[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] gnash ChangeLog server/font.cpp server/stream.c...
|
From: |
Sandro Santilli |
|
Subject: |
[Gnash-commit] gnash ChangeLog server/font.cpp server/stream.c... |
|
Date: |
Tue, 15 May 2007 09:59:08 +0000 |
CVSROOT: /sources/gnash
Module name: gnash
Changes by: Sandro Santilli <strk> 07/05/15 09:59:08
Modified files:
. : ChangeLog
server : font.cpp stream.cpp stream.h
Log message:
* server/stream.{cpp,h} (set_position): document and change
return
type to signal failures.
* server/font.cpp (readDefineFont, readDefineFont2_or_3): use
stream::set_position return code to detect SWF malformations.
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.3220&r2=1.3221
http://cvs.savannah.gnu.org/viewcvs/gnash/server/font.cpp?cvsroot=gnash&r1=1.31&r2=1.32
http://cvs.savannah.gnu.org/viewcvs/gnash/server/stream.cpp?cvsroot=gnash&r1=1.19&r2=1.20
http://cvs.savannah.gnu.org/viewcvs/gnash/server/stream.h?cvsroot=gnash&r1=1.18&r2=1.19
Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.3220
retrieving revision 1.3221
diff -u -b -r1.3220 -r1.3221
--- ChangeLog 15 May 2007 09:50:16 -0000 1.3220
+++ ChangeLog 15 May 2007 09:59:07 -0000 1.3221
@@ -1,3 +1,10 @@
+2007-05-15 Sandro Santilli <address@hidden>
+
+ * server/stream.{cpp,h} (set_position): document and change return
+ type to signal failures.
+ * server/font.cpp (readDefineFont, readDefineFont2_or_3): use
+ stream::set_position return code to detect SWF malformations.
+
2007-05-15 Tomas Groth Christensen <address@hidden>
* backend/sound_handler_{gst,sdl}.cpp: Make soundhandlers more robust.
Index: server/font.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/font.cpp,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -b -r1.31 -r1.32
--- server/font.cpp 14 May 2007 20:40:10 -0000 1.31
+++ server/font.cpp 15 May 2007 09:59:08 -0000 1.32
@@ -17,7 +17,7 @@
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
//
-/* $Id: font.cpp,v 1.31 2007/05/14 20:40:10 strk Exp $ */
+/* $Id: font.cpp,v 1.32 2007/05/15 09:59:08 strk Exp $ */
// Based on the public domain work of Thatcher Ulrich <address@hidden> 2003
@@ -168,27 +168,19 @@
if (m->get_create_font_shapes() == DO_LOAD_FONT_SHAPES)
{
// Read the glyph shapes.
- unsigned long endTagPos = in->get_tag_end_position();
-
{for (int i = 0; i < count; i++)
{
// Seek to the start of the shape data.
unsigned long new_pos = table_base + offsets[i];
- if ( new_pos > endTagPos )
+
+ if ( ! in->set_position(new_pos) )
{
throw ParserException(_("Glyphs offset
table corrupted in DefineFont tag"));
-#if 0
- log_swferror(_("Glyph %d in DefineFont
is reported to be defined at offset %lu, but tag ends at offset %lu"),
- i, new_pos, endTagPos);
- m_glyphs[i] = NULL; // allowed ? or
should we throw an exception instead ?
- continue;
-#endif
}
- in->set_position(new_pos);
// Create & read the shape.
shape_character_def* s = new
shape_character_def;
- s->read(in, SWF::DEFINEFONT, false, m); // why
not DEFINEFONT ?
+ s->read(in, SWF::DEFINEFONT, false, m);
m_glyphs[i] = s;
}}
@@ -272,11 +264,14 @@
// have such seeks-back, see bug #16311
//assert(new_pos >= in->get_position());
- in->set_position(new_pos);
+ if ( ! in->set_position(new_pos) )
+ {
+ throw ParserException(_("Glyphs offset
table corrupted in DefineFont2/3 tag"));
+ }
// Create & read the shape.
shape_character_def* s = new
shape_character_def;
- s->read(in, SWF::DEFINEFONT2, false, m); // why
not DEFINEFONT2 ?
+ s->read(in, SWF::DEFINEFONT2, false, m); // ..
or DEFINEFONT3 actually..
m_glyphs[i] = s;
}}
Index: server/stream.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/stream.cpp,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -b -r1.19 -r1.20
--- server/stream.cpp 14 May 2007 21:39:48 -0000 1.19
+++ server/stream.cpp 15 May 2007 09:59:08 -0000 1.20
@@ -234,7 +234,7 @@
}
- void stream::set_position(unsigned long pos)
+ bool stream::set_position(unsigned long pos)
{
align();
@@ -242,8 +242,12 @@
if (m_tag_stack.size() > 0)
{
unsigned long end_pos = m_tag_stack.back();
- assert(pos <= end_pos);
- end_pos = end_pos; // inhibit warning
+ if ( pos > end_pos )
+ {
+ log_error("Attempt to seek past the end of an
opened tag");
+ // abort(); ?
+ return false;
+ }
// @@ check start pos somehow???
}
@@ -254,7 +258,10 @@
// we might be called from an exception handler
// so throwing here might be a double throw...
log_swferror(_("Unexpected end of stream"));
+ return false;
}
+
+ return true;
}
Index: server/stream.h
===================================================================
RCS file: /sources/gnash/gnash/server/stream.h,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -b -r1.18 -r1.19
--- server/stream.h 13 May 2007 12:19:05 -0000 1.18
+++ server/stream.h 15 May 2007 09:59:08 -0000 1.19
@@ -100,7 +100,18 @@
unsigned long get_position();
/// Set the file position to the given value.
- void set_position(unsigned long pos);
+ //
+ ///
+ /// If we're scanning a tag, don't allow seeking past
+ /// the tag end. Ideally we shouldn't also allow seeking
+ /// before tag start but this is currently unimplemented.
+ ///
+ /// @return true on success, false on failure
+ /// Possible failures:
+ /// - given position is after end of stream.
+ /// - given position is after end of current tag, if any.
+ ///
+ bool set_position(unsigned long pos);
/// Return the file position of the end of the current tag.
unsigned long get_tag_end_position();
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gnash-commit] gnash ChangeLog server/font.cpp server/stream.c...,
Sandro Santilli <=