summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorfoxit <jun_fang@foxitsoftware.com>2014-06-20 17:03:04 -0700
committerfoxit <jun_fang@foxitsoftware.com>2014-06-20 17:03:04 -0700
commitbda823275ac5a54d688a62e15d406b502b317973 (patch)
treef46024562170cd61bb588f5ee660d3f1c8c40caf
parent3e4b1bc1ac4eb8372a90f95edd69131e54240976 (diff)
downloadpdfium-bda823275ac5a54d688a62e15d406b502b317973.tar.xz
Fix a crash in CFXMEM_FixedMgr::AllocLarge
BUG=382243 R=palmer@chromium.org Review URL: https://codereview.chromium.org/333213002
Diffstat
-rw-r--r--core/src/fxcodec/fx_libopenjpeg/libopenjpeg20/tcd.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/core/src/fxcodec/fx_libopenjpeg/libopenjpeg20/tcd.c b/core/src/fxcodec/fx_libopenjpeg/libopenjpeg20/tcd.c
index 94feb17e4a..c1086755d6 100644
--- a/core/src/fxcodec/fx_libopenjpeg/libopenjpeg20/tcd.c
+++ b/core/src/fxcodec/fx_libopenjpeg/libopenjpeg20/tcd.c
@@ -775,6 +775,8 @@ OPJ_BOOL FUNCTION ( opj_tcd_t *p_tcd, \
/* p. 35, table A-23, ISO/IEC FDIS154444-1 : 2000 (18 august 2000) */ \
l_pdx = l_tccp->prcw[resno]; \
l_pdy = l_tccp->prch[resno]; \
+ if (l_pdx == 0 || l_pdy == 0) \
+ return OPJ_FALSE; \
/*fprintf(stderr, "\t\t\tpdx=%d, pdy=%d\n", l_pdx, l_pdy);*/ \
/* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */ \
l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx; \
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 07:23:20 +0000