mirror of
https://github.com/qpdf/qpdf.git
synced 2025-01-03 07:12:28 +00:00
Refactor Pl_RunLength::decode
Buffer output locally. Add qpdf_fuzzer test case.
This commit is contained in:
parent
5edb548148
commit
3bab4cf394
@ -129,6 +129,7 @@ set(CORPUS_OTHER
|
||||
69977b.fuzz
|
||||
69977c.fuzz
|
||||
69977d.fuzz
|
||||
69977e.fuzz
|
||||
70055.fuzz
|
||||
70245.fuzz
|
||||
70306.fuzz
|
||||
|
BIN
fuzz/qpdf_extra/69977e.fuzz
Normal file
BIN
fuzz/qpdf_extra/69977e.fuzz
Normal file
Binary file not shown.
@ -21,7 +21,7 @@ my @fuzzers = (
|
||||
['pngpredictor' => 1],
|
||||
['runlength' => 6],
|
||||
['tiffpredictor' => 2],
|
||||
['qpdf' => 74], # increment when adding new files
|
||||
['qpdf' => 75], # increment when adding new files
|
||||
);
|
||||
|
||||
my $n_tests = 0;
|
||||
|
@ -62,6 +62,7 @@ class QPDF_DLL_CLASS Pl_RunLength: public Pipeline
|
||||
state_e state;
|
||||
unsigned char buf[128];
|
||||
unsigned int length;
|
||||
std::string out;
|
||||
};
|
||||
|
||||
std::shared_ptr<Members> m;
|
||||
|
@ -66,8 +66,9 @@ Pl_RunLength::encode(unsigned char const* data, size_t len)
|
||||
void
|
||||
Pl_RunLength::decode(unsigned char const* data, size_t len)
|
||||
{
|
||||
m->out.reserve(len);
|
||||
for (size_t i = 0; i < len; ++i) {
|
||||
unsigned char ch = data[i];
|
||||
unsigned char const& ch = data[i];
|
||||
switch (m->state) {
|
||||
case st_top:
|
||||
if (ch < 128) {
|
||||
@ -85,16 +86,14 @@ Pl_RunLength::decode(unsigned char const* data, size_t len)
|
||||
break;
|
||||
|
||||
case st_copying:
|
||||
this->getNext()->write(&ch, 1);
|
||||
m->out.append(1, static_cast<char>(ch));
|
||||
if (--m->length == 0) {
|
||||
m->state = st_top;
|
||||
}
|
||||
break;
|
||||
|
||||
case st_run:
|
||||
for (unsigned int j = 0; j < m->length; ++j) {
|
||||
this->getNext()->write(&ch, 1);
|
||||
}
|
||||
m->out.append(m->length, static_cast<char>(ch));
|
||||
m->state = st_top;
|
||||
break;
|
||||
}
|
||||
@ -137,10 +136,13 @@ Pl_RunLength::finish()
|
||||
// When decoding, we might have read a length byte not followed by data, which means the stream
|
||||
// was terminated early, but we will just ignore this case since this is the only sensible thing
|
||||
// to do.
|
||||
auto next = getNext();
|
||||
if (m->action == a_encode) {
|
||||
flush_encode();
|
||||
unsigned char ch = 128;
|
||||
this->getNext()->write(&ch, 1);
|
||||
next->write(&ch, 1);
|
||||
} else {
|
||||
next->writeString(m->out);
|
||||
}
|
||||
this->getNext()->finish();
|
||||
next->finish();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user