libswfdec/swfdec_swf_decoder.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
New commits:
diff-tree 3a1839889ef8a1d068b0ed6db343b41fb872c51e (from
26a33bf08b5d9feeb8047274b312cee2999824ff)
Author: Benjamin Otte <otte@gnome.org>
Date: Sun Apr 22 15:55:43 2007 +0200
fail nicely if decompressed size is too big
diff --git a/libswfdec/swfdec_swf_decoder.c b/libswfdec/swfdec_swf_decoder.c
index ac39d6c..6c13e70 100644
--- a/libswfdec/swfdec_swf_decoder.c
+++ b/libswfdec/swfdec_swf_decoder.c
@@ -114,23 +114,28 @@ swfdec_swf_decoder_deflate_all (SwfdecSw
return TRUE;
}
-static void
+static gboolean
swf_inflate_init (SwfdecSwfDecoder * s)
{
SwfdecDecoder *dec = SWFDEC_DECODER (s);
z_stream *z;
int ret;
+ guint8 *data;
+ data = g_try_malloc (dec->bytes_total - 8);
+ if (data == NULL)
+ return FALSE;
+ s->uncompressed_buffer = swfdec_buffer_new_for_data (data,
dec->bytes_total - 8);
z = &s->z;
z->zalloc = zalloc;
z->zfree = zfree;
ret = inflateInit (z);
SWFDEC_DEBUG ("inflateInit returned %d", ret);
- s->uncompressed_buffer = swfdec_buffer_new_and_alloc (dec->bytes_total
- 8);
z->next_out = s->uncompressed_buffer->data;
z->avail_out = s->uncompressed_buffer->length;
z->opaque = NULL;
+ return TRUE;
}
static int
@@ -168,7 +173,8 @@ swf_parse_header1 (SwfdecSwfDecoder * s)
s->compressed = (sig1 == 'C');
if (s->compressed) {
SWFDEC_DEBUG ("compressed");
- swf_inflate_init (s);
+ if (!swf_inflate_init (s))
+ return SWFDEC_STATUS_ERROR;
} else {
SWFDEC_DEBUG ("not compressed");
}