diff options
author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-01-21 15:47:44 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-01-21 15:56:16 +0100 |
commit | 8dd8df90b968ec9429bffd1dd8ae0299531a47d4 (patch) | |
tree | 7726d8b28355eb180517a391519f0dd9b5ed6ad3 | |
parent | 87bef3e99e30c47435b7dff37c098c9d99965d22 (diff) | |
download | UXP-8dd8df90b968ec9429bffd1dd8ae0299531a47d4.tar UXP-8dd8df90b968ec9429bffd1dd8ae0299531a47d4.tar.gz UXP-8dd8df90b968ec9429bffd1dd8ae0299531a47d4.tar.lz UXP-8dd8df90b968ec9429bffd1dd8ae0299531a47d4.tar.xz UXP-8dd8df90b968ec9429bffd1dd8ae0299531a47d4.zip |
Check for contiguous buffer state.
When we are reading large image data (i.e.: people using webp to stream
video instead of the native webm format; I'm looking at you, Giphy!)
we can run into the situation where the available data is not in a
contiguous buffer, and we need to either buffer additional data or
re-buffer from the start. If we don't do this, we can run into issues
because of buffer over-reading (causing corrupted data if allocated or
more likely crashes if not allocated).
Re-buffering is expensive, but this should be rare and limited to
dealing with unintended use for animated image formats.
This resolves #940.
-rw-r--r-- | image/SourceBuffer.h | 7 | ||||
-rw-r--r-- | image/decoders/nsWebPDecoder.cpp | 4 |
2 files changed, 11 insertions, 0 deletions
diff --git a/image/SourceBuffer.h b/image/SourceBuffer.h index 64727e65e..6f2c74d33 100644 --- a/image/SourceBuffer.h +++ b/image/SourceBuffer.h @@ -174,6 +174,13 @@ public: return mState == READY ? mData.mIterating.mNextReadLength : 0; } + /// If we're ready to read, returns whether or not everything available thus + /// far has been in the same contiguous buffer. + bool IsContiguous() const { + MOZ_ASSERT(mState == READY, "Calling IsContiguous() in the wrong state"); + return mState == READY ? mData.mIterating.mChunk == 0 : false; + } + /// @return a count of the chunks we've advanced through. uint32_t ChunkCount() const { return mChunkCount; } diff --git a/image/decoders/nsWebPDecoder.cpp b/image/decoders/nsWebPDecoder.cpp index 4f3cc8b2a..3181e3a3a 100644 --- a/image/decoders/nsWebPDecoder.cpp +++ b/image/decoders/nsWebPDecoder.cpp @@ -144,6 +144,10 @@ nsWebPDecoder::UpdateBuffer(SourceBufferIterator& aIterator, switch (aState) { case SourceBufferIterator::READY: + if(!aIterator.IsContiguous()) { + //We need to buffer. This should be rare, but expensive. + break; + } if (!mData) { // For as long as we hold onto an iterator, we know the data pointers // to the chunks cannot change underneath us, so save the pointer to |