Project import/jbig2dec - Diff 1b76bd4d35...4d3c3129c5
... | ... | --- a/.abf.yml |
... | ... | +++ b/.abf.yml |
... | ... | @@ -1,4 +1,5 @@ |
1 | 1 |
removed_sources:
|
2 | 2 |
jbig2dec-0.11.tar.gz: 349cd765616db7aac1f4dd1d45957d1da65ea925
|
3 |
sources:
|
|
4 | 3 |
jbig2dec-0.13.tar.gz: d7b07ef308e95dc44a83f2193ca4f445630e6355
|
4 |
sources:
|
|
5 |
jbig2dec-0.14.tar.gz: c4c834962d1357f9aaacecd7fca8236326e45975
|
... | ... | --- a/020160518~1369359.patch |
... | ... | +++ /dev/null |
... | ... | @@ -1,22 +0,0 @@ |
0 |
Description: Prevent checking too early for buffer overrun
|
|
1 |
The code has reached near the end of the buffer so you can not just
|
|
2 |
take the last 4 bytes, in this case you have to read any remaining
|
|
3 |
bytes and make a return value based on that, in this edge case you have
|
|
4 |
no bytes to read so the return value is zero.
|
|
5 |
Origin: git://git.ghostscript.com/jbig2dec.git;a=commit;h=1369359
|
|
6 |
Author: Mistry <smistry@trl.co.uk>
|
|
7 |
Bug: http://bugs.ghostscript.com/show_bug.cgi?id=696786
|
|
8 |
Forwarded: yes
|
|
9 |
Last-Update: 2016-08-23
|
|
10 |
|
|
11 |
--- a/jbig2.c
|
|
12 |
+++ b/jbig2.c
|
|
13 |
@@ -387,7 +387,7 @@
|
|
14 |
|
|
15 |
if (offset + 4 < z->size)
|
|
16 |
result = (data[offset] << 24) | (data[offset + 1] << 16) | (data[offset + 2] << 8) | data[offset + 3];
|
|
17 |
- else if (offset >= z->size)
|
|
18 |
+ else if (offset > z->size)
|
|
19 |
return -1;
|
|
20 |
else {
|
|
21 |
int i;
|
... | ... | --- a/020161212~e698d5c.patch |
... | ... | +++ /dev/null |
... | ... | @@ -1,848 +0,0 @@ |
0 |
Description: Squash signed/unsigned warnings in MSVC jbig2 build
|
|
1 |
Also rename "new" to "new_dict", because "new" is a bad variable name.
|
|
2 |
Origin: git://git.ghostscript.com/jbig2dec.git;a=commit;h=e698d5c
|
|
3 |
Author: Robin Watts <robin.watts@artifex.com>
|
|
4 |
Bug: http://bugs.ghostscript.com/show_bug.cgi?id=697457
|
|
5 |
Bug-Debian: https://bugss.debian.org/850497
|
|
6 |
Forwarded: yes
|
|
7 |
Last-Update: 2017-01-23
|
|
8 |
|
|
9 |
--- a/jbig2.c
|
|
10 |
+++ b/jbig2.c
|
|
11 |
@@ -379,7 +379,7 @@
|
|
12 |
} Jbig2WordStreamBuf;
|
|
13 |
|
|
14 |
static int
|
|
15 |
-jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, int offset, uint32_t *word)
|
|
16 |
+jbig2_word_stream_buf_get_next_word(Jbig2WordStream *self, size_t offset, uint32_t *word)
|
|
17 |
{
|
|
18 |
Jbig2WordStreamBuf *z = (Jbig2WordStreamBuf *) self;
|
|
19 |
const byte *data = z->data;
|
|
20 |
@@ -390,7 +390,7 @@
|
|
21 |
else if (offset > z->size)
|
|
22 |
return -1;
|
|
23 |
else {
|
|
24 |
- int i;
|
|
25 |
+ size_t i;
|
|
26 |
|
|
27 |
result = 0;
|
|
28 |
for (i = 0; i < z->size - offset; i++)
|
|
29 |
--- a/jbig2.h
|
|
30 |
+++ b/jbig2.h
|
|
31 |
@@ -56,17 +56,19 @@
|
|
32 |
*/
|
|
33 |
|
|
34 |
struct _Jbig2Image {
|
|
35 |
- int width, height, stride;
|
|
36 |
+ uint32_t width;
|
|
37 |
+ uint32_t height;
|
|
38 |
+ uint32_t stride;
|
|
39 |
uint8_t *data;
|
|
40 |
int refcount;
|
|
41 |
};
|
|
42 |
|
|
43 |
-Jbig2Image *jbig2_image_new(Jbig2Ctx *ctx, int width, int height);
|
|
44 |
+Jbig2Image *jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height);
|
|
45 |
Jbig2Image *jbig2_image_clone(Jbig2Ctx *ctx, Jbig2Image *image);
|
|
46 |
void jbig2_image_release(Jbig2Ctx *ctx, Jbig2Image *image);
|
|
47 |
void jbig2_image_free(Jbig2Ctx *ctx, Jbig2Image *image);
|
|
48 |
void jbig2_image_clear(Jbig2Ctx *ctx, Jbig2Image *image, int value);
|
|
49 |
-Jbig2Image *jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height);
|
|
50 |
+Jbig2Image *jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, uint32_t width, uint32_t height);
|
|
51 |
|
|
52 |
/* errors are returned from the library via a callback. If no callback
|
|
53 |
is provided (a NULL argument is passed ot jbig2_ctx_new) a default
|
|
54 |
--- a/jbig2_generic.c
|
|
55 |
+++ b/jbig2_generic.c
|
|
56 |
@@ -718,7 +718,7 @@
|
|
57 |
byte seg_flags;
|
|
58 |
int8_t gbat[8];
|
|
59 |
int offset;
|
|
60 |
- int gbat_bytes = 0;
|
|
61 |
+ uint32_t gbat_bytes = 0;
|
|
62 |
Jbig2GenericRegionParams params;
|
|
63 |
int code = 0;
|
|
64 |
Jbig2Image *image = NULL;
|
|
65 |
--- a/jbig2_halftone.c
|
|
66 |
+++ b/jbig2_halftone.c
|
|
67 |
@@ -257,8 +257,8 @@
|
|
68 |
{
|
|
69 |
uint8_t **GSVALS = NULL;
|
|
70 |
size_t consumed_bytes = 0;
|
|
71 |
- int i, j, code, stride;
|
|
72 |
- int x, y;
|
|
73 |
+ uint32_t i, j, stride, x, y;
|
|
74 |
+ int code;
|
|
75 |
Jbig2Image **GSPLANES;
|
|
76 |
Jbig2GenericRegionParams rparams;
|
|
77 |
Jbig2WordStream *ws = NULL;
|
|
78 |
@@ -276,9 +276,8 @@
|
|
79 |
if (GSPLANES[i] == NULL) {
|
|
80 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate %dx%d image for GSPLANES", GSW, GSH);
|
|
81 |
/* free already allocated */
|
|
82 |
- for (j = i - 1; j >= 0; --j) {
|
|
83 |
- jbig2_image_release(ctx, GSPLANES[j]);
|
|
84 |
- }
|
|
85 |
+ for (j = i; j > 0;)
|
|
86 |
+ jbig2_image_release(ctx, GSPLANES[--j]);
|
|
87 |
jbig2_free(ctx->allocator, GSPLANES);
|
|
88 |
return NULL;
|
|
89 |
}
|
|
90 |
@@ -323,9 +322,10 @@
|
|
91 |
}
|
|
92 |
|
|
93 |
/* C.5 step 2. Set j = GSBPP-2 */
|
|
94 |
- j = GSBPP - 2;
|
|
95 |
+ j = GSBPP - 1;
|
|
96 |
/* C.5 step 3. decode loop */
|
|
97 |
- while (j >= 0) {
|
|
98 |
+ while (j > 0) {
|
|
99 |
+ j--;
|
|
100 |
/* C.5 step 3. (a) */
|
|
101 |
if (GSMMR) {
|
|
102 |
code = jbig2_decode_halftone_mmr(ctx, &rparams, data + consumed_bytes, size - consumed_bytes, GSPLANES[j], &consumed_bytes);
|
|
103 |
@@ -345,7 +345,6 @@
|
|
104 |
GSPLANES[j]->data[i] ^= GSPLANES[j + 1]->data[i];
|
|
105 |
|
|
106 |
/* C.5 step 3. (c) */
|
|
107 |
- --j;
|
|
108 |
}
|
|
109 |
|
|
110 |
/* allocate GSVALS */
|
|
111 |
@@ -359,9 +358,8 @@
|
|
112 |
if (GSVALS[i] == NULL) {
|
|
113 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate GSVALS: %d bytes", GSH * GSW);
|
|
114 |
/* free already allocated */
|
|
115 |
- for (j = i - 1; j >= 0; --j) {
|
|
116 |
- jbig2_free(ctx->allocator, GSVALS[j]);
|
|
117 |
- }
|
|
118 |
+ for (j = i; j > 0;)
|
|
119 |
+ jbig2_free(ctx->allocator, GSVALS[--j]);
|
|
120 |
jbig2_free(ctx->allocator, GSVALS);
|
|
121 |
GSVALS = NULL;
|
|
122 |
goto cleanup;
|
|
123 |
@@ -450,7 +448,7 @@
|
|
124 |
uint8_t **GI;
|
|
125 |
Jbig2Image *HSKIP = NULL;
|
|
126 |
Jbig2PatternDict *HPATS;
|
|
127 |
- int i;
|
|
128 |
+ uint32_t i;
|
|
129 |
uint32_t mg, ng;
|
|
130 |
int32_t x, y;
|
|
131 |
uint8_t gray_val;
|
|
132 |
@@ -476,7 +474,7 @@
|
|
133 |
|
|
134 |
/* calculate ceil(log2(HNUMPATS)) */
|
|
135 |
HBPP = 0;
|
|
136 |
- while (HNUMPATS > (1 << ++HBPP));
|
|
137 |
+ while (HNUMPATS > (1U << ++HBPP));
|
|
138 |
|
|
139 |
/* 6.6.5 point 4. decode gray-scale image as mentioned in annex C */
|
|
140 |
GI = jbig2_decode_gray_scale_image(ctx, segment, data, size,
|
|
141 |
--- a/jbig2_huffman.c
|
|
142 |
+++ b/jbig2_huffman.c
|
|
143 |
@@ -47,16 +47,16 @@
|
|
144 |
is (offset + 4) * 8. */
|
|
145 |
uint32_t this_word;
|
|
146 |
uint32_t next_word;
|
|
147 |
- int offset_bits;
|
|
148 |
- int offset;
|
|
149 |
- int offset_limit;
|
|
150 |
+ uint32_t offset_bits;
|
|
151 |
+ uint32_t offset;
|
|
152 |
+ uint32_t offset_limit;
|
|
153 |
|
|
154 |
Jbig2WordStream *ws;
|
|
155 |
Jbig2Ctx *ctx;
|
|
156 |
};
|
|
157 |
|
|
158 |
static uint32_t
|
|
159 |
-huff_get_next_word(Jbig2HuffmanState *hs, int offset)
|
|
160 |
+huff_get_next_word(Jbig2HuffmanState *hs, uint32_t offset)
|
|
161 |
{
|
|
162 |
uint32_t word = 0;
|
|
163 |
Jbig2WordStream *ws = hs->ws;
|
|
164 |
@@ -213,7 +213,7 @@
|
|
165 |
/* return the offset of the huffman decode pointer (in bytes)
|
|
166 |
* from the beginning of the WordStream
|
|
167 |
*/
|
|
168 |
-int
|
|
169 |
+uint32_t
|
|
170 |
jbig2_huffman_offset(Jbig2HuffmanState *hs)
|
|
171 |
{
|
|
172 |
return hs->offset + (hs->offset_bits >> 3);
|
|
173 |
--- a/jbig2_huffman.h
|
|
174 |
+++ b/jbig2_huffman.h
|
|
175 |
@@ -64,7 +64,7 @@
|
|
176 |
|
|
177 |
void jbig2_huffman_advance(Jbig2HuffmanState *hs, int offset);
|
|
178 |
|
|
179 |
-int jbig2_huffman_offset(Jbig2HuffmanState *hs);
|
|
180 |
+uint32_t jbig2_huffman_offset(Jbig2HuffmanState *hs);
|
|
181 |
|
|
182 |
int32_t jbig2_huffman_get(Jbig2HuffmanState *hs, const Jbig2HuffmanTable *table, bool *oob);
|
|
183 |
|
|
184 |
--- a/jbig2_image.c
|
|
185 |
+++ b/jbig2_image.c
|
|
186 |
@@ -32,10 +32,10 @@
|
|
187 |
|
|
188 |
/* allocate a Jbig2Image structure and its associated bitmap */
|
|
189 |
Jbig2Image *
|
|
190 |
-jbig2_image_new(Jbig2Ctx *ctx, int width, int height)
|
|
191 |
+jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height)
|
|
192 |
{
|
|
193 |
Jbig2Image *image;
|
|
194 |
- int stride;
|
|
195 |
+ uint32_t stride;
|
|
196 |
int64_t check;
|
|
197 |
|
|
198 |
image = jbig2_new(ctx, Jbig2Image, 1);
|
|
199 |
@@ -99,7 +99,7 @@
|
|
200 |
|
|
201 |
/* resize a Jbig2Image */
|
|
202 |
Jbig2Image *
|
|
203 |
-jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, int width, int height)
|
|
204 |
+jbig2_image_resize(Jbig2Ctx *ctx, Jbig2Image *image, uint32_t width, uint32_t height)
|
|
205 |
{
|
|
206 |
if (width == image->width) {
|
|
207 |
/* check for integer multiplication overflow */
|
|
208 |
@@ -133,11 +133,11 @@
|
|
209 |
static int
|
|
210 |
jbig2_image_compose_unopt(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int y, Jbig2ComposeOp op)
|
|
211 |
{
|
|
212 |
- int i, j;
|
|
213 |
- int sw = src->width;
|
|
214 |
- int sh = src->height;
|
|
215 |
- int sx = 0;
|
|
216 |
- int sy = 0;
|
|
217 |
+ uint32_t i, j;
|
|
218 |
+ uint32_t sw = src->width;
|
|
219 |
+ uint32_t sh = src->height;
|
|
220 |
+ uint32_t sx = 0;
|
|
221 |
+ uint32_t sy = 0;
|
|
222 |
|
|
223 |
/* clip to the dst image boundaries */
|
|
224 |
if (x < 0) {
|
|
225 |
@@ -200,10 +200,10 @@
|
|
226 |
int
|
|
227 |
jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int y, Jbig2ComposeOp op)
|
|
228 |
{
|
|
229 |
- int i, j;
|
|
230 |
- int w, h;
|
|
231 |
- int leftbyte, rightbyte;
|
|
232 |
- int shift;
|
|
233 |
+ uint32_t i, j;
|
|
234 |
+ uint32_t w, h;
|
|
235 |
+ uint32_t leftbyte, rightbyte;
|
|
236 |
+ uint32_t shift;
|
|
237 |
uint8_t *s, *ss;
|
|
238 |
uint8_t *d, *dd;
|
|
239 |
uint8_t mask, rightmask;
|
|
240 |
@@ -226,8 +226,8 @@
|
|
241 |
h += y;
|
|
242 |
y = 0;
|
|
243 |
}
|
|
244 |
- w = (x + w < dst->width) ? w : dst->width - x;
|
|
245 |
- h = (y + h < dst->height) ? h : dst->height - y;
|
|
246 |
+ w = ((uint32_t)x + w < dst->width) ? w : ((dst->width >= (uint32_t)x) ? dst->width - (uint32_t)x : 0);
|
|
247 |
+ h = ((uint32_t)y + h < dst->height) ? h : ((dst->height >= (uint32_t)y) ? dst->height - (uint32_t)y : 0);
|
|
248 |
#ifdef JBIG2_DEBUG
|
|
249 |
jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "compositing %dx%d at (%d, %d) after clipping\n", w, h, x, y);
|
|
250 |
#endif
|
|
251 |
@@ -249,8 +249,8 @@
|
|
252 |
}
|
|
253 |
#endif
|
|
254 |
|
|
255 |
- leftbyte = x >> 3;
|
|
256 |
- rightbyte = (x + w - 1) >> 3;
|
|
257 |
+ leftbyte = (uint32_t)x >> 3;
|
|
258 |
+ rightbyte = ((uint32_t)x + w - 1) >> 3;
|
|
259 |
shift = x & 7;
|
|
260 |
|
|
261 |
/* general OR case */
|
|
262 |
--- a/jbig2_mmr.c
|
|
263 |
+++ b/jbig2_mmr.c
|
|
264 |
@@ -38,19 +38,21 @@
|
|
265 |
#include "jbig2_mmr.h"
|
|
266 |
|
|
267 |
typedef struct {
|
|
268 |
- int width;
|
|
269 |
- int height;
|
|
270 |
+ uint32_t width;
|
|
271 |
+ uint32_t height;
|
|
272 |
const byte *data;
|
|
273 |
size_t size;
|
|
274 |
- int data_index;
|
|
275 |
- int bit_index;
|
|
276 |
+ uint32_t data_index;
|
|
277 |
+ uint32_t bit_index;
|
|
278 |
uint32_t word;
|
|
279 |
} Jbig2MmrCtx;
|
|
280 |
|
|
281 |
+#define MINUS1 ((uint32_t)-1)
|
|
282 |
+
|
|
283 |
static void
|
|
284 |
jbig2_decode_mmr_init(Jbig2MmrCtx *mmr, int width, int height, const byte *data, size_t size)
|
|
285 |
{
|
|
286 |
- int i;
|
|
287 |
+ size_t i;
|
|
288 |
uint32_t word = 0;
|
|
289 |
|
|
290 |
mmr->width = width;
|
|
291 |
@@ -732,14 +734,14 @@
|
|
292 |
#define getbit(buf, x) ( ( buf[x >> 3] >> ( 7 - (x & 7) ) ) & 1 )
|
|
293 |
|
|
294 |
static int
|
|
295 |
-jbig2_find_changing_element(const byte *line, int x, int w)
|
|
296 |
+jbig2_find_changing_element(const byte *line, uint32_t x, uint32_t w)
|
|
297 |
{
|
|
298 |
int a, b;
|
|
299 |
|
|
300 |
if (line == 0)
|
|
301 |
- return w;
|
|
302 |
+ return (int)w;
|
|
303 |
|
|
304 |
- if (x == -1) {
|
|
305 |
+ if (x == MINUS1) {
|
|
306 |
a = 0;
|
|
307 |
x = 0;
|
|
308 |
} else {
|
|
309 |
@@ -758,7 +760,7 @@
|
|
310 |
}
|
|
311 |
|
|
312 |
static int
|
|
313 |
-jbig2_find_changing_element_of_color(const byte *line, int x, int w, int color)
|
|
314 |
+jbig2_find_changing_element_of_color(const byte *line, uint32_t x, uint32_t w, int color)
|
|
315 |
{
|
|
316 |
if (line == 0)
|
|
317 |
return w;
|
|
318 |
@@ -772,9 +774,9 @@
|
|
319 |
static const byte rm[8] = { 0x00, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
|
|
320 |
|
|
321 |
static void
|
|
322 |
-jbig2_set_bits(byte *line, int x0, int x1)
|
|
323 |
+jbig2_set_bits(byte *line, uint32_t x0, uint32_t x1)
|
|
324 |
{
|
|
325 |
- int a0, a1, b0, b1, a;
|
|
326 |
+ uint32_t a0, a1, b0, b1, a;
|
|
327 |
|
|
328 |
a0 = x0 >> 3;
|
|
329 |
a1 = x1 >> 3;
|
|
330 |
@@ -831,8 +833,8 @@
|
|
331 |
static int
|
|
332 |
jbig2_decode_mmr_line(Jbig2MmrCtx *mmr, const byte *ref, byte *dst)
|
|
333 |
{
|
|
334 |
- int a0 = -1;
|
|
335 |
- int a1, a2, b1, b2;
|
|
336 |
+ uint32_t a0 = MINUS1;
|
|
337 |
+ uint32_t a1, a2, b1, b2;
|
|
338 |
int c = 0; /* 0 is white, black is 1 */
|
|
339 |
|
|
340 |
while (1) {
|
|
341 |
@@ -840,7 +842,7 @@
|
|
342 |
|
|
343 |
/* printf ("%08x\n", word); */
|
|
344 |
|
|
345 |
- if (a0 >= mmr->width)
|
|
346 |
+ if (a0 != MINUS1 && a0 >= mmr->width)
|
|
347 |
break;
|
|
348 |
|
|
349 |
if ((word >> (32 - 3)) == 1) {
|
|
350 |
@@ -848,7 +850,7 @@
|
|
351 |
|
|
352 |
jbig2_decode_mmr_consume(mmr, 3);
|
|
353 |
|
|
354 |
- if (a0 == -1)
|
|
355 |
+ if (a0 == MINUS1)
|
|
356 |
a0 = 0;
|
|
357 |
|
|
358 |
if (c == 0) {
|
|
359 |
@@ -860,7 +862,7 @@
|
|
360 |
a1 = mmr->width;
|
|
361 |
if (a2 > mmr->width)
|
|
362 |
a2 = mmr->width;
|
|
363 |
- if (a2 < a1 || a1 < 0)
|
|
364 |
+ if (a1 == MINUS1 || a2 < a1)
|
|
365 |
return -1;
|
|
366 |
jbig2_set_bits(dst, a1, a2);
|
|
367 |
a0 = a2;
|
|
368 |
@@ -874,7 +876,7 @@
|
|
369 |
a1 = mmr->width;
|
|
370 |
if (a2 > mmr->width)
|
|
371 |
a2 = mmr->width;
|
|
372 |
- if (a1 < a0 || a0 < 0)
|
|
373 |
+ if (a0 == MINUS1 || a1 < a0)
|
|
374 |
return -1;
|
|
375 |
jbig2_set_bits(dst, a0, a1);
|
|
376 |
a0 = a2;
|
|
377 |
@@ -888,7 +890,7 @@
|
|
378 |
b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
|
|
379 |
b2 = jbig2_find_changing_element(ref, b1, mmr->width);
|
|
380 |
if (c) {
|
|
381 |
- if (b2 < a0 || a0 < 0)
|
|
382 |
+ if (a0 == MINUS1 || b2 < a0)
|
|
383 |
return -1;
|
|
384 |
jbig2_set_bits(dst, a0, b2);
|
|
385 |
}
|
|
386 |
@@ -900,7 +902,7 @@
|
|
387 |
jbig2_decode_mmr_consume(mmr, 1);
|
|
388 |
b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
|
|
389 |
if (c) {
|
|
390 |
- if (b1 < a0 || a0 < 0)
|
|
391 |
+ if (a0 == MINUS1 || b1 < a0)
|
|
392 |
return -1;
|
|
393 |
jbig2_set_bits(dst, a0, b1);
|
|
394 |
}
|
|
395 |
@@ -915,7 +917,7 @@
|
|
396 |
if (b1 + 1 > mmr->width)
|
|
397 |
break;
|
|
398 |
if (c) {
|
|
399 |
- if (b1 + 1 < a0 || a0 < 0)
|
|
400 |
+ if (a0 == MINUS1 || b1 + 1 < a0)
|
|
401 |
return -1;
|
|
402 |
jbig2_set_bits(dst, a0, b1 + 1);
|
|
403 |
}
|
|
404 |
@@ -930,7 +932,7 @@
|
|
405 |
if (b1 + 2 > mmr->width)
|
|
406 |
break;
|
|
407 |
if (c) {
|
|
408 |
- if (b1 + 2 < a0 || a0 < 0)
|
|
409 |
+ if (a0 == MINUS1 || b1 + 2 < a0)
|
|
410 |
return -1;
|
|
411 |
jbig2_set_bits(dst, a0, b1 + 2);
|
|
412 |
}
|
|
413 |
@@ -942,10 +944,10 @@
|
|
414 |
/* printf ("VR(3)\n"); */
|
|
415 |
jbig2_decode_mmr_consume(mmr, 7);
|
|
416 |
b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
|
|
417 |
- if (b1 + 3 > mmr->width)
|
|
418 |
+ if (b1 + 3 > (int)mmr->width)
|
|
419 |
break;
|
|
420 |
if (c) {
|
|
421 |
- if (b1 + 3 < a0 || a0 < 0)
|
|
422 |
+ if (a0 == MINUS1 || b1 + 3 < a0)
|
|
423 |
return -1;
|
|
424 |
jbig2_set_bits(dst, a0, b1 + 3);
|
|
425 |
}
|
|
426 |
@@ -957,10 +959,10 @@
|
|
427 |
/* printf ("VL(1)\n"); */
|
|
428 |
jbig2_decode_mmr_consume(mmr, 3);
|
|
429 |
b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
|
|
430 |
- if (b1 - 1 < 0)
|
|
431 |
+ if (b1 < 1)
|
|
432 |
break;
|
|
433 |
if (c) {
|
|
434 |
- if (b1 - 1 < a0 || a0 < 0)
|
|
435 |
+ if (a0 == MINUS1 || b1 - 1 < a0)
|
|
436 |
return -1;
|
|
437 |
jbig2_set_bits(dst, a0, b1 - 1);
|
|
438 |
}
|
|
439 |
@@ -972,7 +974,7 @@
|
|
440 |
/* printf ("VL(2)\n"); */
|
|
441 |
jbig2_decode_mmr_consume(mmr, 6);
|
|
442 |
b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
|
|
443 |
- if (b1 - 2 < 0)
|
|
444 |
+ if (b1 < 2)
|
|
445 |
break;
|
|
446 |
if (c) {
|
|
447 |
if (b1 - 2 < a0 || a0 < 0)
|
|
448 |
@@ -987,10 +989,10 @@
|
|
449 |
/* printf ("VL(3)\n"); */
|
|
450 |
jbig2_decode_mmr_consume(mmr, 7);
|
|
451 |
b1 = jbig2_find_changing_element_of_color(ref, a0, mmr->width, !c);
|
|
452 |
- if (b1 - 3 < 0)
|
|
453 |
+ if (b1 < 3)
|
|
454 |
break;
|
|
455 |
if (c) {
|
|
456 |
- if (b1 - 3 < a0 || a0 < 0)
|
|
457 |
+ if (a0 == MINUS1 || b1 - 3 < a0)
|
|
458 |
return -1;
|
|
459 |
jbig2_set_bits(dst, a0, b1 - 3);
|
|
460 |
}
|
|
461 |
@@ -1009,10 +1011,10 @@
|
|
462 |
jbig2_decode_generic_mmr(Jbig2Ctx *ctx, Jbig2Segment *segment, const Jbig2GenericRegionParams *params, const byte *data, size_t size, Jbig2Image *image)
|
|
463 |
{
|
|
464 |
Jbig2MmrCtx mmr;
|
|
465 |
- const int rowstride = image->stride;
|
|
466 |
+ const uint32_t rowstride = image->stride;
|
|
467 |
byte *dst = image->data;
|
|
468 |
byte *ref = NULL;
|
|
469 |
- int y;
|
|
470 |
+ uint32_t y;
|
|
471 |
int code = 0;
|
|
472 |
|
|
473 |
jbig2_decode_mmr_init(&mmr, image->width, image->height, data, size);
|
|
474 |
@@ -1047,10 +1049,10 @@
|
|
475 |
jbig2_decode_halftone_mmr(Jbig2Ctx *ctx, const Jbig2GenericRegionParams *params, const byte *data, size_t size, Jbig2Image *image, size_t *consumed_bytes)
|
|
476 |
{
|
|
477 |
Jbig2MmrCtx mmr;
|
|
478 |
- const int rowstride = image->stride;
|
|
479 |
+ const uint32_t rowstride = image->stride;
|
|
480 |
byte *dst = image->data;
|
|
481 |
byte *ref = NULL;
|
|
482 |
- int y;
|
|
483 |
+ uint32_t y;
|
|
484 |
int code = 0;
|
|
485 |
const uint32_t EOFB = 0x001001;
|
|
486 |
|
|
487 |
--- a/jbig2_page.c
|
|
488 |
+++ b/jbig2_page.c
|
|
489 |
@@ -155,9 +155,9 @@
|
|
490 |
jbig2_end_of_stripe(Jbig2Ctx *ctx, Jbig2Segment *segment, const uint8_t *segment_data)
|
|
491 |
{
|
|
492 |
Jbig2Page page = ctx->pages[ctx->current_page];
|
|
493 |
- int end_row;
|
|
494 |
+ uint32_t end_row;
|
|
495 |
|
|
496 |
- end_row = jbig2_get_int32(segment_data);
|
|
497 |
+ end_row = jbig2_get_uint32(segment_data);
|
|
498 |
if (end_row < page.end_row) {
|
|
499 |
jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number,
|
|
500 |
"end of stripe segment with non-positive end row advance" " (new end row %d vs current end row %d)", end_row, page.end_row);
|
|
501 |
@@ -248,7 +248,7 @@
|
|
502 |
|
|
503 |
/* grow the page to accomodate a new stripe if necessary */
|
|
504 |
if (page->striped) {
|
|
505 |
- int new_height = y + image->height + page->end_row;
|
|
506 |
+ uint32_t new_height = y + image->height + page->end_row;
|
|
507 |
|
|
508 |
if (page->image->height < new_height) {
|
|
509 |
jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "growing page buffer to %d rows " "to accomodate new stripe", new_height);
|
|
510 |
--- a/jbig2_priv.h
|
|
511 |
+++ b/jbig2_priv.h
|
|
512 |
@@ -132,7 +132,7 @@
|
|
513 |
uint32_t x_resolution, y_resolution; /* in pixels per meter */
|
|
514 |
uint16_t stripe_size;
|
|
515 |
bool striped;
|
|
516 |
- int end_row;
|
|
517 |
+ uint32_t end_row;
|
|
518 |
uint8_t flags;
|
|
519 |
Jbig2Image *image;
|
|
520 |
};
|
|
521 |
@@ -182,7 +182,7 @@
|
|
522 |
typedef struct _Jbig2WordStream Jbig2WordStream;
|
|
523 |
|
|
524 |
struct _Jbig2WordStream {
|
|
525 |
- int (*get_next_word)(Jbig2WordStream *self, int offset, uint32_t *word);
|
|
526 |
+ int (*get_next_word)(Jbig2WordStream *self, size_t offset, uint32_t *word);
|
|
527 |
};
|
|
528 |
|
|
529 |
Jbig2WordStream *jbig2_word_stream_buf_new(Jbig2Ctx *ctx, const byte *data, size_t size);
|
|
530 |
--- a/jbig2_segment.c
|
|
531 |
+++ b/jbig2_segment.c
|
|
532 |
@@ -39,10 +39,10 @@
|
|
533 |
uint8_t rtscarf;
|
|
534 |
uint32_t rtscarf_long;
|
|
535 |
uint32_t *referred_to_segments;
|
|
536 |
- int referred_to_segment_count;
|
|
537 |
- int referred_to_segment_size;
|
|
538 |
- int pa_size;
|
|
539 |
- int offset;
|
|
540 |
+ uint32_t referred_to_segment_count;
|
|
541 |
+ uint32_t referred_to_segment_size;
|
|
542 |
+ uint32_t pa_size;
|
|
543 |
+ uint32_t offset;
|
|
544 |
|
|
545 |
/* minimum possible size of a jbig2 segment header */
|
|
546 |
if (buf_size < 11)
|
|
547 |
@@ -83,7 +83,7 @@
|
|
548 |
|
|
549 |
/* 7.2.5 */
|
|
550 |
if (referred_to_segment_count) {
|
|
551 |
- int i;
|
|
552 |
+ uint32_t i;
|
|
553 |
|
|
554 |
referred_to_segments = jbig2_new(ctx, uint32_t, referred_to_segment_count * referred_to_segment_size);
|
|
555 |
if (referred_to_segments == NULL) {
|
|
556 |
--- a/jbig2_symbol_dict.c
|
|
557 |
+++ b/jbig2_symbol_dict.c
|
|
558 |
@@ -88,40 +88,40 @@
|
|
559 |
|
|
560 |
/* return a new empty symbol dict */
|
|
561 |
Jbig2SymbolDict *
|
|
562 |
-jbig2_sd_new(Jbig2Ctx *ctx, int n_symbols)
|
|
563 |
+jbig2_sd_new(Jbig2Ctx *ctx, uint32_t n_symbols)
|
|
564 |
{
|
|
565 |
- Jbig2SymbolDict *new = NULL;
|
|
566 |
+ Jbig2SymbolDict *new_dict = NULL;
|
|
567 |
|
|
568 |
if (n_symbols < 0) {
|
|
569 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "Negative number of symbols in symbol dict: %d", n_symbols);
|
|
570 |
return NULL;
|
|
571 |
}
|
|
572 |
|
|
573 |
- new = jbig2_new(ctx, Jbig2SymbolDict, 1);
|
|
574 |
- if (new != NULL) {
|
|
575 |
- new->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols);
|
|
576 |
- new->n_symbols = n_symbols;
|
|
577 |
+ new_dict = jbig2_new(ctx, Jbig2SymbolDict, 1);
|
|
578 |
+ if (new_dict != NULL) {
|
|
579 |
+ new_dict->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols);
|
|
580 |
+ new_dict->n_symbols = n_symbols;
|
|
581 |
} else {
|
|
582 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "unable to allocate new empty symbol dict");
|
|
583 |
return NULL;
|
|
584 |
}
|
|
585 |
|
|
586 |
- if (new->glyphs != NULL) {
|
|
587 |
- memset(new->glyphs, 0, n_symbols * sizeof(Jbig2Image *));
|
|
588 |
+ if (new_dict->glyphs != NULL) {
|
|
589 |
+ memset(new_dict->glyphs, 0, n_symbols * sizeof(Jbig2Image *));
|
|
590 |
} else {
|
|
591 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "unable to allocate glyphs for new empty symbol dict");
|
|
592 |
- jbig2_free(ctx->allocator, new);
|
|
593 |
+ jbig2_free(ctx->allocator, new_dict);
|
|
594 |
return NULL;
|
|
595 |
}
|
|
596 |
|
|
597 |
- return new;
|
|
598 |
+ return new_dict;
|
|
599 |
}
|
|
600 |
|
|
601 |
/* release the memory associated with a symbol dict */
|
|
602 |
void
|
|
603 |
jbig2_sd_release(Jbig2Ctx *ctx, Jbig2SymbolDict *dict)
|
|
604 |
{
|
|
605 |
- int i;
|
|
606 |
+ uint32_t i;
|
|
607 |
|
|
608 |
if (dict == NULL)
|
|
609 |
return;
|
|
610 |
@@ -142,12 +142,12 @@
|
|
611 |
}
|
|
612 |
|
|
613 |
/* count the number of dictionary segments referred to by the given segment */
|
|
614 |
-int
|
|
615 |
+uint32_t
|
|
616 |
jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment)
|
|
617 |
{
|
|
618 |
int index;
|
|
619 |
Jbig2Segment *rsegment;
|
|
620 |
- int n_dicts = 0;
|
|
621 |
+ uint32_t n_dicts = 0;
|
|
622 |
|
|
623 |
for (index = 0; index < segment->referred_to_segment_count; index++) {
|
|
624 |
rsegment = jbig2_find_segment(ctx, segment->referred_to_segments[index]);
|
|
625 |
@@ -166,8 +166,8 @@
|
|
626 |
int index;
|
|
627 |
Jbig2Segment *rsegment;
|
|
628 |
Jbig2SymbolDict **dicts;
|
|
629 |
- int n_dicts = jbig2_sd_count_referred(ctx, segment);
|
|
630 |
- int dindex = 0;
|
|
631 |
+ uint32_t n_dicts = jbig2_sd_count_referred(ctx, segment);
|
|
632 |
+ uint32_t dindex = 0;
|
|
633 |
|
|
634 |
dicts = jbig2_new(ctx, Jbig2SymbolDict *, n_dicts);
|
|
635 |
if (dicts == NULL) {
|
|
636 |
@@ -195,10 +195,10 @@
|
|
637 |
/* generate a new symbol dictionary by concatenating a list of
|
|
638 |
existing dictionaries */
|
|
639 |
Jbig2SymbolDict *
|
|
640 |
-jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts)
|
|
641 |
+jbig2_sd_cat(Jbig2Ctx *ctx, uint32_t n_dicts, Jbig2SymbolDict **dicts)
|
|
642 |
{
|
|
643 |
- int i, j, k, symbols;
|
|
644 |
- Jbig2SymbolDict *new = NULL;
|
|
645 |
+ uint32_t i, j, k, symbols;
|
|
646 |
+ Jbig2SymbolDict *new_dict = NULL;
|
|
647 |
|
|
648 |
/* count the imported symbols and allocate a new array */
|
|
649 |
symbols = 0;
|
|
650 |
@@ -206,17 +206,17 @@
|
|
651 |
symbols += dicts[i]->n_symbols;
|
|
652 |
|
|
653 |
/* fill a new array with cloned glyph pointers */
|
|
654 |
- new = jbig2_sd_new(ctx, symbols);
|
|
655 |
- if (new != NULL) {
|
|
656 |
+ new_dict = jbig2_sd_new(ctx, symbols);
|
|
657 |
+ if (new_dict != NULL) {
|
|
658 |
k = 0;
|
|
659 |
for (i = 0; i < n_dicts; i++)
|
|
660 |
for (j = 0; j < dicts[i]->n_symbols; j++)
|
|
661 |
- new->glyphs[k++] = jbig2_image_clone(ctx, dicts[i]->glyphs[j]);
|
|
662 |
+ new_dict->glyphs[k++] = jbig2_image_clone(ctx, dicts[i]->glyphs[j]);
|
|
663 |
} else {
|
|
664 |
jbig2_error(ctx, JBIG2_SEVERITY_WARNING, -1, "failed to allocate new symbol dictionary");
|
|
665 |
}
|
|
666 |
|
|
667 |
- return new;
|
|
668 |
+ return new_dict;
|
|
669 |
}
|
|
670 |
|
|
671 |
/* Decoding routines */
|
|
672 |
@@ -431,7 +431,7 @@
|
|
673 |
|
|
674 |
if (REFAGGNINST > 1) {
|
|
675 |
Jbig2Image *image;
|
|
676 |
- int i;
|
|
677 |
+ uint32_t i;
|
|
678 |
|
|
679 |
if (tparams == NULL) {
|
|
680 |
/* First time through, we need to initialise the */
|
|
681 |
@@ -512,7 +512,7 @@
|
|
682 |
uint32_t ID;
|
|
683 |
int32_t RDX, RDY;
|
|
684 |
int BMSIZE = 0;
|
|
685 |
- int ninsyms = params->SDNUMINSYMS;
|
|
686 |
+ uint32_t ninsyms = params->SDNUMINSYMS;
|
|
687 |
int code1 = 0;
|
|
688 |
int code2 = 0;
|
|
689 |
int code3 = 0;
|
|
690 |
@@ -609,8 +609,9 @@
|
|
691 |
if (params->SDHUFF && !params->SDREFAGG) {
|
|
692 |
/* 6.5.9 */
|
|
693 |
Jbig2Image *image;
|
|
694 |
- int BMSIZE = jbig2_huffman_get(hs, params->SDHUFFBMSIZE, &code);
|
|
695 |
- int j, x;
|
|
696 |
+ uint32_t BMSIZE = jbig2_huffman_get(hs, params->SDHUFFBMSIZE, &code);
|
|
697 |
+ uint32_t j;
|
|
698 |
+ int x;
|
|
699 |
|
|
700 |
if (code || (BMSIZE < 0)) {
|
|
701 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "error decoding size of collective bitmap!");
|
|
702 |
@@ -700,22 +701,22 @@
|
|
703 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to allocate symbols exported from symbols dictionary");
|
|
704 |
goto cleanup4;
|
|
705 |
} else {
|
|
706 |
- int i = 0;
|
|
707 |
- int j = 0;
|
|
708 |
- int k;
|
|
709 |
+ uint32_t i = 0;
|
|
710 |
+ uint32_t j = 0;
|
|
711 |
+ uint32_t k;
|
|
712 |
int exflag = 0;
|
|
713 |
- int64_t limit = params->SDNUMINSYMS + params->SDNUMNEWSYMS;
|
|
714 |
- int32_t exrunlength;
|
|
715 |
+ uint32_t limit = params->SDNUMINSYMS + params->SDNUMNEWSYMS;
|
|
716 |
+ uint32_t exrunlength;
|
|
717 |
int zerolength = 0;
|
|
718 |
|
|
719 |
while (i < limit) {
|
|
720 |
if (params->SDHUFF)
|
|
721 |
exrunlength = jbig2_huffman_get(hs, SBHUFFRSIZE, &code);
|
|
722 |
else
|
|
723 |
- code = jbig2_arith_int_decode(IAEX, as, &exrunlength);
|
|
724 |
+ code = jbig2_arith_int_decode(IAEX, as, (int32_t *)&exrunlength);
|
|
725 |
/* prevent infinite loop */
|
|
726 |
zerolength = exrunlength > 0 ? 0 : zerolength + 1;
|
|
727 |
- if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength > params->SDNUMEXSYMS - j))) {
|
|
728 |
+ if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength + j > params->SDNUMEXSYMS))) {
|
|
729 |
if (code)
|
|
730 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to decode exrunlength for exported symbols");
|
|
731 |
else if (exrunlength <= 0)
|
|
732 |
@@ -797,8 +798,8 @@
|
|
733 |
{
|
|
734 |
Jbig2SymbolDictParams params;
|
|
735 |
uint16_t flags;
|
|
736 |
- int sdat_bytes;
|
|
737 |
- int offset;
|
|
738 |
+ uint32_t sdat_bytes;
|
|
739 |
+ uint32_t offset;
|
|
740 |
Jbig2ArithCx *GB_stats = NULL;
|
|
741 |
Jbig2ArithCx *GR_stats = NULL;
|
|
742 |
int table_index = 0;
|
|
743 |
@@ -951,7 +952,7 @@
|
|
744 |
|
|
745 |
/* 7.4.2.2 (2) */
|
|
746 |
{
|
|
747 |
- int n_dicts = jbig2_sd_count_referred(ctx, segment);
|
|
748 |
+ uint32_t n_dicts = jbig2_sd_count_referred(ctx, segment);
|
|
749 |
Jbig2SymbolDict **dicts = NULL;
|
|
750 |
|
|
751 |
if (n_dicts > 0) {
|
|
752 |
--- a/jbig2_symbol_dict.h
|
|
753 |
+++ b/jbig2_symbol_dict.h
|
|
754 |
@@ -32,18 +32,18 @@
|
|
755 |
Jbig2Image *jbig2_sd_glyph(Jbig2SymbolDict *dict, unsigned int id);
|
|
756 |
|
|
757 |
/* return a new empty symbol dict */
|
|
758 |
-Jbig2SymbolDict *jbig2_sd_new(Jbig2Ctx *ctx, int n_symbols);
|
|
759 |
+Jbig2SymbolDict *jbig2_sd_new(Jbig2Ctx *ctx, uint32_t n_symbols);
|
|
760 |
|
|
761 |
/* release the memory associated with a symbol dict */
|
|
762 |
void jbig2_sd_release(Jbig2Ctx *ctx, Jbig2SymbolDict *dict);
|
|
763 |
|
|
764 |
/* generate a new symbol dictionary by concatenating a list of
|
|
765 |
existing dictionaries */
|
|
766 |
-Jbig2SymbolDict *jbig2_sd_cat(Jbig2Ctx *ctx, int n_dicts, Jbig2SymbolDict **dicts);
|
|
767 |
+Jbig2SymbolDict *jbig2_sd_cat(Jbig2Ctx *ctx, uint32_t n_dicts, Jbig2SymbolDict **dicts);
|
|
768 |
|
|
769 |
/* count the number of dictionary segments referred
|
|
770 |
to by the given segment */
|
|
771 |
-int jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment);
|
|
772 |
+uint32_t jbig2_sd_count_referred(Jbig2Ctx *ctx, Jbig2Segment *segment);
|
|
773 |
|
|
774 |
/* return an array of pointers to symbol dictionaries referred
|
|
775 |
to by a segment */
|
|
776 |
--- a/jbig2_text.c
|
|
777 |
+++ b/jbig2_text.c
|
|
778 |
@@ -55,7 +55,7 @@
|
|
779 |
int
|
|
780 |
jbig2_decode_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment,
|
|
781 |
const Jbig2TextRegionParams *params,
|
|
782 |
- const Jbig2SymbolDict *const *dicts, const int n_dicts,
|
|
783 |
+ const Jbig2SymbolDict *const *dicts, const uint32_t n_dicts,
|
|
784 |
Jbig2Image *image, const byte *data, const size_t size, Jbig2ArithCx *GR_stats, Jbig2ArithState *as, Jbig2WordStream *ws)
|
|
785 |
{
|
|
786 |
/* relevent bits of 6.4.4 */
|
|
787 |
@@ -476,19 +476,19 @@
|
|
788 |
int
|
|
789 |
jbig2_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment, const byte *segment_data)
|
|
790 |
{
|
|
791 |
- int offset = 0;
|
|
792 |
+ uint32_t offset = 0;
|
|
793 |
Jbig2RegionSegmentInfo region_info;
|
|
794 |
Jbig2TextRegionParams params;
|
|
795 |
Jbig2Image *image = NULL;
|
|
796 |
Jbig2SymbolDict **dicts = NULL;
|
|
797 |
- int n_dicts = 0;
|
|
798 |
+ uint32_t n_dicts = 0;
|
|
799 |
uint16_t flags = 0;
|
|
800 |
uint16_t huffman_flags = 0;
|
|
801 |
Jbig2ArithCx *GR_stats = NULL;
|
|
802 |
int code = 0;
|
|
803 |
Jbig2WordStream *ws = NULL;
|
|
804 |
Jbig2ArithState *as = NULL;
|
|
805 |
- int table_index = 0;
|
|
806 |
+ uint32_t table_index = 0;
|
|
807 |
const Jbig2HuffmanParams *huffman_params = NULL;
|
|
808 |
|
|
809 |
/* 7.4.1 */
|
|
810 |
@@ -779,7 +779,7 @@
|
|
811 |
code = jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "unable to retrive symbol dictionaries! previous parsing error?");
|
|
812 |
goto cleanup1;
|
|
813 |
} else {
|
|
814 |
- int index;
|
|
815 |
+ uint32_t index;
|
|
816 |
|
|
817 |
if (dicts[0] == NULL) {
|
|
818 |
code = jbig2_error(ctx, JBIG2_SEVERITY_WARNING, segment->number, "unable to find first referenced symbol dictionary!");
|
|
819 |
@@ -823,8 +823,8 @@
|
|
820 |
}
|
|
821 |
|
|
822 |
if (!params.SBHUFF) {
|
|
823 |
- int SBSYMCODELEN, index;
|
|
824 |
- int SBNUMSYMS = 0;
|
|
825 |
+ uint32_t SBSYMCODELEN, index;
|
|
826 |
+ uint32_t SBNUMSYMS = 0;
|
|
827 |
|
|
828 |
for (index = 0; index < n_dicts; index++) {
|
|
829 |
SBNUMSYMS += dicts[index]->n_symbols;
|
|
830 |
@@ -840,7 +840,7 @@
|
|
831 |
}
|
|
832 |
|
|
833 |
/* Table 31 */
|
|
834 |
- for (SBSYMCODELEN = 0; (1 << SBSYMCODELEN) < SBNUMSYMS; SBSYMCODELEN++) {
|
|
835 |
+ for (SBSYMCODELEN = 0; (1U << SBSYMCODELEN) < SBNUMSYMS; SBSYMCODELEN++) {
|
|
836 |
}
|
|
837 |
params.IAID = jbig2_arith_iaid_ctx_new(ctx, SBSYMCODELEN);
|
|
838 |
params.IARI = jbig2_arith_int_ctx_new(ctx);
|
|
839 |
--- a/jbig2_text.h
|
|
840 |
+++ b/jbig2_text.h
|
|
841 |
@@ -70,5 +70,5 @@
|
|
842 |
int
|
|
843 |
jbig2_decode_text_region(Jbig2Ctx *ctx, Jbig2Segment *segment,
|
|
844 |
const Jbig2TextRegionParams *params,
|
|
845 |
- const Jbig2SymbolDict *const *dicts, const int n_dicts,
|
|
846 |
+ const Jbig2SymbolDict *const *dicts, const uint32_t n_dicts,
|
|
847 |
Jbig2Image *image, const byte *data, const size_t size, Jbig2ArithCx *GR_stats, Jbig2ArithState *as, Jbig2WordStream *ws);
|
... | ... | --- a/020161214~9d2c4f3.patch |
... | ... | +++ /dev/null |
... | ... | @@ -1,60 +0,0 @@ |
0 |
Description: Fix warnings: remove unsigned < 0 tests that are always false
|
|
1 |
Origin: git://git.ghostscript.com/jbig2dec.git;a=commit;h=9d2c4f3
|
|
2 |
Author: Tor Andersson <tor.andersson@artifex.com>
|
|
3 |
Forwarded: yes
|
|
4 |
Last-Update: 2017-01-23
|
|
5 |
|
|
6 |
--- a/jbig2_image.c
|
|
7 |
+++ b/jbig2_image.c
|
|
8 |
@@ -256,7 +256,7 @@
|
|
9 |
/* general OR case */
|
|
10 |
s = ss;
|
|
11 |
d = dd = dst->data + y * dst->stride + leftbyte;
|
|
12 |
- if (d < dst->data || leftbyte > dst->stride || h * dst->stride < 0 || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride) {
|
|
13 |
+ if (d < dst->data || leftbyte > dst->stride || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride) {
|
|
14 |
return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "preventing heap overflow in jbig2_image_compose");
|
|
15 |
}
|
|
16 |
if (leftbyte == rightbyte) {
|
|
17 |
--- a/jbig2_mmr.c
|
|
18 |
+++ b/jbig2_mmr.c
|
|
19 |
@@ -977,7 +977,7 @@
|
|
20 |
if (b1 < 2)
|
|
21 |
break;
|
|
22 |
if (c) {
|
|
23 |
- if (b1 - 2 < a0 || a0 < 0)
|
|
24 |
+ if (a0 == MINUS1 || b1 - 2 < a0)
|
|
25 |
return -1;
|
|
26 |
jbig2_set_bits(dst, a0, b1 - 2);
|
|
27 |
}
|
|
28 |
--- a/jbig2_symbol_dict.c
|
|
29 |
+++ b/jbig2_symbol_dict.c
|
|
30 |
@@ -92,11 +92,6 @@
|
|
31 |
{
|
|
32 |
Jbig2SymbolDict *new_dict = NULL;
|
|
33 |
|
|
34 |
- if (n_symbols < 0) {
|
|
35 |
- jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "Negative number of symbols in symbol dict: %d", n_symbols);
|
|
36 |
- return NULL;
|
|
37 |
- }
|
|
38 |
-
|
|
39 |
new_dict = jbig2_new(ctx, Jbig2SymbolDict, 1);
|
|
40 |
if (new_dict != NULL) {
|
|
41 |
new_dict->glyphs = jbig2_new(ctx, Jbig2Image *, n_symbols);
|
|
42 |
@@ -613,7 +608,7 @@
|
|
43 |
uint32_t j;
|
|
44 |
int x;
|
|
45 |
|
|
46 |
- if (code || (BMSIZE < 0)) {
|
|
47 |
+ if (code) {
|
|
48 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "error decoding size of collective bitmap!");
|
|
49 |
goto cleanup4;
|
|
50 |
}
|
|
51 |
@@ -716,7 +711,7 @@
|
|
52 |
code = jbig2_arith_int_decode(IAEX, as, (int32_t *)&exrunlength);
|
|
53 |
/* prevent infinite loop */
|
|
54 |
zerolength = exrunlength > 0 ? 0 : zerolength + 1;
|
|
55 |
- if (code || (exrunlength > limit - i) || (exrunlength < 0) || (zerolength > 4) || (exflag && (exrunlength + j > params->SDNUMEXSYMS))) {
|
|
56 |
+ if (code || (exrunlength > limit - i) || (zerolength > 4) || (exflag && (exrunlength + j > params->SDNUMEXSYMS))) {
|
|
57 |
if (code)
|
|
58 |
jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "failed to decode exrunlength for exported symbols");
|
|
59 |
else if (exrunlength <= 0)
|
... | ... | --- a/jbig2dec-0.10-jbig2dec-nullderef.diff |
... | ... | +++ /dev/null |
... | ... | @@ -1,43 +0,0 @@ |
0 |
--- jbig2_symbol_dict.c 2009-07-16 06:44:49.000000000 +0200
|
|
1 |
+++ jbig2_symbol_dict.c.oden 2011-01-02 17:36:54.918410199 +0100
|
|
2 |
@@ -367,6 +367,11 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
|
|
3 |
memcpy(region_params.gbat, params->sdat, sdat_bytes);
|
|
4 |
|
|
5 |
image = jbig2_image_new(ctx, SYMWIDTH, HCHEIGHT);
|
|
6 |
+ if (image == NULL) {
|
|
7 |
+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number,
|
|
8 |
+ "failed to allocate image storage");
|
|
9 |
+ return NULL;
|
|
10 |
+ }
|
|
11 |
|
|
12 |
code = jbig2_decode_generic_region(ctx, segment, ®ion_params,
|
|
13 |
as, image, GB_stats);
|
|
14 |
@@ -517,6 +522,11 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
|
|
15 |
ID, RDX, RDY);
|
|
16 |
|
|
17 |
image = jbig2_image_new(ctx, SYMWIDTH, HCHEIGHT);
|
|
18 |
+ if (image == NULL) {
|
|
19 |
+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number,
|
|
20 |
+ "failed to allocate image storage");
|
|
21 |
+ return NULL;
|
|
22 |
+ }
|
|
23 |
|
|
24 |
/* Table 18 */
|
|
25 |
rparams.GRTEMPLATE = params->SDRTEMPLATE;
|
|
26 |
@@ -635,6 +645,16 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
|
|
27 |
for (j = HCFIRSTSYM; j < NSYMSDECODED; j++) {
|
|
28 |
Jbig2Image *glyph;
|
|
29 |
glyph = jbig2_image_new(ctx, SDNEWSYMWIDTHS[j], HCHEIGHT);
|
|
30 |
+ if (glyph == NULL) {
|
|
31 |
+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number,
|
|
32 |
+ "error allocating image storage for glyph");
|
|
33 |
+ while (--j >= HCFIRSTSYM) {
|
|
34 |
+ jbig2_image_release(ctx, SDNEWSYMS->glyphs[j]);
|
|
35 |
+ SDNEWSYMS->glyphs[j] = NULL;
|
|
36 |
+ }
|
|
37 |
+ jbig2_image_release(ctx, image);
|
|
38 |
+ return NULL;
|
|
39 |
+ }
|
|
40 |
jbig2_image_compose(ctx, glyph, image,
|
|
41 |
-x, 0, JBIG2_COMPOSE_REPLACE);
|
|
42 |
x += SDNEWSYMWIDTHS[j];
|
... | ... | --- a/jbig2dec.spec |
... | ... | +++ b/jbig2dec.spec |
... | ... | @@ -4,16 +4,13 @@ |
4 | 4 |
|
5 | 5 |
Summary: A decoder implementation of the JBIG2 image compression format
|
6 | 6 |
Name: jbig2dec
|
7 |
Version: 0.13
|
|
7 |
Version: 0.14
|
|
8 | 8 |
Release: 1
|
9 | 9 |
License: GPLv2+
|
10 | 10 |
Group: Graphics
|
11 | 11 |
Url: http://jbig2dec.sourceforge.net/
|
12 | 12 |
Source0: http://ghostscript.com/~giles/jbig2/jbig2dec/%{name}-%{version}.tar.gz
|
13 | 13 |
Patch2: jbig2dec-0.11-automake-1.13.patch
|
14 |
Patch3: 020160518~1369359.patch
|
|
15 |
Patch4: 020161212~e698d5c.patch
|
|
16 |
Patch5: 020161214~9d2c4f3.patch
|
|
17 | 14 |
Patch6: 1001_ignore_python_test.patch
|
18 | 15 |
Patch8: 2001_disable_memento.patch
|
19 | 16 |
BuildRequires: autoconf
|