diff options
| -rw-r--r-- | external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk | 1 | ||||
| -rw-r--r-- | external/jpeg-turbo/jpeg-turbo.limits.patch.1 | 46 | ||||
| -rw-r--r-- | sd/source/core/sdpage.cxx | 5 | ||||
| -rw-r--r-- | vcl/workben/commonfuzzer.hxx | 1 | ||||
| -rw-r--r-- | vcl/workben/fftester.cxx | 1 |
5 files changed, 54 insertions, 0 deletions
diff --git a/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk b/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk index 5fdc5e4cc8d1..222ce407f1a3 100644 --- a/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk +++ b/external/jpeg-turbo/UnpackedTarball_jpeg-turbo.mk @@ -18,6 +18,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,jpeg-turbo,\ $(if $(filter WNT,$(OS)),external/jpeg-turbo/jpeg-turbo.win_build.patch.1) \ external/jpeg-turbo/jpeg-turbo.arm_build.patch.1 \ external/jpeg-turbo/ubsan.patch \ + external/jpeg-turbo/jpeg-turbo.limits.patch.1 \ )) # vim: set noet sw=4 ts=4: diff --git a/external/jpeg-turbo/jpeg-turbo.limits.patch.1 b/external/jpeg-turbo/jpeg-turbo.limits.patch.1 new file mode 100644 index 000000000000..f78fd4b3253a --- /dev/null +++ b/external/jpeg-turbo/jpeg-turbo.limits.patch.1 @@ -0,0 +1,46 @@ +From 066fee2e7d6834f24838bc1896aa38ca77209e3c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com> +Date: Thu, 16 Mar 2017 15:53:53 +0000 +Subject: [PATCH] honor max_memory_to_use if its set + +I'd like to use JPEGMEM to limit memory that libjpeg will allocation +to reject sizes that would the default 2G limit under asan while +fuzzing LibreOffice's jpeg integration +--- + jmemnobs.c | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/jmemnobs.c b/jmemnobs.c +index 5797198..c7dc560 100644 +--- a/jmemnobs.c ++++ b/jmemnobs.c +@@ -66,14 +66,24 @@ jpeg_free_large (j_common_ptr cinfo, void *object, size_t sizeofobject) + + /* + * This routine computes the total memory space available for allocation. +- * Here we always say, "we got all you want bud!" + */ + + GLOBAL(size_t) + jpeg_mem_available (j_common_ptr cinfo, size_t min_bytes_needed, + size_t max_bytes_needed, size_t already_allocated) + { +- return max_bytes_needed; ++ if (!cinfo->mem->max_memory_to_use) ++ { ++ /* Here we always say, "we got all you want bud!" */ ++ return max_bytes_needed; ++ } ++ ++ if (cinfo->mem->max_memory_to_use - already_allocated >= max_bytes_needed) ++ { ++ return max_bytes_needed; ++ } ++ ++ return cinfo->mem->max_memory_to_use - already_allocated; + } + + +-- +2.9.3 + diff --git a/sd/source/core/sdpage.cxx b/sd/source/core/sdpage.cxx index d74dccf36efd..740bcb2554a5 100644 --- a/sd/source/core/sdpage.cxx +++ b/sd/source/core/sdpage.cxx @@ -49,6 +49,7 @@ #include <svx/sdr/contact/displayinfo.hxx> #include <svx/svditer.hxx> #include <svx/svdlayer.hxx> +#include <com/sun/star/animations/XAnimationNode.hpp> #include <com/sun/star/xml/dom/XNode.hpp> #include <com/sun/star/xml/dom/XNodeList.hpp> #include <com/sun/star/xml/dom/XNamedNodeMap.hpp> @@ -148,6 +149,10 @@ SdPage::~SdPage() EndListenOutlineText(); + fprintf(stderr, "on dtor %p, have %p\n", this, mxAnimationNode.get()); + + mxAnimationNode.clear(); + delete mpItems; Clear(); diff --git a/vcl/workben/commonfuzzer.hxx b/vcl/workben/commonfuzzer.hxx index d8c14b2b2acc..ee8df4b79e12 100644 --- a/vcl/workben/commonfuzzer.hxx +++ b/vcl/workben/commonfuzzer.hxx @@ -78,6 +78,7 @@ extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) __lsan_disable(); setenv("SAL_USE_VCLPLUGIN", "svp", 1); + setenv("JPEGMEM", "1024M", 1); setenv("SAL_WMF_COMPLEXCLIP_VIA_REGION", "1", 1); setenv("SAL_DISABLE_PRINTERLIST", "1", 1); diff --git a/vcl/workben/fftester.cxx b/vcl/workben/fftester.cxx index 1007d238cce2..50e8995b25d1 100644 --- a/vcl/workben/fftester.cxx +++ b/vcl/workben/fftester.cxx @@ -102,6 +102,7 @@ SAL_IMPLEMENT_MAIN_WITH_ARGS(argc, argv) utl::ConfigManager::EnableAvoidConfig(); InitVCL(); + setenv("JPEGMEM", "1024M", 1); setenv("SAL_WMF_COMPLEXCLIP_VIA_REGION", "1", 1); setenv("SAL_DISABLE_PRINTERLIST", "1", 1); |