Fix STR#2881: the new static function Fl_RGB_Image::max_size(size) allows to control the maximum
memory size allowed when creating an Fl_RGB_Image. git-svn-id: file:///fltk/svn/fltk/branches/branch-1.3@9709 ea41ed52-d2ee-0310-a9c1-e6b18d33e121
This commit is contained in:
Manolo Gouy
parent
8701434312
commit
cff8941836
@ -23,6 +23,7 @@
|
||||
# define Fl_Image_H
|
||||
|
||||
# include "Enumerations.H"
|
||||
#include <stdlib.h>
|
||||
|
||||
class Fl_Widget;
|
||||
struct Fl_Menu_Item;
|
||||
@ -167,6 +168,7 @@ class FL_EXPORT Fl_RGB_Image : public Fl_Image {
|
||||
friend class Fl_Quartz_Graphics_Driver;
|
||||
friend class Fl_GDI_Graphics_Driver;
|
||||
friend class Fl_Xlib_Graphics_Driver;
|
||||
static size_t max_size_;
|
||||
public:
|
||||
|
||||
const uchar *array;
|
||||
@ -211,6 +213,21 @@ public:
|
||||
virtual void label(Fl_Widget*w);
|
||||
virtual void label(Fl_Menu_Item*m);
|
||||
virtual void uncache();
|
||||
/** Sets the maximum allowed image size in bytes when creating an Fl_RGB_Image object.
|
||||
|
||||
The image size in bytes of an Fl_RGB_Image object is the value of the product w() * h() * d().
|
||||
If this product exceeds size, the created object of a derived class of Fl_RGB_Image
|
||||
won't be loaded with the image data.
|
||||
This does not apply to direct RGB image creation with
|
||||
Fl_RGB_Image::Fl_RGB_Image(const uchar *bits, int W, int H, int D, int LD).
|
||||
The default max_size() value is essentially infinite.
|
||||
*/
|
||||
static void max_size(size_t size) { max_size_ = size;}
|
||||
/** Returns the maximum allowed image size in bytes when creating an Fl_RGB_Image object.
|
||||
|
||||
\sa void Fl_RGB_Image::max_size(size_t)
|
||||
*/
|
||||
static size_t max_size() {return max_size_;}
|
||||
};
|
||||
|
||||
#endif // !Fl_Image_H
|
||||
|
||||
@ -27,6 +27,7 @@
|
||||
|
||||
#include <FL/Fl_BMP_Image.H>
|
||||
#include <FL/fl_utf8.h>
|
||||
#include <FL/Fl.H>
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -187,6 +188,11 @@ Fl_BMP_Image::Fl_BMP_Image(const char *bmp) // I - File to read
|
||||
d(bDepth);
|
||||
if (offbits) fseek(fp, offbits, SEEK_SET);
|
||||
|
||||
if (((size_t)w()) * h() * d() > max_size() ) {
|
||||
Fl::warning("BMP file \"%s\" is too large!\n", bmp);
|
||||
fclose(fp);
|
||||
return;
|
||||
}
|
||||
array = new uchar[w() * h() * d()];
|
||||
alloc_array = 1;
|
||||
|
||||
|
||||
@ -163,6 +163,8 @@ Fl_Image::measure(const Fl_Label *lo, // I - Label
|
||||
//
|
||||
// RGB image class...
|
||||
//
|
||||
size_t Fl_RGB_Image::max_size_ = ~((size_t)0);
|
||||
|
||||
/** The destructor free all memory and server resources that are used by the image. */
|
||||
Fl_RGB_Image::~Fl_RGB_Image() {
|
||||
uncache();
|
||||
|
||||
@ -28,6 +28,7 @@
|
||||
#include <FL/Fl_JPEG_Image.H>
|
||||
#include <FL/Fl_Shared_Image.H>
|
||||
#include <FL/fl_utf8.h>
|
||||
#include <FL/Fl.H>
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -126,6 +127,7 @@ Fl_JPEG_Image::Fl_JPEG_Image(const char *filename) // I - File to load
|
||||
if (setjmp(jerr.errhand_))
|
||||
{
|
||||
// JPEG error handling...
|
||||
Fl::warning("JPEG file \"%s\" is too large or contains errors!\n", filename);
|
||||
// if any of the cleanup routines hits another error, we would end up
|
||||
// in a loop. So instead, we decrement max_err for some upper cleanup limit.
|
||||
if ( ((*max_finish_decompress_err)-- > 0) && array)
|
||||
@ -166,6 +168,7 @@ Fl_JPEG_Image::Fl_JPEG_Image(const char *filename) // I - File to load
|
||||
h(dinfo.output_height);
|
||||
d(dinfo.output_components);
|
||||
|
||||
if (((size_t)w()) * h() * d() > max_size() ) longjmp(jerr.errhand_, 1);
|
||||
array = new uchar[w() * h() * d()];
|
||||
alloc_array = 1;
|
||||
|
||||
@ -304,6 +307,7 @@ Fl_JPEG_Image::Fl_JPEG_Image(const char *name, const unsigned char *data)
|
||||
if (setjmp(jerr.errhand_))
|
||||
{
|
||||
// JPEG error handling...
|
||||
Fl::warning("JPEG data is too large or contains errors!\n");
|
||||
// if any of the cleanup routines hits another error, we would end up
|
||||
// in a loop. So instead, we decrement max_err for some upper cleanup limit.
|
||||
if ( ((*max_finish_decompress_err)-- > 0) && array)
|
||||
@ -342,6 +346,7 @@ Fl_JPEG_Image::Fl_JPEG_Image(const char *name, const unsigned char *data)
|
||||
h(dinfo.output_height);
|
||||
d(dinfo.output_components);
|
||||
|
||||
if (((size_t)w()) * h() * d() > max_size() ) longjmp(jerr.errhand_, 1);
|
||||
array = new uchar[w() * h() * d()];
|
||||
alloc_array = 1;
|
||||
|
||||
|
||||
@ -130,7 +130,7 @@ void Fl_PNG_Image::load_png_(const char *name_png, const unsigned char *buffer_p
|
||||
{
|
||||
png_destroy_read_struct(&pp, &info, NULL);
|
||||
if (!from_memory) fclose(fp);
|
||||
Fl::warning("PNG file or data \"%s\" contains errors!\n", name_png);
|
||||
Fl::warning("PNG file or data \"%s\" is too large or contains errors!\n", name_png);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -178,6 +178,7 @@ void Fl_PNG_Image::load_png_(const char *name_png, const unsigned char *buffer_p
|
||||
png_set_tRNS_to_alpha(pp);
|
||||
# endif // HAVE_PNG_GET_VALID && HAVE_PNG_SET_TRNS_TO_ALPHA
|
||||
|
||||
if (((size_t)w()) * h() * d() > max_size() ) longjmp(png_jmpbuf(pp), 1);
|
||||
array = new uchar[w() * h() * d()];
|
||||
alloc_array = 1;
|
||||
|
||||
|
||||
@ -119,6 +119,11 @@ Fl_PNM_Image::Fl_PNM_Image(const char *name) // I - File to read
|
||||
|
||||
// printf("%s = %dx%dx%d\n", name, w(), h(), d());
|
||||
|
||||
if (((size_t)w()) * h() * d() > max_size() ) {
|
||||
Fl::warning("PNM file \"%s\" is too large!\n", name);
|
||||
fclose(fp);
|
||||
return;
|
||||
}
|
||||
array = new uchar[w() * h() * d()];
|
||||
alloc_array = 1;
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user