From 088ca03f25fe1f6d75c0ff3b71e0ad3d018a5e0c Mon Sep 17 00:00:00 2001 From: Nicolas Pena Date: Fri, 1 Sep 2017 13:25:16 -0400 Subject: Upgrade OpenJPEG to 2.2.0 This CL upgrades OpenJPEG by copying the files from 2.2.0 and then applying patches. Patch files that are no longer relevant are deleted. The relevant ones are applied manually due to changes in formatting in OpenJPEG. Patch 34 is added to account for opj_malloc changes in PDFium. Bug: chromium:718731 Change-Id: I3d316893eab5e235c9f71222a6818b8ae0c98383 Reviewed-on: https://pdfium-review.googlesource.com/12770 Commit-Queue: dsinclair Reviewed-by: dsinclair --- .../0022-jp2_apply_pclr_overflow.patch | 91 +++++++++++----------- 1 file changed, 45 insertions(+), 46 deletions(-) (limited to 'third_party/libopenjpeg20/0022-jp2_apply_pclr_overflow.patch') diff --git a/third_party/libopenjpeg20/0022-jp2_apply_pclr_overflow.patch b/third_party/libopenjpeg20/0022-jp2_apply_pclr_overflow.patch index 72105fec4f..f4f2ef5c01 100644 --- a/third_party/libopenjpeg20/0022-jp2_apply_pclr_overflow.patch +++ b/third_party/libopenjpeg20/0022-jp2_apply_pclr_overflow.patch @@ -1,53 +1,52 @@ diff --git a/third_party/libopenjpeg20/jp2.c b/third_party/libopenjpeg20/jp2.c -index a6648f6..8128d98 100644 +index 1fa607d66..78a2d22ff 100644 --- a/third_party/libopenjpeg20/jp2.c +++ b/third_party/libopenjpeg20/jp2.c -@@ -972,6 +972,14 @@ static void opj_jp2_apply_pclr(opj_image_t *image, opj_jp2_color_t *color) - nr_channels = color->jp2_pclr->nr_channels; +@@ -1049,6 +1049,14 @@ static OPJ_BOOL opj_jp2_apply_pclr(opj_image_t *image, + } - old_comps = image->comps; -+ /* Overflow check: prevent integer overflow */ -+ for (i = 0; i < nr_channels; ++i) { -+ cmp = cmap[i].cmp; -+ if (old_comps[cmp].h == 0 || old_comps[cmp].w > ((OPJ_UINT32)-1) / sizeof(OPJ_INT32) / old_comps[cmp].h) { -+ return; -+ } -+ } + old_comps = image->comps; ++ /* Overflow check: prevent integer overflow */ ++ for (i = 0; i < nr_channels; ++i) { ++ cmp = cmap[i].cmp; ++ if (old_comps[cmp].h == 0 || old_comps[cmp].w > ((OPJ_UINT32)-1) / sizeof(OPJ_INT32) / old_comps[cmp].h) { ++ return OPJ_FALSE; ++ } ++ } + - new_comps = (opj_image_comp_t*) - opj_malloc(nr_channels * sizeof(opj_image_comp_t)); - if (!new_comps) { -@@ -1011,22 +1019,28 @@ static void opj_jp2_apply_pclr(opj_image_t *image, opj_jp2_color_t *color) - /* Palette mapping: */ - cmp = cmap[i].cmp; pcol = cmap[i].pcol; - src = old_comps[cmp].data; -- assert( src ); -+ dst = new_comps[i].data; - max = new_comps[i].w * new_comps[i].h; + new_comps = (opj_image_comp_t*) + opj_malloc(nr_channels * sizeof(opj_image_comp_t)); + if (!new_comps) { +@@ -1093,21 +1101,27 @@ static OPJ_BOOL opj_jp2_apply_pclr(opj_image_t *image, + cmp = cmap[i].cmp; + pcol = cmap[i].pcol; + src = old_comps[cmp].data; +- assert(src); /* verified above */ ++ dst = new_comps[i].data; + max = new_comps[i].w * new_comps[i].h; -+ /* Prevent null pointer access */ -+ if (!src || !dst) { -+ for (j = 0; j < nr_channels; ++j) { -+ opj_free(new_comps[j].data); -+ } -+ opj_free(new_comps); -+ new_comps = NULL; -+ return; -+ } ++ /* Prevent null pointer access */ ++ if (!src || !dst) { ++ for (j = 0; j < nr_channels; ++j) { ++ opj_free(new_comps[j].data); ++ } ++ opj_free(new_comps); ++ new_comps = NULL; ++ return OPJ_FALSE; ++ } + - /* Direct use: */ - if(cmap[i].mtyp == 0) { - assert( cmp == 0 ); // probably wrong. -- dst = new_comps[i].data; -- assert( dst ); - for(j = 0; j < max; ++j) { - dst[j] = src[j]; - } - } - else { - assert( i == pcol ); // probably wrong? -- dst = new_comps[i].data; -- assert( dst ); - for(j = 0; j < max; ++j) { - /* The index */ - if((k = src[j]) < 0) k = 0; else if(k > top_k) k = top_k; + /* Direct use: */ + if (cmap[i].mtyp == 0) { + assert( cmp == 0 ); // probably wrong. +- dst = new_comps[i].data; +- assert(dst); + for (j = 0; j < max; ++j) { + dst[j] = src[j]; + } + } else { + assert( i == pcol ); // probably wrong? +- dst = new_comps[i].data; +- assert(dst); + for (j = 0; j < max; ++j) { + /* The index */ + if ((k = src[j]) < 0) { -- cgit v1.2.3