From 35aff3e7adf6235dd69bcb8cbc5a03947aded863 Mon Sep 17 00:00:00 2001 From: Pauli Jarvinen Date: Wed, 25 Apr 2012 15:02:51 +0300 Subject: Add out-of-memory checks to QImage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some of the methods of QImage crashed on out-of-memory situation as they referred to null pointer if creation of a new QImage instance had failed. Many cases like this were already fixed by commit a041e4eca3467c1baa6245b6fb47def127f30f41 which was a fix for QTBUG-1985, but few cases still remained. Now, all the lines creating a new QImage instance in qimage.cpp have been gone through and sanity checks have been added where it was necessary to avoid immediate crashing. Task-number: ou1cimx1#994957 Change-Id: I1f07e8890bc91de18af075be73b1a06c667f3776 Reviewed-by: Murray Read Reviewed-by: Pasi Pentikäinen --- src/gui/image/qimage.cpp | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/gui/image/qimage.cpp b/src/gui/image/qimage.cpp index 6d59eaa..f8f81e9 100644 --- a/src/gui/image/qimage.cpp +++ b/src/gui/image/qimage.cpp @@ -3942,6 +3942,7 @@ static inline int closestMatch(QRgb pixel, const QVector &clut) { static QImage convertWithPalette(const QImage &src, QImage::Format format, const QVector &clut) { QImage dest(src.size(), format); + QIMAGE_SANITYCHECK_MEMORY(dest); dest.setColorTable(clut); #if !defined(QT_NO_IMAGE_TEXT) @@ -4294,6 +4295,7 @@ QImage QImage::convertBitOrder(Endian bitOrder) const return *this; QImage image(d->width, d->height, d->format == Format_Mono ? Format_MonoLSB : Format_Mono); + QIMAGE_SANITYCHECK_MEMORY(image); const uchar *data = d->data; const uchar *end = data + d->nbytes; @@ -4921,6 +4923,7 @@ QImage QImage::rgbSwapped() const case Format_MonoLSB: case Format_Indexed8: res = copy(); + QIMAGE_SANITYCHECK_MEMORY(res); for (int i = 0; i < res.d->colortable.size(); i++) { QRgb c = res.d->colortable.at(i); res.d->colortable[i] = QRgb(((c << 16) & 0xff0000) | ((c >> 16) & 0xff) | (c & 0xff00ff00)); @@ -6176,6 +6179,10 @@ void QImage::setAlphaChannel(const QImage &alphaChannel) } else { const QImage sourceImage = alphaChannel.convertToFormat(QImage::Format_RGB32); + if (sourceImage.isNull()) { + qWarning("QImage::setAlphaChannel: out of memory"); + return; + } const uchar *src_data = sourceImage.d->data; const uchar *dest_data = d->data; for (int y=0; yheight; QImage image(w, h, Format_Indexed8); + QIMAGE_SANITYCHECK_MEMORY(image); image.setColorCount(256); // set up gray scale table. @@ -6257,6 +6265,7 @@ QImage QImage::alphaChannel() const QImage alpha32 = *this; if (d->format != Format_ARGB32 && d->format != Format_ARGB32_Premultiplied) alpha32 = convertToFormat(Format_ARGB32); + QIMAGE_SANITYCHECK_MEMORY(alpha32); const uchar *src_data = alpha32.d->data; uchar *dest_data = image.d->data; @@ -6400,6 +6409,7 @@ static QImage smoothScaled(const QImage &source, int w, int h) { static QImage rotated90(const QImage &image) { QImage out(image.height(), image.width(), image.format()); + QIMAGE_SANITYCHECK_MEMORY(out); if (image.colorCount() > 0) out.setColorTable(image.colorTable()); int w = image.width(); @@ -6459,6 +6469,7 @@ static QImage rotated180(const QImage &image) { static QImage rotated270(const QImage &image) { QImage out(image.height(), image.width(), image.format()); + QIMAGE_SANITYCHECK_MEMORY(out); if (image.colorCount() > 0) out.setColorTable(image.colorTable()); int w = image.width(); -- cgit v0.12