diff options
author | Nicolas Pena <npm@chromium.org> | 2017-05-05 16:27:37 -0400 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2017-05-05 20:39:51 +0000 |
commit | 9bdbc16e3c8f30e32a1f399543d04ac5b1e9c97c (patch) | |
tree | 5403e09008c0287f6523867fecfc4acef1595793 | |
parent | c2bf27fff9e2316b9daee92266e70eac3ef5979b (diff) | |
download | pdfium-9bdbc16e3c8f30e32a1f399543d04ac5b1e9c97c.tar.xz |
Fix undefined shift in opj_bio_read
Bug: chromium:666683
Change-Id: I1c633d82e9ef75dd99ef032b4fc46fe8d3651cd1
Reviewed-on: https://pdfium-review.googlesource.com/5050
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
-rw-r--r-- | third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch | 13 | ||||
-rw-r--r-- | third_party/libopenjpeg20/README.pdfium | 1 | ||||
-rw-r--r-- | third_party/libopenjpeg20/bio.c | 2 |
3 files changed, 16 insertions, 0 deletions
diff --git a/third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch b/third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch new file mode 100644 index 0000000000..22188bef99 --- /dev/null +++ b/third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch @@ -0,0 +1,13 @@ +diff --git a/third_party/libopenjpeg20/bio.c b/third_party/libopenjpeg20/bio.c +index e4edb3724..e51d0e2b4 100644 +--- a/third_party/libopenjpeg20/bio.c ++++ b/third_party/libopenjpeg20/bio.c +@@ -162,6 +162,8 @@ OPJ_UINT32 opj_bio_read(opj_bio_t *bio, OPJ_UINT32 n) { + OPJ_UINT32 i; + OPJ_UINT32 v; + v = 0; ++ if (n > 32) ++ n = 32; + for (i = n - 1; i < n; i--) { + v += opj_bio_getbit(bio) << i; + } diff --git a/third_party/libopenjpeg20/README.pdfium b/third_party/libopenjpeg20/README.pdfium index a75de2cca1..d73c72b827 100644 --- a/third_party/libopenjpeg20/README.pdfium +++ b/third_party/libopenjpeg20/README.pdfium @@ -40,4 +40,5 @@ Local Modifications: 0028-upstream-check-size-in-opj_j2k_read_siz.patch: upstream patch in j2k.c. 0029-avoid-division-by-0: fix some /0 and %0 in pi.c (caused by bad shifts). 0030-undefined-shift-opj_get_all_encoding_parameters.patch: fix undefined shift in pi.c method. +0031-undefined-shift-opj_bio_read.patch: fix undefined shift in bio.c method. TODO(thestig): List all the other patches. diff --git a/third_party/libopenjpeg20/bio.c b/third_party/libopenjpeg20/bio.c index e4edb3724e..e51d0e2b46 100644 --- a/third_party/libopenjpeg20/bio.c +++ b/third_party/libopenjpeg20/bio.c @@ -162,6 +162,8 @@ OPJ_UINT32 opj_bio_read(opj_bio_t *bio, OPJ_UINT32 n) { OPJ_UINT32 i; OPJ_UINT32 v; v = 0; + if (n > 32) + n = 32; for (i = n - 1; i < n; i--) { v += opj_bio_getbit(bio) << i; } |