ref: d0edf5a64a15f019db986a60e4e6db1846e5e19a
parent: 9d2c4f3bdb0bd003deae788e7187c0f86e624544
author: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
date: Tue Feb 7 17:15:58 EST 2017
Bug 697531 : Fix decoder error on JBIG2 compressed image. The problem is in jbig2_word_stream_buf_get_next_word returning -1 and sending a fail error causing the whole file to fail. Now when the buffer is exhausted, the returned value is set to zero so that the decoder does not try to use an unintialised value. This now means the error return is pointless and another commit will follow this one to tidy up the unused code.
--- a/jbig2.c
+++ b/jbig2.c
@@ -383,20 +383,17 @@
{Jbig2WordStreamBuf *z = (Jbig2WordStreamBuf *) self;
const byte *data = z->data;
- uint32_t result;
+ *word = 0;
if (offset + 4 < z->size)
- result = (data[offset] << 24) | (data[offset + 1] << 16) | (data[offset + 2] << 8) | data[offset + 3];
- else if (offset > z->size)
- return -1;
- else {+ *word = (data[offset] << 24) | (data[offset + 1] << 16) | (data[offset + 2] << 8) | data[offset + 3];
+ else if (offset <= z->size) {size_t i;
- result = 0;
for (i = 0; i < z->size - offset; i++)
- result |= data[offset + i] << ((3 - i) << 3);
+ *word |= data[offset + i] << ((3 - i) << 3);
}
- *word = result;
+
return 0;
}