summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOliver Chang <ochang@chromium.org>2016-01-15 14:43:43 -0800
committerOliver Chang <ochang@chromium.org>2016-01-15 14:43:43 -0800
commit7a0f441e1410b3a0d97374c00c4007552d7dd27a (patch)
tree7eb1d76bf021bfb87d42069c96209776f42ddd90
parent199e56432353c68a9bac9061cbdae1f9b700fbe5 (diff)
downloadpdfium-7a0f441e1410b3a0d97374c00c4007552d7dd27a.tar.xz
openjpeg: Set proper upper bound for an array in opj_pi_update_decode_poc().
R=tsepez@chromium.org BUG=571480 Review URL: https://codereview.chromium.org/1583233008 .
-rw-r--r--third_party/libopenjpeg20/0010-pi_update_decode_poc.patch13
-rw-r--r--third_party/libopenjpeg20/README.pdfium1
-rw-r--r--third_party/libopenjpeg20/pi.c2
3 files changed, 15 insertions, 1 deletions
diff --git a/third_party/libopenjpeg20/0010-pi_update_decode_poc.patch b/third_party/libopenjpeg20/0010-pi_update_decode_poc.patch
new file mode 100644
index 0000000000..d596b76b8f
--- /dev/null
+++ b/third_party/libopenjpeg20/0010-pi_update_decode_poc.patch
@@ -0,0 +1,13 @@
+diff --git a/third_party/libopenjpeg20/pi.c b/third_party/libopenjpeg20/pi.c
+index 462e07c..9097e31 100644
+--- a/third_party/libopenjpeg20/pi.c
++++ b/third_party/libopenjpeg20/pi.c
+@@ -1028,7 +1028,7 @@ static void opj_pi_update_decode_poc (opj_pi_iterator_t * p_pi,
+ l_current_pi->poc.precno0 = 0;
+ l_current_pi->poc.resno1 = l_current_poc->resno1; /* Resolution Level Index #0 (End) */
+ l_current_pi->poc.compno1 = l_current_poc->compno1; /* Component Index #0 (End) */
+- l_current_pi->poc.layno1 = l_current_poc->layno1; /* Layer Index #0 (End) */
++ l_current_pi->poc.layno1 = opj_uint_min(l_current_poc->layno1, p_tcp->numlayers); /* Layer Index #0 (End) */
+ l_current_pi->poc.precno1 = p_max_precision;
+ ++l_current_pi;
+ ++l_current_poc;
diff --git a/third_party/libopenjpeg20/README.pdfium b/third_party/libopenjpeg20/README.pdfium
index b5c93f8fe3..c4d89769a3 100644
--- a/third_party/libopenjpeg20/README.pdfium
+++ b/third_party/libopenjpeg20/README.pdfium
@@ -19,4 +19,5 @@ Local Modifications:
0007-jp2_read_cmap.patch: Fix wrong rendering on greyscale images with index colorspace.
0008-jp2_check_color.patch: Replace an assertion with returning false.
0009-opj_pi_next.patch: Fix potential bad precno value in opj_pi_next* functions.
+0010-pi_update_decode_poc.patch: Set proper upper bound for an array in opj_pi_update_decode_poc().
TODO(thestig): List all the other patches.
diff --git a/third_party/libopenjpeg20/pi.c b/third_party/libopenjpeg20/pi.c
index 462e07c836..9097e31a0e 100644
--- a/third_party/libopenjpeg20/pi.c
+++ b/third_party/libopenjpeg20/pi.c
@@ -1028,7 +1028,7 @@ static void opj_pi_update_decode_poc (opj_pi_iterator_t * p_pi,
l_current_pi->poc.precno0 = 0;
l_current_pi->poc.resno1 = l_current_poc->resno1; /* Resolution Level Index #0 (End) */
l_current_pi->poc.compno1 = l_current_poc->compno1; /* Component Index #0 (End) */
- l_current_pi->poc.layno1 = l_current_poc->layno1; /* Layer Index #0 (End) */
+ l_current_pi->poc.layno1 = opj_uint_min(l_current_poc->layno1, p_tcp->numlayers); /* Layer Index #0 (End) */
l_current_pi->poc.precno1 = p_max_precision;
++l_current_pi;
++l_current_poc;