[Libreoffice-commits] core.git: vcl/source

Wed, 23 Nov 2022 00:56:59 -0800 

 vcl/source/filter/jpeg/jpegc.cxx |   20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

New commits:
commit 875a7a3351488ac18b6576793ffe5d54b57fdfe0
Author:     Caolán McNamara <caol...@redhat.com>
AuthorDate: Tue Nov 22 21:22:12 2022 +0000
Commit:     Caolán McNamara <caol...@redhat.com>
CommitDate: Wed Nov 23 09:56:24 2022 +0100

    ofz#53628 Use a progress monitor to avoid Timeout
    
    LJT-01-003 of 
https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
    
    Change-Id: I834e0891c4bb91907750282a26b8b803f94b8fb0
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/143131
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caol...@redhat.com>

diff --git a/vcl/source/filter/jpeg/jpegc.cxx b/vcl/source/filter/jpeg/jpegc.cxx
index 2b2f9713a695..a3ce069cccf7 100644
--- a/vcl/source/filter/jpeg/jpegc.cxx
+++ b/vcl/source/filter/jpeg/jpegc.cxx
@@ -150,6 +150,7 @@ private:
 struct JpegStuff
 {
     jpeg_decompress_struct cinfo;
+    jpeg_progress_mgr progress;
     ErrorManagerStruct jerr;
     JpegDecompressOwner aOwner;
     std::unique_ptr<BitmapScopedWriteAccess> pScopedAccess;
@@ -157,6 +158,23 @@ struct JpegStuff
     std::vector<sal_uInt8> pCYMKBuffer;
 };
 
+// https://github.com/libjpeg-turbo/libjpeg-turbo/issues/284
+// 
https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
+#define LIMITSCANS 100
+
+void progress_monitor(j_common_ptr cinfo)
+{
+    if (cinfo->is_decompressor)
+    {
+        jpeg_decompress_struct* decompressor = 
reinterpret_cast<j_decompress_ptr>(cinfo);
+        if (decompressor->input_scan_number >= LIMITSCANS)
+        {
+            SAL_WARN("vcl.filter", "too many progressive scans, cancelling 
import after: " << decompressor->input_scan_number << " scans");
+            errorExit(cinfo);
+        }
+    }
+}
+
 }
 
 static void ReadJPEG(JpegStuff& rContext, JPEGReader* pJPEGReader, void* 
pInputStream, tools::Long* pLines,
@@ -176,6 +194,8 @@ static void ReadJPEG(JpegStuff& rContext, JPEGReader* 
pJPEGReader, void* pInputS
     jpeg_create_decompress(&rContext.cinfo);
     rContext.aOwner.set(&rContext.cinfo);
     jpeg_svstream_src(&rContext.cinfo, pInputStream);
+    rContext.cinfo.progress = &rContext.progress;
+    rContext.progress.progress_monitor = progress_monitor;
     SourceManagerStruct *source = 
reinterpret_cast<SourceManagerStruct*>(rContext.cinfo.src);
     jpeg_read_header(&rContext.cinfo, TRUE);

Reply via email to