatrix* pMatrix) { int old_count = m_PointCount; - AddPointCount(pSrc->m_PointCount); + if (!AddPointCount(pSrc->m_PointCount)) { + return FALSE; + } FXSYS_memcpy32(m_pPoints + old_count, pSrc->m_pPoints, pSrc->m_PointCount * sizeof(FX_PATHPOINT)); - if (pMatrix) { - for (int i = 0; i < pSrc->m_PointCount; i ++) { - pMatrix->Transform(m_pPoints[old_count + i].m_PointX, m_pPoints[old_count + i].m_PointY); - } + if (pMatrix == NULL) { + return TRUE; } + for (int i = 0; i < pSrc->m_PointCount; i ++) { + pMatrix->Transform(m_pPoints[old_count + i].m_PointX, m_pPoints[old_count + i].m_PointY); + } + return TRUE; } void CFX_PathData::SetPoint(int index, FX_FLOAT x, FX_FLOAT y, int flag) { @@ -186,10 +202,12 @@ void CFX_PathData::SetPoint(int index, FX_FLOAT x, FX_FLOAT y, int flag) m_pPoints[index].m_PointY = y; m_pPoints[index].m_Flag = flag; } -void CFX_PathData::AppendRect(FX_FLOAT left, FX_FLOAT bottom, FX_FLOAT right, FX_FLOAT top) +FX_BOOL CFX_PathData::AppendRect(FX_FLOAT left, FX_FLOAT bottom, FX_FLOAT right, FX_FLOAT top) { int old_count = m_PointCount; - AddPointCount(5); + if (!AddPointCount(5)) { + return FALSE; + } FX_PATHPOINT* pPoints = m_pPoints + old_count; pPoints[0].m_PointX = pPoints[1].m_PointX = pPoints[4].m_PointX = left; pPoints[2].m_PointX = pPoints[3].m_PointX = right; @@ -198,6 +216,7 @@ void CFX_PathData::AppendRect(FX_FLOAT left, FX_FLOAT bottom, FX_FLOAT right, FX pPoints[0].m_Flag = FXPT_MOVETO; pPoints[1].m_Flag = pPoints[2].m_Flag = pPoints[3].m_Flag = FXPT_LINETO; pPoints[4].m_Flag = FXPT_LINETO | FXPT_CLOSEFIGURE; + return TRUE; } CFX_FloatRect CFX_PathData::GetBoundingBox() const { @@ -571,10 +590,13 @@ FX_BOOL CFX_PathData::IsRect(const CFX_AffineMatrix* pMatrix, CFX_FloatRect* pRe } return TRUE; } -void CFX_PathData::Copy(const CFX_PathData &src) +FX_BOOL CFX_PathData::Copy(const CFX_PathData &src) { - SetPointCount(src.m_PointCount); + if (!SetPointCount(src.m_PointCount)) { + return FALSE; + } FXSYS_memcpy32(m_pPoints, src.m_pPoints, sizeof(FX_PATHPOINT) * m_PointCount); + return TRUE; } CFX_GraphStateData::CFX_GraphStateData() { @@ -605,6 +627,9 @@ void CFX_GraphStateData::Copy(const CFX_GraphStateData& src) m_LineWidth = src.m_LineWidth; if (m_DashCount) { m_DashArray = FX_Alloc(FX_FLOAT, m_DashCount); + if (!m_DashArray) { + return; + } FXSYS_memcpy32(m_DashArray, src.m_DashArray, m_DashCount * sizeof(FX_FLOAT)); } } diff --git a/core/src/fxge/ge/fx_ge_ps.cpp b/core/src/fxge/ge/fx_ge_ps.cpp index e81b6bf362..ad572115c5 100644 --- a/core/src/fxge/ge/fx_ge_ps.cpp +++ b/core/src/fxge/ge/fx_ge_ps.cpp @@ -349,6 +349,9 @@ FX_BOOL CFX_PSRenderer::DrawDIBits(const CFX_DIBSource* pSource, FX_DWORD color, int pitch = (width + 7) / 8; FX_DWORD src_size = height * pitch; FX_LPBYTE src_buf = FX_Alloc(FX_BYTE, src_size); + if (!src_buf) { + return FALSE; + } for (int row = 0; row < height; row ++) { FX_LPCBYTE src_scan = pSource->GetScanline(row); FXSYS_memcpy32(src_buf + row * pitch, src_scan, pitch); @@ -422,6 +425,13 @@ FX_BOOL CFX_PSRenderer::DrawDIBits(const CFX_DIBSource* pSource, FX_DWORD color, int src_pitch = width * Bpp; output_size = height * src_pitch; output_buf = FX_Alloc(FX_BYTE, output_size); + if (!output_buf) { + if (pConverted != pSource) { + delete pConverted; + pConverted = NULL; + } + return FALSE; + } for (int row = 0; row < height; row ++) { FX_LPCBYTE src_scan = pConverted->GetScanline(row); FX_LPBYTE dest_scan = output_buf + row * src_pitch; diff --git a/core/src/fxge/ge/fx_ge_text.cpp b/core/src/fxge/ge/fx_ge_text.cpp index f6d2fa510f..21eebb7630 100644 --- a/core/src/fxge/ge/fx_ge_text.cpp +++ b/core/src/fxge/ge/fx_ge_text.cpp @@ -203,6 +203,9 @@ FX_BOOL CFX_RenderDevice::DrawNormalText(int nChars, const FXTEXT_CHARPOS* pChar CFX_FaceCache* pFaceCache = pCache->GetCachedFace(pFont); FX_FONTCACHE_DEFINE(pCache, pFont); FXTEXT_GLYPHPOS* pGlyphAndPos = FX_Alloc(FXTEXT_GLYPHPOS, nChars); + if (!pGlyphAndPos) { + return FALSE; + } int iChar; deviceCtm = char2device; CFX_AffineMatrix matrixCTM = GetCTM(); diff --git a/core/src/fxge/win32/fx_win32_device.cpp b/core/src/fxge/win32/fx_win32_device.cpp index 0717fb1528..00baa2bee9 100644 --- a/core/src/fxge/win32/fx_win32_device.cpp +++ b/core/src/fxge/win32/fx_win32_device.cpp @@ -655,6 +655,9 @@ static HPEN _CreatePen(const CFX_GraphStateData* pGraphState, const CFX_AffineMa FX_DWORD* pDash = NULL; if (pGraphState->m_DashCount) { pDash = FX_Alloc(FX_DWORD, pGraphState->m_DashCount); + if (!pDash) { + return NULL; + } for (int i = 0; i < pGraphState->m_DashCount; i ++) { pDash[i] = FXSYS_round(pMatrix ? pMatrix->TransformDistance(pGraphState->m_DashArray[i]) : pGraphState->m_DashArray[i]); if (pDash[i] < 1) { diff --git a/core/src/fxge/win32/fx_win32_dib.cpp b/core/src/fxge/win32/fx_win32_dib.cpp index 46abdb366c..ec523c39c1 100644 --- a/core/src/fxge/win32/fx_win32_dib.cpp +++ b/core/src/fxge/win32/fx_win32_dib.cpp @@ -69,6 +69,12 @@ CFX_DIBitmap* _FX_WindowsDIB_LoadFromBuf(BITMAPINFO* pbmi, LPVOID pData, FX_BOOL FXSYS_memcpy32(pBitmap->GetBuffer(), pData, pitch * height); if (bBottomUp) { FX_LPBYTE temp_buf = FX_Alloc(FX_BYTE, pitch); + if (!temp_buf) { + if (pBitmap) { + delete pBitmap; + } + return NULL; + } int top = 0, bottom = height - 1; while (top < bottom) { FXSYS_memcpy32(temp_buf, pBitmap->GetBuffer() + top * pitch, pitch); @@ -197,6 +203,13 @@ CFX_DIBitmap* CFX_WindowsDIB::LoadFromDDB(HDC hDC, HBITMAP hBitmap, FX_DWORD* pP size += sizeof (FX_DWORD) * 254; } BITMAPINFO* pbmih = (BITMAPINFO*)FX_Alloc(FX_BYTE, size); + if (!pbmih) { + delete pDIBitmap; + if (bCreatedDC) { + DeleteDC(hDC); + } + return NULL; + } pbmih->bmiHeader.biSize = sizeof(BITMAPINFOHEADER); pbmih->bmiHeader.biBitCount = bmih.biBitCount; pbmih->bmiHeader.biCompression = BI_RGB; diff --git a/core/src/fxge/win32/fx_win32_gdipext.cpp b/core/src/fxge/win32/fx_win32_gdipext.cpp index 67aa16242b..49c3f2b0cf 100644 --- a/core/src/fxge/win32/fx_win32_gdipext.cpp +++ b/core/src/fxge/win32/fx_win32_gdipext.cpp @@ -766,6 +766,9 @@ static GpPen* _GdipCreatePen(const CFX_GraphStateData* pGraphState, const CFX_Af CallFunc(GdipSetPenLineJoin)(pPen, lineJoin); if(pGraphState->m_DashCount) { FX_FLOAT* pDashArray = FX_Alloc(FX_FLOAT, pGraphState->m_DashCount + pGraphState->m_DashCount % 2); + if (!pDashArray) { + return NULL; + } int nCount = 0; FX_FLOAT on_leftover = 0, off_leftover = 0; for (int i = 0; i < pGraphState->m_DashCount; i += 2) { @@ -867,7 +870,14 @@ BOOL CGdiplusExt::DrawPath(HDC hDC, const CFX_PathData* pPathData, CallFunc(GdipSetWorldTransform)(pGraphics, pMatrix); } PointF *points = FX_Alloc(PointF, nPoints); + if (!points) { + return FALSE; + } BYTE * types = FX_Alloc(BYTE, nPoints); + if (!types) { + FX_Free(points); + return FALSE; + } int nSubPathes = 0; FX_BOOL bSubClose = FALSE; int pos_subclose = 0; @@ -1182,6 +1192,12 @@ static PREVIEW3_DIBITMAP* LoadDIBitmap(WINDIB_Open_Args_ args) dest_pixel_format = PixelFormat32bppARGB; } LPBYTE buf = FX_Alloc(BYTE, info_size); + if (!buf) { + if (pStream) { + pStream->Release(); + } + return NULL; + } BITMAPINFOHEADER* pbmih = (BITMAPINFOHEADER*)buf; pbmih->biBitCount = bpp; pbmih->biCompression = BI_RGB; @@ -1190,6 +1206,12 @@ static PREVIEW3_DIBITMAP* LoadDIBitmap(WINDIB_Open_Args_ args) pbmih->biWidth = width; Rect rect(0, 0, width, height); BitmapData* pBitmapData = FX_Alloc(BitmapData, 1); + if (!pBitmapData) { + if (pStream) { + pStream->Release(); + } + return NULL; + } CallFunc(GdipBitmapLockBits)(pBitmap, &rect, ImageLockModeRead, dest_pixel_format, pBitmapData); if (pixel_format == PixelFormat1bppIndexed || pixel_format == PixelFormat8bppIndexed) { @@ -1208,6 +1230,12 @@ static PREVIEW3_DIBITMAP* LoadDIBitmap(WINDIB_Open_Args_ args) } } PREVIEW3_DIBITMAP* pInfo = FX_Alloc(PREVIEW3_DIBITMAP, 1); + if (!pInfo) { + if (pStream) { + pStream->Release(); + } + return NULL; + } pInfo->pbmi = (BITMAPINFO*)buf; pInfo->pScan0 = (LPBYTE)pBitmapData->Scan0; pInfo->Stride = pBitmapData->Stride; diff --git a/core/src/fxge/win32/fx_win32_print.cpp b/core/src/fxge/win32/fx_win32_print.cpp index 670622a5fb..7dc48a1808 100644 --- a/core/src/fxge/win32/fx_win32_print.cpp +++ b/core/src/fxge/win32/fx_win32_print.cpp @@ -295,6 +295,9 @@ FX_BOOL CPSPrinterDriver::Init(HDC hDC, int pslevel, FX_BOOL bCmykOutput) ret = ::GetRegionData(hRgn, 0, NULL); if (ret) { RGNDATA* pData = (RGNDATA*)FX_Alloc(FX_BYTE, ret); + if (!pData) { + return FALSE; + } ret = ::GetRegionData(hRgn, ret, pData); if (ret) { CFX_PathData path; -- cgit v1.2.3