diff options
| author | Emmanuele Bassi <ebassi@gmail.com> | 2022-08-09 15:27:13 +0000 |
|---|---|---|
| committer | Emmanuele Bassi <ebassi@gmail.com> | 2022-08-09 15:27:13 +0000 |
| commit | 88ddbd08fefb98fe61a719250e36162d82a178fb (patch) | |
| tree | bd2babfc2a4b1a0e8db68eb85511646186fe83aa | |
| parent | 8ad828c2782355c1747c62b3700bdc052e12e241 (diff) | |
| parent | b659038e4296534c2e068de9bce8d9e17fbe58b4 (diff) | |
| download | gdk-pixbuf-88ddbd08fefb98fe61a719250e36162d82a178fb.tar.gz | |
Merge branch 'ebassi/issue-205' into 'master'
jpeg: Limit the memory size when loading image data
Closes #205
See merge request GNOME/gdk-pixbuf!139
| -rw-r--r-- | gdk-pixbuf/io-jpeg.c | 2 | ||||
| -rw-r--r-- | tests/issue205.jpg | bin | 0 -> 1407 bytes | |||
| -rw-r--r-- | tests/meson.build | 1 | ||||
| -rw-r--r-- | tests/pixbuf-jpeg.c | 36 |
4 files changed, 39 insertions, 0 deletions
diff --git a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c index 48b163755..22f4174fe 100644 --- a/gdk-pixbuf/io-jpeg.c +++ b/gdk-pixbuf/io-jpeg.c @@ -1090,6 +1090,8 @@ gdk_pixbuf__jpeg_image_load_increment (gpointer data, jpeg_save_markers (cinfo, JPEG_COM, 0xffff); rc = jpeg_read_header (cinfo, TRUE); context->src_initialized = TRUE; + + cinfo->mem->max_memory_to_use = 100 * 1024 * 1024; if (rc == JPEG_SUSPENDED) continue; diff --git a/tests/issue205.jpg b/tests/issue205.jpg Binary files differnew file mode 100644 index 000000000..b45ebca78 --- /dev/null +++ b/tests/issue205.jpg diff --git a/tests/meson.build b/tests/meson.build index 7c6cb113a..28c252535 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -152,6 +152,7 @@ test_data = [ 'aero.gif', 'circular-table.gif', 'issue70.jpg', + 'issue205.jpg', ] installed_test_bindir = join_paths(gdk_pixbuf_libexecdir, 'installed-tests', meson.project_name()) diff --git a/tests/pixbuf-jpeg.c b/tests/pixbuf-jpeg.c index 3b1f2e4f0..be2c6b4fe 100644 --- a/tests/pixbuf-jpeg.c +++ b/tests/pixbuf-jpeg.c @@ -170,6 +170,41 @@ test_jpeg_markers (void) g_free (contents); } +static void +test_jpeg_fbfbfbfb (void) +{ + GdkPixbufLoader *loader; + GdkPixbuf *pixbuf; + GError *error = NULL; + gchar *contents; + gsize size; + + if (!format_supported ("jpeg")) + { + g_test_skip ("format not supported"); + return; + } + + g_test_message ("Load JPEG with size 0xfbfbfbfb (issue: 250)"); + + g_file_get_contents (g_test_get_filename (G_TEST_DIST, "issue205.jpg", NULL), &contents, &size, &error); + g_assert_no_error (error); + + loader = gdk_pixbuf_loader_new (); + + gdk_pixbuf_loader_write (loader, (const guchar*)contents, size, &error); + g_assert_no_error (error); + + gdk_pixbuf_loader_close (loader, &error); + g_assert_error (error, GDK_PIXBUF_ERROR, GDK_PIXBUF_ERROR_CORRUPT_IMAGE); + + pixbuf = gdk_pixbuf_loader_get_pixbuf (loader); + g_assert_nonnull (pixbuf); + + g_object_unref (loader); + g_free (contents); +} + int main (int argc, char **argv) { @@ -181,6 +216,7 @@ main (int argc, char **argv) g_test_add_func ("/pixbuf/jpeg/comment", test_comment); g_test_add_func ("/pixbuf/jpeg/at_size", test_at_size); g_test_add_func ("/pixbuf/jpeg/issue70", test_jpeg_markers); + g_test_add_func ("/pixbuf/jpeg/issue205", test_jpeg_fbfbfbfb); return g_test_run (); } |
