Fix decoding of EMF headers with missing data

hughbe · marek-safar · commit 730bfdc223c3 · 2018-06-14T15:12:37.000+02:00
diff --git a/src/metafile.c b/src/metafile.c
@@ -1348,9 +1348,10 @@ gdip_read_emf_header_optionals (ENHMETAHEADER3 *header, void *pointer, ImageSour
 		/* Header big enough to contain an extension? */
 		if (headerSize >= HeaderExtension1Size)
 		{
+			/* Match GDI+ behaviour where missing header data is set to 0. */
 			HeaderExtension1 extension;
-			if (gdip_read_emf_data (pointer, (BYTE *) &extension, sizeof (HeaderExtension1), source) != sizeof (HeaderExtension1))
-				return OutOfMemory;
+			memset (&extension, 0, sizeof (HeaderExtension1));
+			gdip_read_emf_data (pointer, (BYTE *) &extension, sizeof (HeaderExtension1), source);
 
 			/* Valid pixel format values? */
 			if (extension.offPixelFormat >= HeaderExtension1Size && (extension.offPixelFormat + extension.cbPixelFormat) <= header->nSize)
@@ -1361,19 +1362,6 @@ gdip_read_emf_header_optionals (ENHMETAHEADER3 *header, void *pointer, ImageSour
 			}
 		}
 	}
-	
-	int sizeToRead = originalHeaderSize - headerSize;
-	if (sizeToRead > 0) {
-		while (sizeToRead > sizeof (DWORD)) {
-			if (gdip_read_emf_data (pointer, (void*) &key, sizeof (DWORD), source) != sizeof (DWORD))
-				return OutOfMemory;
-			sizeToRead -= sizeof (DWORD);
-		}
-		if (sizeToRead > 0) {
-			if (gdip_read_emf_data (pointer, (void*) &key, sizeToRead, source) != sizeToRead)
-				return OutOfMemory;
-		}
-	}
 
 	header->nSize = headerSize;
 	return Ok;
@@ -1435,11 +1423,14 @@ g_warning ("ALDUS_PLACEABLE_METAFILE key %d, hmf %d, L %d, T %d, R %d, B %d, inc
 		status = combine_headers (NULL, header);
 		break;
 	case EMF_EMR_HEADER_KEY:
-		emf = &(header->Header.Emf);
+		emf = &header->Header.Emf;
 		emf->iType = key;
+
+		/* Match GDI+ behaviour where missing header data is set to 0. */
 		size = sizeof (ENHMETAHEADER3) - size;
-		if (gdip_read_emf_data (pointer, (BYTE*)(&header->Header.Emf) + sizeof (DWORD), size, source) != size)
-			return OutOfMemory;
+		memset ((BYTE *) emf + sizeof (DWORD), 0, size);
+		gdip_read_emf_data (pointer, (BYTE *) emf + sizeof (DWORD), size, source);
+
 		EnhMetaHeaderLE (&header->Header.Emf);
 
 #ifdef DEBUG_METAFILE
diff --git a/tests/testemfcodec.c b/tests/testemfcodec.c
@@ -359,7 +359,6 @@ static void test_valid ()
 
 		/* EMR_EOF */       0x0E, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6C, 0x00, 0x00, 0x00
 	};
-#if defined(USE_WINDOWS_GDIPLUS)
 	BYTE shortMillimetres[] = {
 		/* EMR_HEADER */    0x01, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00,
 		/* Bounds */        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x57, 0x00, 0x00, 0x00, 0x5D, 0x00, 0x00, 0x00,
@@ -376,7 +375,6 @@ static void test_valid ()
 		/* Device */        0xA0, 0x05, 0x00, 0x00, 0x84, 0x03, 0x00, 0x00,
 		/* Millimetres */   0xD8, 0x00, 0x00, 0x00, 0x6C, 0x00, 0x00
 	};
-#endif
 	BYTE invalidPixelFormat[] = {
 		/* EMR_HEADER */     0x01, 0x00, 0x00, 0x00, 0x64, 0x00, 0x00, 0x00,
 		/* Bounds */         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x57, 0x00, 0x00, 0x00, 0x5D, 0x00, 0x00, 0x00,
@@ -463,7 +461,6 @@ static void test_valid ()
 
 		/* EMR_EOF */        0x0E, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6C, 0x00, 0x00, 0x00
 	};
-#if defined(USE_WINDOWS_GDIPLUS)
 	BYTE noRecords[] = {
 		/* EMR_HEADER */    0x01, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00,
 		/* Bounds */        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x57, 0x00, 0x00, 0x00, 0x5D, 0x00, 0x00, 0x00,
@@ -624,7 +621,6 @@ static void test_valid ()
 		/* bOpenGL */        0x00, 0x00, 0x00, 0x00,
 		/* Micrometers */    0xC0, 0x4B, 0x03, 0x00, 0xD8, 0x41, 0x04
 	};
-#endif
 	BYTE tooLargeFileSize[] = {
 		/* EMR_HEADER */    0x01, 0x00, 0x00, 0x00, 0x58, 0x00, 0x00, 0x00,
 		/* Bounds */        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x57, 0x00, 0x00, 0x00, 0x5D, 0x00, 0x00, 0x00,
@@ -661,16 +657,11 @@ static void test_valid ()
 	createFileSuccess (nonZeroReserved, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (invalidDescription, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (invalidPalEntries, 14, 20, 50, 18, 750, 216);
-	// FIXME: GDI+ allows 4 bytes off the size of Millimetres.
-#if defined(USE_WINDOWS_GDIPLUS)
 	createFileSuccess (shortMillimetres, 14, 20, 50, 18, 750, 216);
-#endif
 	createFileSuccess (invalidPixelFormat, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (invalidOpenGL, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (zeroMicrometresWidth, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (zeroMicrometresHeight, 14, 20, 50, 18, 750, 216);
-	// FIXME: GDI+ allows short header extensions.
-#if defined(USE_WINDOWS_GDIPLUS)
 	createFileSuccess (noRecords, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (noCbPixelFormat, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (shortCbPixelFormat, 14, 20, 50, 18, 750, 216);
@@ -680,7 +671,6 @@ static void test_valid ()
 	createFileSuccess (shortOpenGL, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (noMicrometers, 14, 20, 50, 18, 750, 216);
 	createFileSuccess (shortMicrometers, 14, 20, 50, 18, 750, 216);
-#endif
 	createFileSuccess (tooLargeFileSize, 14, 20, 50, 18, 750, 216);
 }
 
