[Libreoffice-commits] core.git: 14 commits - sfx2/inc sfx2/source svx/source sw/source vcl/qa vcl/source
Caolán McNamara
caolanm at redhat.com
Wed Nov 12 04:25:56 PST 2014
sfx2/inc/bitset.hxx | 4
sfx2/inc/idpool.hxx | 56 ----------
sfx2/source/bastyp/bitset.cxx | 41 +++----
sfx2/source/menu/mnuitem.cxx | 1
sfx2/source/menu/virtmenu.cxx | 1
svx/source/tbxctrls/itemwin.cxx | 2
sw/source/core/crsr/crstrvl.cxx | 6 -
sw/source/core/doc/DocumentLinksAdministrationManager.cxx | 34 ++----
vcl/qa/cppunit/graphicfilter/data/bmp/pass/afl-sample-bad-rle-1.bmp |binary
vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-1.gif |binary
vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-2.gif |binary
vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png |binary
vcl/source/filter/graphicfilter.cxx | 4
vcl/source/filter/igif/gifread.cxx | 53 +++++----
vcl/source/fontsubset/cff.cxx | 11 +
vcl/source/gdi/dibtools.cxx | 43 ++++++-
vcl/source/gdi/pngread.cxx | 6 -
17 files changed, 122 insertions(+), 140 deletions(-)
New commits:
commit 631378fe110ec7c4161a6c36011640522b881c27
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 11:53:25 2014 +0000
valgrind: logic for last-ditch svg detection is busted
bIsGZip was never set, and the condition that uses it is additionally inverted
Change-Id: I0496bb27435c4323d74c1b99467d3ede68e7bee6
diff --git a/vcl/source/filter/graphicfilter.cxx b/vcl/source/filter/graphicfilter.cxx
index b7d0466..8552488 100644
--- a/vcl/source/filter/graphicfilter.cxx
+++ b/vcl/source/filter/graphicfilter.cxx
@@ -662,6 +662,8 @@ static bool ImpPeekGraphicFormat( SvStream& rStream, OUString& rFormatExtension,
nCheckSize = nDecompressedSize < 256 ? nDecompressedSize : 256;
aCodec.EndCompression();
pCheckArray = sExtendedOrDecompressedFirstBytes;
+
+ bIsGZip = true;
}
bool bIsSvg(false);
@@ -696,7 +698,7 @@ static bool ImpPeekGraphicFormat( SvStream& rStream, OUString& rFormatExtension,
pCheckArray = sExtendedOrDecompressedFirstBytes;
- if(!bIsGZip)
+ if (bIsGZip)
{
nCheckSize = nDecompressedSize < 2048 ? nDecompressedSize : 2048;
}
commit 3cd91d1204f8982b2ac7861e4479c8614a8d960f
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 11:26:37 2014 +0000
coverity#735490 reimplement bit counting
with a classic solution rather than a bizarro one that
confuses coverity
Change-Id: Id9427a47693897683193c0c778f0cd6c39740f6f
diff --git a/sfx2/source/bastyp/bitset.cxx b/sfx2/source/bastyp/bitset.cxx
index 621e565..bff716d 100644
--- a/sfx2/source/bastyp/bitset.cxx
+++ b/sfx2/source/bastyp/bitset.cxx
@@ -283,24 +283,19 @@ bool BitSet::operator==( const BitSet& rSet ) const
return true;
}
-
-
// counts the number of 1-bits in the parameter
-
-sal_uInt16 BitSet::CountBits( sal_uInt32 nBits )
+// Wegner/Kernighan/Ritchie method
+sal_uInt16 BitSet::CountBits(sal_uInt32 nBits)
{
- sal_uInt16 nCount = 0;
- int nBit = 32;
- while ( nBit-- && nBits )
- { if ( ( (long)nBits ) < 0 )
- ++nCount;
- nBits = nBits << 1;
+ sal_uInt32 nCount = 0;
+ while (nBits)
+ {
+ nBits &= nBits - 1; // clear the least significant bit set
+ ++nCount;
}
return nCount;
}
-
-
sal_uInt16 IndexBitSet::GetFreeIndex()
{
for(sal_uInt16 i=0;i<USHRT_MAX;i++)
commit c24df3e0904cdf8aa289db435ad3e6dc8c25a437
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 11:09:55 2014 +0000
sal_uIntPtr->sal_uInt32 for BitSet
because this ancient horror expects a 32bit type here
Change-Id: Icf8b775ea67afa0ead559a55b8c335ad1afc4010
diff --git a/sfx2/inc/bitset.hxx b/sfx2/inc/bitset.hxx
index fdc17e1..e884746 100644
--- a/sfx2/inc/bitset.hxx
+++ b/sfx2/inc/bitset.hxx
@@ -25,11 +25,11 @@ private:
void CopyFrom( const BitSet& rSet );
sal_uInt16 nBlocks;
sal_uInt16 nCount;
- sal_uIntPtr* pBitmap;
+ sal_uInt32* pBitmap;
public:
BitSet operator<<( sal_uInt16 nOffset ) const;
BitSet operator>>( sal_uInt16 nOffset ) const;
- static sal_uInt16 CountBits( sal_uIntPtr nBits );
+ static sal_uInt16 CountBits(sal_uInt32 nBits);
bool operator!() const;
BitSet();
BitSet( const BitSet& rOrig );
diff --git a/sfx2/source/bastyp/bitset.cxx b/sfx2/source/bastyp/bitset.cxx
index d8ded8b..621e565 100644
--- a/sfx2/source/bastyp/bitset.cxx
+++ b/sfx2/source/bastyp/bitset.cxx
@@ -37,7 +37,7 @@ BitSet BitSet::operator<<( sal_uInt16 nOffset ) const
// compute the shiftment in long-words and bits
sal_uInt16 nBlockDiff = nOffset / 32;
- sal_uIntPtr nBitValDiff = nOffset % 32;
+ sal_uInt32 nBitValDiff = nOffset % 32;
// compute the new number of bits
for ( sal_uInt16 nBlock = 0; nBlock < nBlockDiff; ++nBlock )
@@ -64,7 +64,7 @@ BitSet BitSet::operator<<( sal_uInt16 nOffset ) const
// shorten the block-array
if ( nTarget < aSet.nBlocks )
{
- sal_uIntPtr* pNewMap = new sal_uIntPtr[nTarget];
+ sal_uInt32* pNewMap = new sal_uInt32[nTarget];
memcpy( pNewMap, aSet.pBitmap, 4 * nTarget );
delete [] aSet.pBitmap;
aSet.pBitmap = pNewMap;
@@ -93,7 +93,7 @@ void BitSet::CopyFrom( const BitSet& rSet )
nBlocks = rSet.nBlocks;
if ( rSet.nBlocks )
{
- pBitmap = new sal_uIntPtr[nBlocks];
+ pBitmap = new sal_uInt32[nBlocks];
memcpy( pBitmap, rSet.pBitmap, 4 * nBlocks );
}
else
@@ -152,10 +152,10 @@ BitSet& BitSet::operator=( sal_uInt16 nBit )
delete [] pBitmap;
nBlocks = nBit / 32;
- sal_uIntPtr nBitVal = 1L << (nBit % 32);
+ sal_uInt32 nBitVal = 1L << (nBit % 32);
nCount = 1;
- pBitmap = new sal_uIntPtr[nBlocks + 1];
+ pBitmap = new sal_uInt32[nBlocks + 1];
memset( pBitmap, 0, 4 * (nBlocks + 1) );
*(pBitmap+nBlocks) = nBitVal;
@@ -170,7 +170,7 @@ BitSet& BitSet::operator=( sal_uInt16 nBit )
BitSet& BitSet::operator-=(sal_uInt16 nBit)
{
sal_uInt16 nBlock = nBit / 32;
- sal_uIntPtr nBitVal = 1L << (nBit % 32);
+ sal_uInt32 nBitVal = 1L << (nBit % 32);
if ( nBlock >= nBlocks )
return *this;
@@ -195,7 +195,7 @@ BitSet& BitSet::operator|=( const BitSet& rSet )
// expand the bitmap
if ( nBlocks < rSet.nBlocks )
{
- sal_uIntPtr *pNewMap = new sal_uIntPtr[rSet.nBlocks];
+ sal_uInt32 *pNewMap = new sal_uInt32[rSet.nBlocks];
memset( pNewMap + nBlocks, 0, 4 * (rSet.nBlocks - nBlocks) );
if ( pBitmap )
@@ -211,7 +211,7 @@ BitSet& BitSet::operator|=( const BitSet& rSet )
for ( sal_uInt16 nBlock = 0; nBlock < nMax; ++nBlock )
{
// compute numberof additional bits
- sal_uIntPtr nDiff = ~*(pBitmap+nBlock) & *(rSet.pBitmap+nBlock);
+ sal_uInt32 nDiff = ~*(pBitmap+nBlock) & *(rSet.pBitmap+nBlock);
nCount = nCount + CountBits(nDiff);
*(pBitmap+nBlock) |= *(rSet.pBitmap+nBlock);
@@ -227,11 +227,11 @@ BitSet& BitSet::operator|=( const BitSet& rSet )
BitSet& BitSet::operator|=( sal_uInt16 nBit )
{
sal_uInt16 nBlock = nBit / 32;
- sal_uIntPtr nBitVal = 1L << (nBit % 32);
+ sal_uInt32 nBitVal = 1L << (nBit % 32);
if ( nBlock >= nBlocks )
{
- sal_uIntPtr *pNewMap = new sal_uIntPtr[nBlock+1];
+ sal_uInt32 *pNewMap = new sal_uInt32[nBlock+1];
memset( pNewMap + nBlocks, 0, 4 * (nBlock - nBlocks + 1) );
if ( pBitmap )
@@ -259,7 +259,7 @@ BitSet& BitSet::operator|=( sal_uInt16 nBit )
bool BitSet::Contains( sal_uInt16 nBit ) const
{
sal_uInt16 nBlock = nBit / 32;
- sal_uIntPtr nBitVal = 1L << (nBit % 32);
+ sal_uInt32 nBitVal = 1L << (nBit % 32);
if ( nBlock >= nBlocks )
return false;
@@ -287,7 +287,7 @@ bool BitSet::operator==( const BitSet& rSet ) const
// counts the number of 1-bits in the parameter
-sal_uInt16 BitSet::CountBits( sal_uIntPtr nBits )
+sal_uInt16 BitSet::CountBits( sal_uInt32 nBits )
{
sal_uInt16 nCount = 0;
int nBit = 32;
commit 95f4ec094fdd0e06626ac4f7952309c18877c3e9
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 11:03:34 2014 +0000
ditch this unused idpool horror
Change-Id: I527b310126518357f9830f75d16b4848c9383999
diff --git a/sfx2/inc/idpool.hxx b/sfx2/inc/idpool.hxx
deleted file mode 100644
index 89d3077..0000000
--- a/sfx2/inc/idpool.hxx
+++ /dev/null
@@ -1,56 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
-/*
- * This file is part of the LibreOffice project.
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * This file incorporates work covered by the following license notice:
- *
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed
- * with this work for additional information regarding copyright
- * ownership. The ASF licenses this file to you under the Apache
- * License, Version 2.0 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.apache.org/licenses/LICENSE-2.0 .
- */
-#ifndef INCLUDED_SFX2_INC_IDPOOL_HXX
-#define INCLUDED_SFX2_INC_IDPOOL_HXX
-
-#include <limits.h>
-#include "bitset.hxx"
-
-// class IdPool ----------------------------------------------------------
-
-class IdPool: private BitSet
-{
-private:
- sal_uInt16 nNextFree;
- sal_uInt16 nRange;
- sal_uInt16 nOffset;
-public:
- bool Lock( const BitSet& rLockSet );
- bool IsLocked( sal_uInt16 nId ) const;
- IdPool( sal_uInt16 nMin = 1, sal_uInt16 nMax = USHRT_MAX );
- sal_uInt16 Get();
- bool Put( sal_uInt16 nId );
- bool Lock( const Range& rRange );
- bool Lock( sal_uInt16 nId );
-
-};
-
-
-
-// returns sal_True if the id is locked
-
-inline bool IdPool::IsLocked( sal_uInt16 nId ) const
-{
- return ( this->Contains(nId-nOffset) );
-}
-
-
-#endif
-
-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sfx2/source/menu/mnuitem.cxx b/sfx2/source/menu/mnuitem.cxx
index c92de8a..8db0e1e 100644
--- a/sfx2/source/menu/mnuitem.cxx
+++ b/sfx2/source/menu/mnuitem.cxx
@@ -46,7 +46,6 @@
#include <sfx2/msg.hxx>
#include <sfx2/bindings.hxx>
#include <sfx2/dispatch.hxx>
-#include "idpool.hxx"
#include "sfxtypes.hxx"
#include "virtmenu.hxx"
#include <sfx2/mnuitem.hxx>
diff --git a/sfx2/source/menu/virtmenu.cxx b/sfx2/source/menu/virtmenu.cxx
index ea3faab..84c4208 100644
--- a/sfx2/source/menu/virtmenu.cxx
+++ b/sfx2/source/menu/virtmenu.cxx
@@ -32,7 +32,6 @@
#include <sfx2/msgpool.hxx>
#include "statcach.hxx"
#include <sfx2/msg.hxx>
-#include "idpool.hxx"
#include <sfx2/mnuitem.hxx>
#include <sfx2/mnumgr.hxx>
#include <sfx2/bindings.hxx>
commit a9aee04ecfbc4494b752b10e2a2348a0ccb991f1
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 10:49:40 2014 +0000
valgrind+afl: bad rle
Change-Id: I0a9e5fc88ed1fcc7f1bd21218cabeb0adf65c9f4
diff --git a/vcl/qa/cppunit/graphicfilter/data/bmp/pass/afl-sample-bad-rle-1.bmp b/vcl/qa/cppunit/graphicfilter/data/bmp/pass/afl-sample-bad-rle-1.bmp
new file mode 100644
index 0000000..1ca6e00
Binary files /dev/null and b/vcl/qa/cppunit/graphicfilter/data/bmp/pass/afl-sample-bad-rle-1.bmp differ
diff --git a/vcl/source/gdi/dibtools.cxx b/vcl/source/gdi/dibtools.cxx
index 93f5dad..9750513 100644
--- a/vcl/source/gdi/dibtools.cxx
+++ b/vcl/source/gdi/dibtools.cxx
@@ -283,9 +283,10 @@ bool ImplReadDIBPalette( SvStream& rIStm, BitmapWriteAccess& rAcc, bool bQuad )
return( rIStm.GetError() == 0UL );
}
-void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess& rAcc, bool bRLE4 )
+bool ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess& rAcc, bool bRLE4 )
{
- Scanline pRLE = pBuffer;
+ Scanline pRLE = pBuffer;
+ Scanline pEndRLE = pBuffer + rHeader.nSizeImage;
long nY = rHeader.nHeight - 1L;
const sal_uLong nWidth = rAcc.Width();
sal_uLong nCountByte;
@@ -296,8 +297,12 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
do
{
+ if (pRLE == pEndRLE)
+ return false;
if( ( nCountByte = *pRLE++ ) == 0 )
{
+ if (pRLE == pEndRLE)
+ return false;
nRunByte = *pRLE++;
if( nRunByte > 2 )
@@ -308,6 +313,9 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
for( sal_uLong i = 0UL; i < nCountByte; i++ )
{
+ if (pRLE == pEndRLE)
+ return false;
+
cTmp = *pRLE++;
if( nX < nWidth )
@@ -319,6 +327,9 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
if( nRunByte & 1 )
{
+ if (pRLE == pEndRLE)
+ return false;
+
if( nX < nWidth )
rAcc.SetPixelIndex( nY, nX++, *pRLE >> 4 );
@@ -326,12 +337,20 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
}
if( ( ( nRunByte + 1 ) >> 1 ) & 1 )
+ {
+ if (pRLE == pEndRLE)
+ return false;
+
pRLE++;
+ }
}
else
{
for( sal_uLong i = 0UL; i < nRunByte; i++ )
{
+ if (pRLE == pEndRLE)
+ return false;
+
if( nX < nWidth )
rAcc.SetPixelIndex( nY, nX++, *pRLE );
@@ -339,7 +358,12 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
}
if( nRunByte & 1 )
+ {
+ if (pRLE == pEndRLE)
+ return false;
+
pRLE++;
+ }
}
}
else if( !nRunByte )
@@ -351,12 +375,21 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
bEndDecoding = true;
else
{
+ if (pRLE == pEndRLE)
+ return false;
+
nX += *pRLE++;
+
+ if (pRLE == pEndRLE)
+ return false;
+
nY -= *pRLE++;
}
}
else
{
+ if (pRLE == pEndRLE)
+ return false;
cTmp = *pRLE++;
if( bRLE4 )
@@ -382,7 +415,9 @@ void ImplDecodeRLE( sal_uInt8* pBuffer, DIBV5Header& rHeader, BitmapWriteAccess&
}
}
}
- while ( !bEndDecoding && ( nY >= 0L ) );
+ while (!bEndDecoding && (nY >= 0L));
+
+ return true;
}
bool ImplReadDIBBits(SvStream& rIStm, DIBV5Header& rHeader, BitmapWriteAccess& rAcc, BitmapWriteAccess* pAccAlpha, bool bTopDown, bool& rAlphaUsed)
commit c6bad400de605adf9c4cb32663b0f3610dab7024
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 10:39:32 2014 +0000
coverity#735344 Unchecked return value from library
Change-Id: I6dbb5ce74225e092d4098174fd4b53aa8c4201fa
diff --git a/vcl/source/fontsubset/cff.cxx b/vcl/source/fontsubset/cff.cxx
index 1bb6f06..1d22d09 100644
--- a/vcl/source/fontsubset/cff.cxx
+++ b/vcl/source/fontsubset/cff.cxx
@@ -1778,11 +1778,14 @@ size_t Type1Emitter::updateLen( int nTellPos, size_t nLength)
cData[1] = static_cast<U8>(nLength >> 8);
cData[2] = static_cast<U8>(nLength >> 16);
cData[3] = static_cast<U8>(nLength >> 24);
- const long nCurrPos = ftell( mpFileOut);
- fseek( mpFileOut, nTellPos, SEEK_SET);
- size_t nWrote = fwrite( cData, 1, sizeof(cData), mpFileOut);
+ const long nCurrPos = ftell(mpFileOut);
+ if (nCurrPos < 0)
+ return 0;
+ if (fseek( mpFileOut, nTellPos, SEEK_SET) != 0)
+ return 0;
+ size_t nWrote = fwrite(cData, 1, sizeof(cData), mpFileOut);
if( nCurrPos >= 0)
- fseek( mpFileOut, nCurrPos, SEEK_SET);
+ (void)fseek(mpFileOut, nCurrPos, SEEK_SET);
return nWrote;
}
commit 8d38824b3866d5a1da7d792bd06613ecc4c52be5
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 10:36:34 2014 +0000
coverity#1187642 Unchecked return value
Change-Id: I6b96ef79d0996e5b783d27c4da8e45ddeac5c7ab
diff --git a/svx/source/tbxctrls/itemwin.cxx b/svx/source/tbxctrls/itemwin.cxx
index e5a7fb5..ebc7161 100644
--- a/svx/source/tbxctrls/itemwin.cxx
+++ b/svx/source/tbxctrls/itemwin.cxx
@@ -375,7 +375,7 @@ bool SvxMetricField::Notify( NotifyEvent& rNEvt )
SfxViewShell* pSh = SfxViewShell::Current();
if ( rKey.GetModifier() && rKey.GetGroup() != KEYGROUP_CURSOR && pSh )
- pSh->KeyInput( *pKEvt );
+ (void)pSh->KeyInput( *pKEvt );
else
{
bool bHandled = false;
commit 84e44386d70e886f9bae633ebe915ea3a52f8dbd
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 10:35:18 2014 +0000
coverity#982189 Unchecked return value
Change-Id: I6f5ef42b38236ea5f70ddbccfa25a81f2f3e976c
diff --git a/sw/source/core/crsr/crstrvl.cxx b/sw/source/core/crsr/crstrvl.cxx
index 73f6e35..f688b5e 100644
--- a/sw/source/core/crsr/crstrvl.cxx
+++ b/sw/source/core/crsr/crstrvl.cxx
@@ -983,10 +983,8 @@ bool SwCrsrShell::GotoPrevOutline()
SwNode* pNd = &(pCrsr->GetNode());
sal_uInt16 nPos;
- rNds.GetOutLineNds().Seek_Entry( pNd, &nPos );
-
- bool bRet = false;
- if( nPos )
+ bool bRet = rNds.GetOutLineNds().Seek_Entry(pNd, &nPos);
+ if (bRet && nPos)
{
--nPos; // before
diff --git a/sw/source/core/doc/DocumentLinksAdministrationManager.cxx b/sw/source/core/doc/DocumentLinksAdministrationManager.cxx
index 0d2633c..1d596a4 100644
--- a/sw/source/core/doc/DocumentLinksAdministrationManager.cxx
+++ b/sw/source/core/doc/DocumentLinksAdministrationManager.cxx
@@ -498,24 +498,22 @@ bool DocumentLinksAdministrationManager::SelectServerObj( const OUString& rStr,
const SwOutlineNodes& rOutlNds = m_rDoc.GetNodes().GetOutLineNds();
sal_uInt16 nTmpPos;
- if ( rOutlNds.Seek_Entry( pNd, &nTmpPos ) )
- {
- rpRange = new SwNodeRange( aPos.nNode, 0, aPos.nNode );
-
- // look for the section's end, now
- for( ++nTmpPos;
- nTmpPos < rOutlNds.size() &&
- nLvl < rOutlNds[ nTmpPos ]->GetTxtNode()->
- GetAttrOutlineLevel()-1;
- ++nTmpPos )
- ; // there is no block
-
- if( nTmpPos < rOutlNds.size() )
- rpRange->aEnd = *rOutlNds[ nTmpPos ];
- else
- rpRange->aEnd = m_rDoc.GetNodes().GetEndOfContent();
- return true;
- }
+ (void)rOutlNds.Seek_Entry( pNd, &nTmpPos );
+ rpRange = new SwNodeRange( aPos.nNode, 0, aPos.nNode );
+
+ // look for the section's end, now
+ for( ++nTmpPos;
+ nTmpPos < rOutlNds.size() &&
+ nLvl < rOutlNds[ nTmpPos ]->GetTxtNode()->
+ GetAttrOutlineLevel()-1;
+ ++nTmpPos )
+ ; // there is no block
+
+ if( nTmpPos < rOutlNds.size() )
+ rpRange->aEnd = *rOutlNds[ nTmpPos ];
+ else
+ rpRange->aEnd = m_rDoc.GetNodes().GetEndOfContent();
+ return true;
}
}
commit 1e9a50075bd39e1387f43605eeaa0132af1bd2c0
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 10:20:54 2014 +0000
valgrind+afl: short read
Change-Id: I4e78a434e4e49b376864549f7b96ca515eb1654a
diff --git a/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read.gif b/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-1.gif
similarity index 100%
rename from vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read.gif
rename to vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-1.gif
diff --git a/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-2.gif b/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-2.gif
new file mode 100644
index 0000000..cddbdc3
Binary files /dev/null and b/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read-2.gif differ
diff --git a/vcl/source/filter/igif/gifread.cxx b/vcl/source/filter/igif/gifread.cxx
index 720aeec..7ded7a0 100644
--- a/vcl/source/filter/igif/gifread.cxx
+++ b/vcl/source/filter/igif/gifread.cxx
@@ -356,8 +356,8 @@ bool GIFReader::ReadLocalHeader()
sal_uInt8 pBuf[ 9 ];
bool bRet = false;
- rIStm.Read( pBuf, 9 );
- if( NO_PENDING( rIStm ) )
+ sal_Size nRead = rIStm.Read(pBuf, 9);
+ if (NO_PENDING(rIStm) && nRead == 9)
{
SvMemoryStream aMemStm;
BitmapPalette* pPal;
diff --git a/vcl/source/gdi/dibtools.cxx b/vcl/source/gdi/dibtools.cxx
index f624382..93f5dad 100644
--- a/vcl/source/gdi/dibtools.cxx
+++ b/vcl/source/gdi/dibtools.cxx
@@ -451,7 +451,7 @@ bool ImplReadDIBBits(SvStream& rIStm, DIBV5Header& rHeader, BitmapWriteAccess& r
boost::scoped_array<sal_uInt8> pBuffer(
new sal_uInt8[rHeader.nSizeImage]);
- if (rIStm.Read((char*)pBuffer.get(), rHeader.nSizeImage)
+ if (rIStm.Read(pBuffer.get(), rHeader.nSizeImage)
!= rHeader.nSizeImage)
{
return false;
commit a967c85b13819e2c81082edec0f217259dca7ca8
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 09:53:14 2014 +0000
valgrind+afl: short read
Change-Id: I48fe6550c07c1b3d6b1099fd27f8c21427e37601
diff --git a/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read.gif b/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read.gif
new file mode 100644
index 0000000..7cb2a03
Binary files /dev/null and b/vcl/qa/cppunit/graphicfilter/data/gif/pass/afl-sample-short-read.gif differ
diff --git a/vcl/source/filter/igif/gifread.cxx b/vcl/source/filter/igif/gifread.cxx
index 3917f1c..720aeec 100644
--- a/vcl/source/filter/igif/gifread.cxx
+++ b/vcl/source/filter/igif/gifread.cxx
@@ -329,14 +329,17 @@ bool GIFReader::ReadExtension()
bRet = true;
while( cSize && bStatus && !rIStm.IsEof() )
{
- sal_uInt16 nCount = (sal_uInt16) cSize + 1;
- boost::scoped_array<char> pBuffer(new char[ nCount ]);
+ sal_uInt16 nCount = (sal_uInt16) cSize + 1;
+ const sal_uInt64 nMaxPossible = rIStm.remainingSize();
+ if (nMaxPossible > nCount)
+ nCount = nMaxPossible;
+ boost::scoped_array<sal_uInt8> pBuffer(new sal_uInt8[nCount]);
bRet = false;
- rIStm.Read( pBuffer.get(), nCount );
- if( NO_PENDING( rIStm ) )
+ sal_Size nRead = rIStm.Read(pBuffer.get(), nCount);
+ if (NO_PENDING(rIStm) && cSize < nRead)
{
- cSize = (sal_uInt8) pBuffer[ cSize ];
+ cSize = pBuffer[cSize];
bRet = true;
}
else
commit f23a51c9f978a3a8796a63ebcc03f7fcad52c6dc
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 09:24:00 2014 +0000
valgrind+afl: initialize nFlags
Change-Id: I3543f7f6616b6f400a74930fd998e4d517f56afa
diff --git a/vcl/source/filter/igif/gifread.cxx b/vcl/source/filter/igif/gifread.cxx
index 3d2042c..3917f1c 100644
--- a/vcl/source/filter/igif/gifread.cxx
+++ b/vcl/source/filter/igif/gifread.cxx
@@ -358,14 +358,14 @@ bool GIFReader::ReadLocalHeader()
{
SvMemoryStream aMemStm;
BitmapPalette* pPal;
- sal_uInt8 nFlags;
aMemStm.SetBuffer( (char*) pBuf, 9, false, 9 );
aMemStm.ReadUInt16( nImagePosX );
aMemStm.ReadUInt16( nImagePosY );
aMemStm.ReadUInt16( nImageWidth );
aMemStm.ReadUInt16( nImageHeight );
- aMemStm.ReadUChar( nFlags );
+ sal_uInt8 nFlags(0);
+ aMemStm.ReadUChar(nFlags);
// if interlaced, first define startvalue
bInterlaced = ( ( nFlags & 0x40 ) == 0x40 );
commit 9d7979b1319ed7360cec8765a1b387dc1e086148
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 09:22:34 2014 +0000
valgrind+afl: short read
Change-Id: I8165ac1b1ff17bf8165319b21c2a5cf595f75f36
diff --git a/vcl/source/filter/igif/gifread.cxx b/vcl/source/filter/igif/gifread.cxx
index a99167f..3d2042c 100644
--- a/vcl/source/filter/igif/gifread.cxx
+++ b/vcl/source/filter/igif/gifread.cxx
@@ -184,17 +184,20 @@ bool GIFReader::ReadGlobalHeader()
void GIFReader::ReadPaletteEntries( BitmapPalette* pPal, sal_uLong nCount )
{
- const sal_uLong nLen = 3UL * nCount;
+ sal_uLong nLen = 3UL * nCount;
+ const sal_uInt64 nMaxPossible = rIStm.remainingSize();
+ if (nLen > nMaxPossible)
+ nLen = nMaxPossible;
boost::scoped_array<sal_uInt8> pBuf(new sal_uInt8[ nLen ]);
-
- rIStm.Read( pBuf.get(), nLen );
+ sal_Size nRead = rIStm.Read(pBuf.get(), nLen);
+ nCount = nRead/3UL;
if( NO_PENDING( rIStm ) )
{
sal_uInt8* pTmp = pBuf.get();
- for( sal_uLong i = 0UL; i < nCount; )
+ for (sal_uLong i = 0UL; i < nCount; ++i)
{
- BitmapColor& rColor = (*pPal)[ (sal_uInt16) i++ ];
+ BitmapColor& rColor = (*pPal)[i];
rColor.SetRed( *pTmp++ );
rColor.SetGreen( *pTmp++ );
commit 9313095ea2d5f3dcc531d658e159e16ac2cb44fd
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Nov 12 09:12:34 2014 +0000
valgrind+afl: initialize cSize
Change-Id: Ia1b553fed82645023c28467b837b51bd959adbbe
diff --git a/vcl/source/filter/igif/gifread.cxx b/vcl/source/filter/igif/gifread.cxx
index 9602e85..a99167f 100644
--- a/vcl/source/filter/igif/gifread.cxx
+++ b/vcl/source/filter/igif/gifread.cxx
@@ -214,16 +214,15 @@ void GIFReader::ReadPaletteEntries( BitmapPalette* pPal, sal_uLong nCount )
bool GIFReader::ReadExtension()
{
- sal_uInt8 cFunction;
- sal_uInt8 cSize;
- sal_uInt8 cByte;
bool bRet = false;
bool bOverreadDataBlocks = false;
// Extension-Label
+ sal_uInt8 cFunction(0);
rIStm.ReadUChar( cFunction );
if( NO_PENDING( rIStm ) )
{
+ sal_uInt8 cSize(0);
// Block length
rIStm.ReadUChar( cSize );
@@ -232,12 +231,12 @@ bool GIFReader::ReadExtension()
// 'Graphic Control Extension'
case( 0xf9 ) :
{
- sal_uInt8 cFlags;
-
- rIStm.ReadUChar( cFlags );
- rIStm.ReadUInt16( nTimer );
- rIStm.ReadUChar( nGCTransparentIndex );
- rIStm.ReadUChar( cByte );
+ sal_uInt8 cFlags(0);
+ rIStm.ReadUChar(cFlags);
+ rIStm.ReadUInt16(nTimer);
+ rIStm.ReadUChar(nGCTransparentIndex);
+ sal_uInt8 cByte(0);
+ rIStm.ReadUChar(cByte);
if ( NO_PENDING( rIStm ) )
{
@@ -267,6 +266,7 @@ bool GIFReader::ReadExtension()
// NetScape-Extension
if( aAppId == "NETSCAPE" && aAppCode == "2.0" && cSize == 3 )
{
+ sal_uInt8 cByte(0);
rIStm.ReadUChar( cByte );
// Loop-Extension
@@ -293,6 +293,7 @@ bool GIFReader::ReadExtension()
}
else if ( aAppId == "STARDIV " && aAppCode == "5.0" && cSize == 9 )
{
+ sal_uInt8 cByte(0);
rIStm.ReadUChar( cByte );
// Loop extension
commit e76098b22e5d3f5bb422dfcca34b4d61fe2bd593
Author: Caolán McNamara <caolanm at redhat.com>
Date: Tue Nov 11 17:48:26 2014 +0000
valgrind+afl: check p1 at start of loop
Change-Id: I9ef947d9a9089f2bcf6c86711f10224a03abf394
diff --git a/vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png b/vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png
new file mode 100644
index 0000000..b116a92
Binary files /dev/null and b/vcl/qa/cppunit/graphicfilter/data/png/pass/afl-sample-IDAT.png differ
diff --git a/vcl/source/gdi/pngread.cxx b/vcl/source/gdi/pngread.cxx
index 2bbfede..36e6803 100644
--- a/vcl/source/gdi/pngread.cxx
+++ b/vcl/source/gdi/pngread.cxx
@@ -1030,9 +1030,11 @@ void PNGReaderImpl::ImplApplyFilter()
p1 += mnBPP;
// use left pixels
- do
+ while (p1 < pScanEnd)
+ {
*p1 = static_cast<sal_uInt8>( *p1 + *(p2++) );
- while( ++p1 < pScanEnd );
+ ++p1;
+ }
}
break;
More information about the Libreoffice-commits
mailing list