Pass CJBig2_ArithDecoder to CJBig2_GRDProc as needed.
Avoid holding a stale pointer to it in CJBig2_GRDProc.
Bug: 726732
Change-Id: Ia3797a3e087f61bd2126f867fd5a282e873de5bc
Reviewed-on: https://pdfium-review.googlesource.com/6050
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
diff --git a/core/fxcodec/jbig2/JBig2_Context.cpp b/core/fxcodec/jbig2/JBig2_Context.cpp
index c957002..69a9dd0 100644
--- a/core/fxcodec/jbig2/JBig2_Context.cpp
+++ b/core/fxcodec/jbig2/JBig2_Context.cpp
@@ -1064,7 +1064,6 @@
}
if (m_ri.height < 0 || m_ri.width < 0)
return JBIG2_FAILED;
-
pGRD->GBW = m_ri.width;
pGRD->GBH = m_ri.height;
pGRD->MMR = cFlags & 0x01;
@@ -1073,15 +1072,13 @@
if (pGRD->MMR == 0) {
if (pGRD->GBTEMPLATE == 0) {
for (int32_t i = 0; i < 8; ++i) {
- if (m_pStream->read1Byte((uint8_t*)&pGRD->GBAT[i]) != 0) {
+ if (m_pStream->read1Byte((uint8_t*)&pGRD->GBAT[i]) != 0)
return JBIG2_ERROR_TOO_SHORT;
- }
}
} else {
for (int32_t i = 0; i < 2; ++i) {
- if (m_pStream->read1Byte((uint8_t*)&pGRD->GBAT[i]) != 0) {
+ if (m_pStream->read1Byte((uint8_t*)&pGRD->GBAT[i]) != 0)
return JBIG2_ERROR_TOO_SHORT;
- }
}
}
}
@@ -1090,10 +1087,8 @@
}
pSegment->m_nResultType = JBIG2_IMAGE_POINTER;
if (m_pGRD->MMR == 0) {
- if (m_gbContext.empty()) {
- const size_t size = GetHuffContextSize(m_pGRD->GBTEMPLATE);
- m_gbContext.resize(size);
- }
+ if (m_gbContext.empty())
+ m_gbContext.resize(GetHuffContextSize(m_pGRD->GBTEMPLATE));
if (!m_pArithDecoder) {
m_pArithDecoder =
pdfium::MakeUnique<CJBig2_ArithDecoder>(m_pStream.get());
@@ -1101,7 +1096,8 @@
m_pArithDecoder.get(),
&m_gbContext[0], pPause);
} else {
- m_ProcessingStatus = m_pGRD->Continue_decode(pPause);
+ m_ProcessingStatus =
+ m_pGRD->Continue_decode(pPause, m_pArithDecoder.get());
}
if (m_ProcessingStatus == FXCODEC_STATUS_DECODE_TOBECONTINUE) {
if (pSegment->m_cFlags.s.type != 36) {
@@ -1119,17 +1115,16 @@
(JBig2ComposeOp)(m_ri.flags & 0x03), &Rect);
}
return JBIG2_SUCCESS;
- } else {
- m_pArithDecoder.reset();
- m_gbContext.clear();
- if (!pSegment->m_Result.im) {
- m_ProcessingStatus = FXCODEC_STATUS_ERROR;
- m_pGRD.reset();
- return JBIG2_ERROR_FATAL;
- }
- m_pStream->alignByte();
- m_pStream->offset(2);
}
+ m_pArithDecoder.reset();
+ m_gbContext.clear();
+ if (!pSegment->m_Result.im) {
+ m_ProcessingStatus = FXCODEC_STATUS_ERROR;
+ m_pGRD.reset();
+ return JBIG2_ERROR_FATAL;
+ }
+ m_pStream->alignByte();
+ m_pStream->offset(2);
} else {
m_pGRD->Start_decode_MMR(&pSegment->m_Result.im, m_pStream.get());
if (!pSegment->m_Result.im) {
diff --git a/core/fxcodec/jbig2/JBig2_GrdProc.cpp b/core/fxcodec/jbig2/JBig2_GrdProc.cpp
index a8140bd..c63a40d 100644
--- a/core/fxcodec/jbig2/JBig2_GrdProc.cpp
+++ b/core/fxcodec/jbig2/JBig2_GrdProc.cpp
@@ -652,57 +652,58 @@
m_DecodeType = 1;
m_pImage = pImage;
(*m_pImage)->fill(0);
- m_pArithDecoder = pArithDecoder;
m_gbContext = gbContext;
m_LTP = 0;
m_pLine = nullptr;
m_loopIndex = 0;
- return decode_Arith(pPause);
+ return decode_Arith(pPause, pArithDecoder);
}
-FXCODEC_STATUS CJBig2_GRDProc::decode_Arith(IFX_Pause* pPause) {
+FXCODEC_STATUS CJBig2_GRDProc::decode_Arith(
+ IFX_Pause* pPause,
+ CJBig2_ArithDecoder* pArithDecoder) {
int iline = m_loopIndex;
CJBig2_Image* pImage = *m_pImage;
if (GBTEMPLATE == 0) {
if (UseTemplate0Opt3()) {
- m_ProssiveStatus = decode_Arith_Template0_opt3(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template0_opt3(pImage, pArithDecoder,
+ m_gbContext, pPause);
} else {
- m_ProssiveStatus = decode_Arith_Template0_unopt(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template0_unopt(pImage, pArithDecoder,
+ m_gbContext, pPause);
}
} else if (GBTEMPLATE == 1) {
if (UseTemplate1Opt3()) {
- m_ProssiveStatus = decode_Arith_Template1_opt3(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template1_opt3(pImage, pArithDecoder,
+ m_gbContext, pPause);
} else {
- m_ProssiveStatus = decode_Arith_Template1_unopt(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template1_unopt(pImage, pArithDecoder,
+ m_gbContext, pPause);
}
} else if (GBTEMPLATE == 2) {
if (UseTemplate23Opt3()) {
- m_ProssiveStatus = decode_Arith_Template2_opt3(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template2_opt3(pImage, pArithDecoder,
+ m_gbContext, pPause);
} else {
- m_ProssiveStatus = decode_Arith_Template2_unopt(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template2_unopt(pImage, pArithDecoder,
+ m_gbContext, pPause);
}
} else {
if (UseTemplate23Opt3()) {
- m_ProssiveStatus = decode_Arith_Template3_opt3(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template3_opt3(pImage, pArithDecoder,
+ m_gbContext, pPause);
} else {
- m_ProssiveStatus = decode_Arith_Template3_unopt(
- pImage, m_pArithDecoder.Get(), m_gbContext, pPause);
+ m_ProssiveStatus = decode_Arith_Template3_unopt(pImage, pArithDecoder,
+ m_gbContext, pPause);
}
}
m_ReplaceRect.left = 0;
m_ReplaceRect.right = pImage->width();
m_ReplaceRect.top = iline;
m_ReplaceRect.bottom = m_loopIndex;
- if (m_ProssiveStatus == FXCODEC_STATUS_DECODE_FINISH) {
+ if (m_ProssiveStatus == FXCODEC_STATUS_DECODE_FINISH)
m_loopIndex = 0;
- }
+
return m_ProssiveStatus;
}
@@ -727,7 +728,9 @@
return m_ProssiveStatus;
}
-FXCODEC_STATUS CJBig2_GRDProc::Continue_decode(IFX_Pause* pPause) {
+FXCODEC_STATUS CJBig2_GRDProc::Continue_decode(
+ IFX_Pause* pPause,
+ CJBig2_ArithDecoder* pArithDecoder) {
if (m_ProssiveStatus != FXCODEC_STATUS_DECODE_TOBECONTINUE)
return m_ProssiveStatus;
@@ -735,8 +738,7 @@
m_ProssiveStatus = FXCODEC_STATUS_ERROR;
return m_ProssiveStatus;
}
-
- return decode_Arith(pPause);
+ return decode_Arith(pPause, pArithDecoder);
}
FXCODEC_STATUS CJBig2_GRDProc::decode_Arith_Template0_opt3(
diff --git a/core/fxcodec/jbig2/JBig2_GrdProc.h b/core/fxcodec/jbig2/JBig2_GrdProc.h
index c6e8ae3..3e4d3d4 100644
--- a/core/fxcodec/jbig2/JBig2_GrdProc.h
+++ b/core/fxcodec/jbig2/JBig2_GrdProc.h
@@ -32,7 +32,8 @@
IFX_Pause* pPause);
FXCODEC_STATUS Start_decode_MMR(CJBig2_Image** pImage,
CJBig2_BitStream* pStream);
- FXCODEC_STATUS Continue_decode(IFX_Pause* pPause);
+ FXCODEC_STATUS Continue_decode(IFX_Pause* pPause,
+ CJBig2_ArithDecoder* pArithDecoder);
FX_RECT GetReplaceRect() const { return m_ReplaceRect; }
bool MMR;
@@ -49,7 +50,8 @@
bool UseTemplate1Opt3() const;
bool UseTemplate23Opt3() const;
- FXCODEC_STATUS decode_Arith(IFX_Pause* pPause);
+ FXCODEC_STATUS decode_Arith(IFX_Pause* pPause,
+ CJBig2_ArithDecoder* pArithDecoder);
FXCODEC_STATUS decode_Arith_Template0_opt3(CJBig2_Image* pImage,
CJBig2_ArithDecoder* pArithDecoder,
JBig2ArithCtx* gbContext,
@@ -114,7 +116,6 @@
uint8_t* m_pLine;
FXCODEC_STATUS m_ProssiveStatus;
CJBig2_Image** m_pImage;
- CFX_UnownedPtr<CJBig2_ArithDecoder> m_pArithDecoder;
JBig2ArithCtx* m_gbContext;
uint16_t m_DecodeType;
int m_LTP;
diff --git a/core/fxcodec/jbig2/JBig2_GsidProc.cpp b/core/fxcodec/jbig2/JBig2_GsidProc.cpp
index 0f0a16d..842d7df 100644
--- a/core/fxcodec/jbig2/JBig2_GsidProc.cpp
+++ b/core/fxcodec/jbig2/JBig2_GsidProc.cpp
@@ -47,7 +47,7 @@
FXCODEC_STATUS status =
pGRD->Start_decode_Arith(&pImage, pArithDecoder, gbContext, nullptr);
while (status == FXCODEC_STATUS_DECODE_TOBECONTINUE)
- status = pGRD->Continue_decode(pPause);
+ status = pGRD->Continue_decode(pPause, pArithDecoder);
if (!pImage)
return nullptr;
diff --git a/core/fxcodec/jbig2/JBig2_PddProc.cpp b/core/fxcodec/jbig2/JBig2_PddProc.cpp
index e3403ee..040ee66 100644
--- a/core/fxcodec/jbig2/JBig2_PddProc.cpp
+++ b/core/fxcodec/jbig2/JBig2_PddProc.cpp
@@ -44,7 +44,7 @@
FXCODEC_STATUS status =
pGRD->Start_decode_Arith(&BHDC, pArithDecoder, gbContext, nullptr);
while (status == FXCODEC_STATUS_DECODE_TOBECONTINUE)
- status = pGRD->Continue_decode(pPause);
+ status = pGRD->Continue_decode(pPause, pArithDecoder);
if (!BHDC)
return nullptr;
