[Gnash-commit] /srv/bzr/gnash/trunk r11223: Don't abort for malformed SWFs.

[Benjamin Wolsey]

------------------------------------------------------------
revno: 11223
committer: Benjamin Wolsey <address@hidden>
branch nick: trunk
timestamp: Wed 2009-07-08 10:38:46 +0200
message:
  Don't abort for malformed SWFs.
modified:
  libcore/parser/SWFMovieDefinition.cpp
  libcore/parser/SWFParser.cpp
  libcore/parser/SWFParser.h
  libcore/parser/sprite_definition.cpp
    ------------------------------------------------------------
    revno: 11220.1.1
    committer: Benjamin Wolsey <address@hidden>
    branch nick: work
    timestamp: Wed 2009-07-08 10:12:42 +0200
    message:
      Allow ParserExceptions to be caught by outer catchers when it means a
      stream reading failure. Prevent aborts due to unhandled exceptions for
      malformed SWFs.
    modified:
      libcore/parser/SWFMovieDefinition.cpp
      libcore/parser/SWFParser.cpp
      libcore/parser/SWFParser.h
      libcore/parser/sprite_definition.cpp

=== modified file 'libcore/parser/SWFMovieDefinition.cpp'
--- a/libcore/parser/SWFMovieDefinition.cpp     2009-06-08 15:43:34 +0000
+++ b/libcore/parser/SWFMovieDefinition.cpp     2009-07-08 08:12:42 +0000
@@ -488,23 +488,30 @@
 
     const size_t chunkSize = 65535;
 
-    while (left) {
+    try {
+        while (left) {
 
-        if (_loadingCanceled) {
-            log_debug("Loading thread cancelation requested, "
-                    "returning from read_all_swf");
-            return;
+            if (_loadingCanceled) {
+                log_debug("Loading thread cancelation requested, "
+                        "returning from read_all_swf");
+                return;
+            }
+            if (!parser.read(std::min<size_t>(left, chunkSize))) break;
+            
+            left -= parser.bytesRead();
+            setBytesLoaded(startPos + parser.bytesRead());
         }
-        if (!parser.read(std::min<size_t>(left, chunkSize))) break;
-        
-        left -= parser.bytesRead();
-        setBytesLoaded(startPos + parser.bytesRead());
-    }
 
-       // Make sure we won't leave any pending writers
-       // on any eventual fd-based IOChannel.
-       _str->consumeInput();
+        // Make sure we won't leave any pending writers
+        // on any eventual fd-based IOChannel.
+        _str->consumeInput();
     
+    }
+    catch (const ParserException& e) {
+        // This is a fatal parser error.
+        log_error(_("Error while parsing SWF stream."));
+    }
+
     // Set bytesLoaded to the current stream position unless it's greater
     // than the reported length. TODO: should we be trying to continue
     // parsing after an exception?

=== modified file 'libcore/parser/SWFParser.cpp'
--- a/libcore/parser/SWFParser.cpp      2009-06-15 12:07:43 +0000
+++ b/libcore/parser/SWFParser.cpp      2009-07-08 08:12:42 +0000
@@ -62,16 +62,16 @@
     while (_bytesRead < _endRead) {
         
         const size_t startPos = _stream.tell();
+        
+        // If a tag hasn't been opened, open one and check
+        // how many bytes are needed. The size reported by the
+        // tag seems to be the value used, even when it's wrong.
+        if (!_tagOpen) {
+            _nextTagEnd = openTag() - startPos;
+        }
 
         try {
 
-            // If a tag hasn't been opened, open one and check
-            // how many bytes are needed. The size reported by the
-            // tag seems to be the value used, even when it's wrong.
-            if (!_tagOpen) {
-                _nextTagEnd = openTag() - startPos;
-            }
-         
             // Check if we are now supposed to read enough bytes to get to the
             // end of the tag.   
             if (_nextTagEnd > _endRead) {
@@ -109,8 +109,8 @@
 
         }
         catch (const ParserException& e) {
-            // We continue parsing so that single malformed tags don't
-            // prevent reading subsequent tags.
+            // If the error occurred in a tag, we continue parsing so that
+            // single malformed tags don't prevent reading subsequent tags.
             log_error(_("Parsing exception: %s"), e.what());
         }
 

=== modified file 'libcore/parser/SWFParser.h'
--- a/libcore/parser/SWFParser.h        2009-06-15 11:32:49 +0000
+++ b/libcore/parser/SWFParser.h        2009-07-08 08:12:42 +0000
@@ -43,6 +43,10 @@
 /// the number of bytes read. It does not expose the absolute stream position.
 /// This is intended to make internal refactoring simpler. Users must tell
 /// the SWFParser how many bytes it should read from the stream.
+//
+/// The SWFParser will only deal with ParserExceptions in an open tag.
+/// Exceptions thrown when opening and closing tags signal a fatal error,
+/// and will be left to the callers to deal with.
 class SWFParser
 {
 

=== modified file 'libcore/parser/sprite_definition.cpp'
--- a/libcore/parser/sprite_definition.cpp      2009-06-05 10:36:48 +0000
+++ b/libcore/parser/sprite_definition.cpp      2009-07-08 08:12:42 +0000
@@ -79,6 +79,8 @@
 
     SWFParser parser(in, this, runInfo);
 
+    // This can throw a ParserException; we will let the SWFMovieDefintion
+    // catch it, as a failure means the whole stream is invalid.
     parser.read(tag_end - in.tell());
 
     if (m_frame_count > m_loading_frame) {