diff options
| author | kcwu <kcwu@chromium.org> | 2016-12-16 19:42:30 -0800 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2016-12-16 19:42:30 -0800 |
| commit | da587fab57602e5e10c058e6e632df513fba0c93 (patch) | |
| tree | d8afdd7bfae597a258fb63bb3be657d54a5f6378 | |
| parent | d5b81ce5722398cc8c259d76e7cd1a5ddc2c562f (diff) | |
| download | pdfium-da587fab57602e5e10c058e6e632df513fba0c93.tar.xz | |
lcms: Sanitize floating point readchromium/2956chromium/2955
This is partially backported from upstream
https://github.com/mm2/Little-CMS/commit/4011a6e3
BUG=chromium:665054
Review-Url: https://codereview.chromium.org/2577963007
| -rw-r--r-- | third_party/lcms2-2.6/0015-sanitize-float-read.patch | 15 | ||||
| -rw-r--r-- | third_party/lcms2-2.6/README.pdfium | 2 | ||||
| -rw-r--r-- | third_party/lcms2-2.6/src/cmsplugin.c | 4 |
3 files changed, 20 insertions, 1 deletions
diff --git a/third_party/lcms2-2.6/0015-sanitize-float-read.patch b/third_party/lcms2-2.6/0015-sanitize-float-read.patch new file mode 100644 index 0000000000..70dc7b35cf --- /dev/null +++ b/third_party/lcms2-2.6/0015-sanitize-float-read.patch @@ -0,0 +1,15 @@ +diff --git a/third_party/lcms2-2.6/src/cmsplugin.c b/third_party/lcms2-2.6/src/cmsplugin.c +index b95befb..4ba998b 100644 +--- a/third_party/lcms2-2.6/src/cmsplugin.c ++++ b/third_party/lcms2-2.6/src/cmsplugin.c +@@ -182,7 +182,9 @@ cmsBool CMSEXPORT _cmsReadFloat32Number(cmsIOHANDLER* io, cmsFloat32Number* n) + if (isnan(*n)) + return FALSE; + } +- return TRUE; ++ ++ // fpclassify() required by C99 ++ return (fpclassify(*n) == FP_ZERO) || (fpclassify(*n) == FP_NORMAL); + } + + diff --git a/third_party/lcms2-2.6/README.pdfium b/third_party/lcms2-2.6/README.pdfium index 075d2e0727..c775609e07 100644 --- a/third_party/lcms2-2.6/README.pdfium +++ b/third_party/lcms2-2.6/README.pdfium @@ -25,4 +25,6 @@ Local Modifications: https://github.com/mm2/Little-CMS/commit/c0a98d86 0013-utf8.patch: Encode source files as utf-8. 0014-avoid-fixed-inf.patch: Avoid fixed number LUT optimization on inf values. +0015-sanitize-float-read.patch: Sanitize floating point read. Partially backport + from upstream https://github.com/mm2/Little-CMS/commit/4011a6e3 TODO(ochang): List other patches. diff --git a/third_party/lcms2-2.6/src/cmsplugin.c b/third_party/lcms2-2.6/src/cmsplugin.c index b95befbd96..42c4002b55 100644 --- a/third_party/lcms2-2.6/src/cmsplugin.c +++ b/third_party/lcms2-2.6/src/cmsplugin.c @@ -182,7 +182,9 @@ cmsBool CMSEXPORT _cmsReadFloat32Number(cmsIOHANDLER* io, cmsFloat32Number* n) if (isnan(*n)) return FALSE; } - return TRUE; + + // fpclassify() required by C99 + return (fpclassify(*n) == FP_ZERO) || (fpclassify(*n) == FP_NORMAL); } |