da2a27ef05
This re-introduces a feature of the obsolete system-specific libjpeg
memory managers-- namely the ability to limit the amount of main memory
used by the library during decompression or multi-pass compression.
This is mainly beneficial for two reasons:
- Works around a 2 GB limit in libFuzzer
- Allows security-sensitive applications to set a memory limit for the
JPEG decoder so as to work around the progressive JPEG exploit
(LJT-01-004) described here:
http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
This commit also removes obsolete documentation regarding the MS-DOS
memory manager (which itself was removed long ago) and changes the
documentation of the -maxmemory switch and JPEGMEM environment variable
to reflect the fact that backing stores are never used in libjpeg-turbo.
Inspired by:
066fee2e7d
Closes #143
116 lines
2.8 KiB
C
116 lines
2.8 KiB
C
/*
|
|
* jmemnobs.c
|
|
*
|
|
* This file was part of the Independent JPEG Group's software:
|
|
* Copyright (C) 1992-1996, Thomas G. Lane.
|
|
* libjpeg-turbo Modifications:
|
|
* Copyright (C) 2017, D. R. Commander.
|
|
* For conditions of distribution and use, see the accompanying README.ijg
|
|
* file.
|
|
*
|
|
* This file provides a really simple implementation of the system-
|
|
* dependent portion of the JPEG memory manager. This implementation
|
|
* assumes that no backing-store files are needed: all required space
|
|
* can be obtained from malloc().
|
|
* This is very portable in the sense that it'll compile on almost anything,
|
|
* but you'd better have lots of main memory (or virtual memory) if you want
|
|
* to process big images.
|
|
*/
|
|
|
|
#define JPEG_INTERNALS
|
|
#include "jinclude.h"
|
|
#include "jpeglib.h"
|
|
#include "jmemsys.h" /* import the system-dependent declarations */
|
|
|
|
#ifndef HAVE_STDLIB_H /* <stdlib.h> should declare malloc(),free() */
|
|
extern void *malloc (size_t size);
|
|
extern void free (void *ptr);
|
|
#endif
|
|
|
|
|
|
/*
|
|
* Memory allocation and freeing are controlled by the regular library
|
|
* routines malloc() and free().
|
|
*/
|
|
|
|
GLOBAL(void *)
|
|
jpeg_get_small (j_common_ptr cinfo, size_t sizeofobject)
|
|
{
|
|
return (void *) malloc(sizeofobject);
|
|
}
|
|
|
|
GLOBAL(void)
|
|
jpeg_free_small (j_common_ptr cinfo, void *object, size_t sizeofobject)
|
|
{
|
|
free(object);
|
|
}
|
|
|
|
|
|
/*
|
|
* "Large" objects are treated the same as "small" ones.
|
|
*/
|
|
|
|
GLOBAL(void *)
|
|
jpeg_get_large (j_common_ptr cinfo, size_t sizeofobject)
|
|
{
|
|
return (void *) malloc(sizeofobject);
|
|
}
|
|
|
|
GLOBAL(void)
|
|
jpeg_free_large (j_common_ptr cinfo, void *object, size_t sizeofobject)
|
|
{
|
|
free(object);
|
|
}
|
|
|
|
|
|
/*
|
|
* This routine computes the total memory space available for allocation.
|
|
*/
|
|
|
|
GLOBAL(size_t)
|
|
jpeg_mem_available (j_common_ptr cinfo, size_t min_bytes_needed,
|
|
size_t max_bytes_needed, size_t already_allocated)
|
|
{
|
|
if (cinfo->mem->max_memory_to_use) {
|
|
if (cinfo->mem->max_memory_to_use > already_allocated)
|
|
return cinfo->mem->max_memory_to_use - already_allocated;
|
|
else
|
|
return 0;
|
|
} else {
|
|
/* Here we always say, "we got all you want bud!" */
|
|
return max_bytes_needed;
|
|
}
|
|
}
|
|
|
|
|
|
/*
|
|
* Backing store (temporary file) management.
|
|
* Since jpeg_mem_available always promised the moon,
|
|
* this should never be called and we can just error out.
|
|
*/
|
|
|
|
GLOBAL(void)
|
|
jpeg_open_backing_store (j_common_ptr cinfo, backing_store_ptr info,
|
|
long total_bytes_needed)
|
|
{
|
|
ERREXIT(cinfo, JERR_NO_BACKING_STORE);
|
|
}
|
|
|
|
|
|
/*
|
|
* These routines take care of any system-dependent initialization and
|
|
* cleanup required. Here, there isn't any.
|
|
*/
|
|
|
|
GLOBAL(long)
|
|
jpeg_mem_init (j_common_ptr cinfo)
|
|
{
|
|
return 0; /* just set max_memory_to_use to 0 */
|
|
}
|
|
|
|
GLOBAL(void)
|
|
jpeg_mem_term (j_common_ptr cinfo)
|
|
{
|
|
/* no work */
|
|
}
|