#endif
-#define MMUTIL_STRING_VALID(str) (str != NULL && strlen(str) > 0)
+#define MMUTIL_STRING_VALID(str) (str != NULL && strlen(str) > 0)
/* for alignment */
#define MM_UTIL_ROUND_UP_2(num) (((num)+1)&~1)
// for reading ini
int mm_util_ini_get_int(const char *category, const char *item, int default_value);
+bool mm_util_is_proper_image_size(size_t size);
+
#ifdef __cplusplus
}
#endif
#include "mm_util_private.h"
#define IMAGE_UTIL_INI_PATH SYSCONFDIR"/multimedia/mmfw_image_util.ini"
+#define MAX_RAW_IMG_SIZE (512 * 1024 * 1024)
int mm_util_safe_fopen(const char *path, const char *mode, FILE **fp)
{
*value = converted;
return true;
}
+
+bool mm_util_is_proper_image_size(size_t size)
+{
+ mm_util_retvm_if(size == 0, false, "size is 0");
+ mm_util_retvm_if(size >= MAX_RAW_IMG_SIZE, false, "size is too large");
+
+ return true;
+}
return MM_UTIL_ERROR_NONE;
}
-static void __gif_convert_to_rgba(void **data, ColorMapObject *color_map, GifRowType *frame_buffer, unsigned int width, unsigned int height)
+static int __gif_convert_to_rgba(void **data, ColorMapObject *color_map, GifRowType *frame_buffer, unsigned int width, unsigned int height)
{
unsigned int i, j;
GifRowType gif_row;
GifColorType *color_map_entry;
GifByteType *buffer;
+ size_t data_size = 0;
mm_util_fenter();
- *data = g_malloc0(width * height * 4);
+ data_size = width * height * 4;
+ if (!mm_util_is_proper_image_size(data_size))
+ return MM_UTIL_ERROR_OUT_OF_MEMORY;
+
+ *data = g_malloc0(data_size);
buffer = (GifByteType *) *data;
for (i = 0; i < height; i++) {
*buffer++ = 255;
}
}
+
+ return MM_UTIL_ERROR_NONE;
}
static int __read_gif(const char *file_path, void *memory, const size_t src_size, mm_util_image_h *decoded)
}
/* decompress image with colormap(256) */
- __gif_convert_to_rgba(&image_buffer, ColorMap, frame_buffer, GifFile->SWidth, GifFile->SHeight);
+ ret = __gif_convert_to_rgba(&image_buffer, ColorMap, frame_buffer, GifFile->SWidth, GifFile->SHeight);
+ if (ret != MM_UTIL_ERROR_NONE) {
+ mm_util_error("__gif_convert_to_rgba failed");
+ goto error;
+ }
ret = mm_image_create_image(GifFile->SWidth, GifFile->SHeight, MM_UTIL_COLOR_RGBA, image_buffer, GifFile->SWidth * GifFile->SHeight * 4, decoded);
g_free(image_buffer);
__mm_util_get_image_size(_src->color, _width, _height, true, &_buffer_size);
mm_util_retvm_if(!_buffer_size, MM_UTIL_ERROR_INVALID_OPERATION, "fail to get dst_buf_size");
+ if (!mm_util_is_proper_image_size(_buffer_size))
+ return MM_UTIL_ERROR_OUT_OF_MEMORY;
+
_buffer = g_malloc0(_buffer_size);
switch (_src->color) {
goto END;
}
+ if (!mm_util_is_proper_image_size(image_buffer_size)) {
+ ret = MM_UTIL_ERROR_OUT_OF_MEMORY;
+ goto END;
+ }
+
image_buffer = g_malloc0(image_buffer_size);
mm_util_debug("decoded_data->data");
status = JxlDecoderImageOutBufferSize(jxl_dec, jxl_format, &pixels_size);
if (status != JXL_DEC_SUCCESS) {
- mm_util_error("failed to JxlDecoderImageOutBufferSize(%d)", status);
- goto Exit;
+ mm_util_error("failed to JxlDecoderImageOutBufferSize(%d)", status);
+ goto Exit;
+ }
+
+ if (!mm_util_is_proper_image_size(pixels_size)) {
+ status = JXL_DEC_JPEG_NEED_MORE_OUTPUT;
+ goto Exit;
}
status = JxlDecoderGetBasicInfo(jxl_dec, &info);
if (status != JXL_DEC_SUCCESS) {
- mm_util_error("failed to JxlDecoderGetBasicInfo(%d)", status);
- goto Exit;
+ mm_util_error("failed to JxlDecoderGetBasicInfo(%d)", status);
+ goto Exit;
}
// calculate the size of output buffer
projects / platform / core / multimedia / libmm-utility.git / commitdiff