Commit b0e34486fd380249585cec070bd4829c6aeb5513
1 parent
a496dbe8
Rename Pl_Flate::setMemoryLimit to memory_limit and add accessor
Showing
8 changed files
with
21 additions
and
13 deletions
fuzz/qpdf_crypt_fuzzer.cc
| @@ -111,7 +111,7 @@ FuzzHelper::doChecks() | @@ -111,7 +111,7 @@ FuzzHelper::doChecks() | ||
| 111 | Pl_PNGFilter::setMemoryLimit(1'000'000); | 111 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 112 | Pl_RunLength::setMemoryLimit(1'000'000); | 112 | Pl_RunLength::setMemoryLimit(1'000'000); |
| 113 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); | 113 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 114 | - Pl_Flate::setMemoryLimit(200'000); | 114 | + Pl_Flate::memory_limit(200'000); |
| 115 | 115 | ||
| 116 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without | 116 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 117 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | 117 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. |
fuzz/qpdf_crypt_insecure_fuzzer.cc
| @@ -111,7 +111,7 @@ FuzzHelper::doChecks() | @@ -111,7 +111,7 @@ FuzzHelper::doChecks() | ||
| 111 | Pl_PNGFilter::setMemoryLimit(1'000'000); | 111 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 112 | Pl_RunLength::setMemoryLimit(1'000'000); | 112 | Pl_RunLength::setMemoryLimit(1'000'000); |
| 113 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); | 113 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 114 | - Pl_Flate::setMemoryLimit(200'000); | 114 | + Pl_Flate::memory_limit(200'000); |
| 115 | 115 | ||
| 116 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without | 116 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 117 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | 117 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. |
fuzz/qpdf_fuzzer.cc
| @@ -109,7 +109,7 @@ FuzzHelper::doChecks() | @@ -109,7 +109,7 @@ FuzzHelper::doChecks() | ||
| 109 | Pl_PNGFilter::setMemoryLimit(1'000'000); | 109 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 110 | Pl_RunLength::setMemoryLimit(1'000'000); | 110 | Pl_RunLength::setMemoryLimit(1'000'000); |
| 111 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); | 111 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 112 | - Pl_Flate::setMemoryLimit(200'000); | 112 | + Pl_Flate::memory_limit(200'000); |
| 113 | 113 | ||
| 114 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without | 114 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 115 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | 115 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. |
fuzz/qpdf_lin_fuzzer.cc
| @@ -110,7 +110,7 @@ FuzzHelper::doChecks() | @@ -110,7 +110,7 @@ FuzzHelper::doChecks() | ||
| 110 | Pl_PNGFilter::setMemoryLimit(1'000'000); | 110 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 111 | Pl_RunLength::setMemoryLimit(1'000'000); | 111 | Pl_RunLength::setMemoryLimit(1'000'000); |
| 112 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); | 112 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 113 | - Pl_Flate::setMemoryLimit(200'000); | 113 | + Pl_Flate::memory_limit(200'000); |
| 114 | 114 | ||
| 115 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without | 115 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 116 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | 116 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. |
fuzz/qpdf_outlines_fuzzer.cc
| @@ -87,7 +87,7 @@ FuzzHelper::doChecks() | @@ -87,7 +87,7 @@ FuzzHelper::doChecks() | ||
| 87 | Pl_PNGFilter::setMemoryLimit(1'000'000); | 87 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 88 | Pl_RunLength::setMemoryLimit(1'000'000); | 88 | Pl_RunLength::setMemoryLimit(1'000'000); |
| 89 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); | 89 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 90 | - Pl_Flate::setMemoryLimit(200'000); | 90 | + Pl_Flate::memory_limit(200'000); |
| 91 | 91 | ||
| 92 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without | 92 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 93 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | 93 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. |
fuzz/qpdf_pages_fuzzer.cc
| @@ -108,7 +108,7 @@ FuzzHelper::doChecks() | @@ -108,7 +108,7 @@ FuzzHelper::doChecks() | ||
| 108 | Pl_PNGFilter::setMemoryLimit(1'000'000); | 108 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 109 | Pl_RunLength::setMemoryLimit(1'000'000); | 109 | Pl_RunLength::setMemoryLimit(1'000'000); |
| 110 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); | 110 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 111 | - Pl_Flate::setMemoryLimit(200'000); | 111 | + Pl_Flate::memory_limit(200'000); |
| 112 | 112 | ||
| 113 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without | 113 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 114 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | 114 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. |
include/qpdf/Pl_Flate.hh
| @@ -48,7 +48,9 @@ class QPDF_DLL_CLASS Pl_Flate: public Pipeline | @@ -48,7 +48,9 @@ class QPDF_DLL_CLASS Pl_Flate: public Pipeline | ||
| 48 | // Limit the memory used. | 48 | // Limit the memory used. |
| 49 | // NB This is a static option affecting all Pl_Flate instances. | 49 | // NB This is a static option affecting all Pl_Flate instances. |
| 50 | QPDF_DLL | 50 | QPDF_DLL |
| 51 | - static void setMemoryLimit(unsigned long long limit); | 51 | + static unsigned long long memory_limit(); |
| 52 | + QPDF_DLL | ||
| 53 | + static void memory_limit(unsigned long long limit); | ||
| 52 | 54 | ||
| 53 | QPDF_DLL | 55 | QPDF_DLL |
| 54 | void write(unsigned char const* data, size_t len) override; | 56 | void write(unsigned char const* data, size_t len) override; |
libqpdf/Pl_Flate.cc
| @@ -14,7 +14,7 @@ | @@ -14,7 +14,7 @@ | ||
| 14 | 14 | ||
| 15 | namespace | 15 | namespace |
| 16 | { | 16 | { |
| 17 | - unsigned long long memory_limit{0}; | 17 | + unsigned long long memory_limit_{0}; |
| 18 | } // namespace | 18 | } // namespace |
| 19 | 19 | ||
| 20 | int Pl_Flate::compression_level = Z_DEFAULT_COMPRESSION; | 20 | int Pl_Flate::compression_level = Z_DEFAULT_COMPRESSION; |
| @@ -80,10 +80,16 @@ Pl_Flate::~Pl_Flate() // NOLINT (modernize-use-equals-default) | @@ -80,10 +80,16 @@ Pl_Flate::~Pl_Flate() // NOLINT (modernize-use-equals-default) | ||
| 80 | // Must be explicit and not inline -- see QPDF_DLL_CLASS in README-maintainer | 80 | // Must be explicit and not inline -- see QPDF_DLL_CLASS in README-maintainer |
| 81 | } | 81 | } |
| 82 | 82 | ||
| 83 | +unsigned long long | ||
| 84 | +Pl_Flate::memory_limit() | ||
| 85 | +{ | ||
| 86 | + return memory_limit_; | ||
| 87 | +} | ||
| 88 | + | ||
| 83 | void | 89 | void |
| 84 | -Pl_Flate::setMemoryLimit(unsigned long long limit) | 90 | +Pl_Flate::memory_limit(unsigned long long limit) |
| 85 | { | 91 | { |
| 86 | - memory_limit = limit; | 92 | + memory_limit_ = limit; |
| 87 | } | 93 | } |
| 88 | 94 | ||
| 89 | void | 95 | void |
| @@ -197,9 +203,9 @@ Pl_Flate::handleData(unsigned char const* data, size_t len, int flush) | @@ -197,9 +203,9 @@ Pl_Flate::handleData(unsigned char const* data, size_t len, int flush) | ||
| 197 | } | 203 | } |
| 198 | uLong ready = QIntC::to_ulong(m->out_bufsize - zstream.avail_out); | 204 | uLong ready = QIntC::to_ulong(m->out_bufsize - zstream.avail_out); |
| 199 | if (ready > 0) { | 205 | if (ready > 0) { |
| 200 | - if (memory_limit && m->action != a_deflate) { | 206 | + if (memory_limit_ && m->action != a_deflate) { |
| 201 | m->written += ready; | 207 | m->written += ready; |
| 202 | - if (m->written > memory_limit) { | 208 | + if (m->written > memory_limit_) { |
| 203 | throw std::runtime_error("PL_Flate memory limit exceeded"); | 209 | throw std::runtime_error("PL_Flate memory limit exceeded"); |
| 204 | } | 210 | } |
| 205 | } | 211 | } |
| @@ -220,7 +226,7 @@ Pl_Flate::handleData(unsigned char const* data, size_t len, int flush) | @@ -220,7 +226,7 @@ Pl_Flate::handleData(unsigned char const* data, size_t len, int flush) | ||
| 220 | void | 226 | void |
| 221 | Pl_Flate::finish() | 227 | Pl_Flate::finish() |
| 222 | { | 228 | { |
| 223 | - if (m->written > memory_limit) { | 229 | + if (m->written > memory_limit_) { |
| 224 | throw std::runtime_error("PL_Flate memory limit exceeded"); | 230 | throw std::runtime_error("PL_Flate memory limit exceeded"); |
| 225 | } | 231 | } |
| 226 | try { | 232 | try { |