[poppler] poppler/SplashOutputDev.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Wed Aug 27 15:59:39 PDT 2008
poppler/SplashOutputDev.cc | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
New commits:
commit 35a72590ffd3284e63601af79599e5fa025e567f
Author: Albert Astals Cid <aacid at kde.org>
Date: Thu Aug 28 00:58:11 2008 +0200
Be more protective against huge font sizes in bogus documents like the one in http://bugs.freedesktop.org/show_bug.cgi?id=17326
10 MB in size is a font of 3200x3200, huge enough to be discarted
diff --git a/poppler/SplashOutputDev.cc b/poppler/SplashOutputDev.cc
index b03f61f..a11b77b 100644
--- a/poppler/SplashOutputDev.cc
+++ b/poppler/SplashOutputDev.cc
@@ -513,10 +513,25 @@ T3FontCache::T3FontCache(Ref *fontIDA, double m11A, double m12A,
cacheSets = 4;
} else if (glyphSize <= 1024) {
cacheSets = 2;
+ } else if (glyphSize <= 2048) {
+ cacheSets = 1;
+ cacheAssoc = 4;
+ } else if (glyphSize <= 4096) {
+ cacheSets = 1;
+ cacheAssoc = 2;
} else {
cacheSets = 1;
+ cacheAssoc = 1;
+ }
+ if (glyphSize < 10485760 / cacheAssoc / cacheSets) {
+ cacheData = (Guchar *)gmallocn_checkoverflow(cacheSets * cacheAssoc, glyphSize);
+ } else {
+ error(-1, "Not creating cacheData for T3FontCache, it asked for too much memory.\n"
+ " This could teoretically result in wrong rendering,\n"
+ " but most probably the document is bogus.\n"
+ " Please report a bug if you think the rendering may be wrong because of this.");
+ cacheData = NULL;
}
- cacheData = (Guchar *)gmallocn_checkoverflow(cacheSets * cacheAssoc, glyphSize);
if (cacheData != NULL)
{
cacheTags = (T3FontCacheTag *)gmallocn(cacheSets * cacheAssoc,
@@ -1589,6 +1604,9 @@ void SplashOutputDev::type3D1(GfxState *state, double wx, double wy,
return;
}
+ if (t3Font->cacheTags == NULL)
+ return;
+
// allocate a cache entry
i = (t3GlyphStack->code & (t3Font->cacheSets - 1)) * t3Font->cacheAssoc;
for (j = 0; j < t3Font->cacheAssoc; ++j) {
More information about the poppler
mailing list