[Libreoffice-commits] core.git: external/jpeg-turbo sd/source vcl/workben

Caolán McNamara caolanm at redhat.com
Fri Mar 17 23:36:33 UTC 2017 

 external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk |    1 
 external/jpeg-turbo/jpeg-turbo.limits.patch.1     |   46 ++++++++++++++++++++++
 sd/source/core/sdpage.cxx                         |    5 ++
 vcl/workben/commonfuzzer.hxx                      |    1 
 vcl/workben/fftester.cxx                          |    1 
 5 files changed, 54 insertions(+)

New commits:
commit 2f1045a85970f2fc822f799a9a213fc533b740c2
Author: Caolán McNamara <caolanm at redhat.com>
Date:   Thu Mar 16 15:58:48 2017 +0000

    tweak libjpeg to honor JPEGMEM and set it in file format testers
    
    Change-Id: I6660ccc68d3c82bf6118c2106a9293fd37e801ae
    Reviewed-on: https://gerrit.libreoffice.org/35283
    Tested-by: Jenkins <ci at libreoffice.org>
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>
    Tested-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk b/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk
index 5fdc5e4cc8d1..222ce407f1a3 100644
--- a/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk
+++ b/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk
@@ -18,6 +18,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,jpeg-turbo,\
 	$(if $(filter WNT,$(OS)),external/jpeg-turbo/jpeg-turbo.win_build.patch.1) \
 	external/jpeg-turbo/jpeg-turbo.arm_build.patch.1 \
 	external/jpeg-turbo/ubsan.patch \
+	external/jpeg-turbo/jpeg-turbo.limits.patch.1 \
 ))
 
 # vim: set noet sw=4 ts=4:
diff --git a/external/jpeg-turbo/jpeg-turbo.limits.patch.1 b/external/jpeg-turbo/jpeg-turbo.limits.patch.1
new file mode 100644
index 000000000000..f78fd4b3253a
--- /dev/null
+++ b/external/jpeg-turbo/jpeg-turbo.limits.patch.1
@@ -0,0 +1,46 @@
+From 066fee2e7d6834f24838bc1896aa38ca77209e3c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm at redhat.com>
+Date: Thu, 16 Mar 2017 15:53:53 +0000
+Subject: [PATCH] honor max_memory_to_use if its set
+
+I'd like to use JPEGMEM to limit memory that libjpeg will allocation
+to reject sizes that would the default 2G limit under asan while
+fuzzing LibreOffice's jpeg integration
+---
+ jmemnobs.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/jmemnobs.c b/jmemnobs.c
+index 5797198..c7dc560 100644
+--- a/jmemnobs.c
++++ b/jmemnobs.c
+@@ -66,14 +66,24 @@ jpeg_free_large (j_common_ptr cinfo, void *object, size_t sizeofobject)
+ 
+ /*
+  * This routine computes the total memory space available for allocation.
+- * Here we always say, "we got all you want bud!"
+  */
+ 
+ GLOBAL(size_t)
+ jpeg_mem_available (j_common_ptr cinfo, size_t min_bytes_needed,
+                     size_t max_bytes_needed, size_t already_allocated)
+ {
+-  return max_bytes_needed;
++  if (!cinfo->mem->max_memory_to_use)
++  {
++    /* Here we always say, "we got all you want bud!" */
++    return max_bytes_needed;
++  }
++
++  if (cinfo->mem->max_memory_to_use - already_allocated >= max_bytes_needed)
++  {
++      return max_bytes_needed;
++  }
++
++  return cinfo->mem->max_memory_to_use - already_allocated;
+ }
+ 
+ 
+-- 
+2.9.3
+
diff --git a/sd/source/core/sdpage.cxx b/sd/source/core/sdpage.cxx
index d74dccf36efd..740bcb2554a5 100644
--- a/sd/source/core/sdpage.cxx
+++ b/sd/source/core/sdpage.cxx
@@ -49,6 +49,7 @@
 #include <svx/sdr/contact/displayinfo.hxx>
 #include <svx/svditer.hxx>
 #include <svx/svdlayer.hxx>
+#include <com/sun/star/animations/XAnimationNode.hpp>
 #include <com/sun/star/xml/dom/XNode.hpp>
 #include <com/sun/star/xml/dom/XNodeList.hpp>
 #include <com/sun/star/xml/dom/XNamedNodeMap.hpp>
@@ -148,6 +149,10 @@ SdPage::~SdPage()
 
     EndListenOutlineText();
 
+    fprintf(stderr, "on dtor %p, have %p\n", this, mxAnimationNode.get());
+
+    mxAnimationNode.clear();
+
     delete mpItems;
 
     Clear();
diff --git a/vcl/workben/commonfuzzer.hxx b/vcl/workben/commonfuzzer.hxx
index d8c14b2b2acc..ee8df4b79e12 100644
--- a/vcl/workben/commonfuzzer.hxx
+++ b/vcl/workben/commonfuzzer.hxx
@@ -78,6 +78,7 @@ extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
         __lsan_disable();
 
     setenv("SAL_USE_VCLPLUGIN", "svp", 1);
+    setenv("JPEGMEM", "1024M", 1);
     setenv("SAL_WMF_COMPLEXCLIP_VIA_REGION", "1", 1);
     setenv("SAL_DISABLE_PRINTERLIST", "1", 1);
 
diff --git a/vcl/workben/fftester.cxx b/vcl/workben/fftester.cxx
index 1007d238cce2..50e8995b25d1 100644
--- a/vcl/workben/fftester.cxx
+++ b/vcl/workben/fftester.cxx
@@ -102,6 +102,7 @@ SAL_IMPLEMENT_MAIN_WITH_ARGS(argc, argv)
         utl::ConfigManager::EnableAvoidConfig();
         InitVCL();
 
+        setenv("JPEGMEM", "1024M", 1);
         setenv("SAL_WMF_COMPLEXCLIP_VIA_REGION", "1", 1);
         setenv("SAL_DISABLE_PRINTERLIST", "1", 1);

More information about the Libreoffice-commits mailing list