[Libreoffice-commits] libcdr.git: 2 commits - src/lib

Fri Nov 21 03:54:00 PST 2014

src/lib/CDRParser.cpp |    4 ++++
 1 file changed, 4 insertions(+)

New commits:
commit 6d7de600e938543448f680cc840211f52bb0b848
Author: David Tardon <dtardon at redhat.com>
Date:   Fri Nov 21 12:33:26 2014 +0100

    avoid extra big allocation, continued
    
    Change-Id: I6cf7c2535e1a4b8163413c1826535b856587bc00

diff --git a/src/lib/CDRParser.cpp b/src/lib/CDRParser.cpp
index d83c4c3..f3e4aeb 100644
--- a/src/lib/CDRParser.cpp
+++ b/src/lib/CDRParser.cpp
@@ -3239,6 +3239,8 @@ void libcdr::CDRParser::readStyd(librevenge::RVNGInputStream *input)
   long startPosition = input->tell();
   unsigned chunkLength = readUnsigned(input);
   unsigned numOfArgs = readUnsigned(input);
+  if (numOfArgs > chunkLength / 4) // avoid extra big allocation in case of a broken file
+    numOfArgs = chunkLength / 4;
   unsigned startOfArgs = readUnsigned(input);
   unsigned startOfArgTypes = readUnsigned(input);
   CDRCharacterStyle charStyle;
commit bc3c34481e731d2e696498d19ad5d15b5658afb8
Author: David Tardon <dtardon at redhat.com>
Date:   Fri Nov 21 12:30:52 2014 +0100

    avoid extra big allocation, continued
    
    Change-Id: I0e277d9cb47d9e6bf007b7a4668be339f2884b25

diff --git a/src/lib/CDRParser.cpp b/src/lib/CDRParser.cpp
index 2b70a2c..d83c4c3 100644
--- a/src/lib/CDRParser.cpp
+++ b/src/lib/CDRParser.cpp
@@ -1637,6 +1637,8 @@ void libcdr::CDRParser::readTrfd(librevenge::RVNGInputStream *input, unsigned le
   long startPosition = input->tell();
   unsigned chunkLength = readUnsigned(input);
   unsigned numOfArgs = readUnsigned(input);
+  if (numOfArgs > length / 4) // avoid extra big allocation in case of a broken file
+    numOfArgs = length / 4;
   unsigned startOfArgs = readUnsigned(input);
   std::vector<unsigned> argOffsets(numOfArgs, 0);
   unsigned i = 0;
