Verify image dimentions before using

Verify the provided image size is within bounds before loading. BUG=chromium:639160 Review-Url: https://codereview.chromium.org/2323473002
author: dsinclair <dsinclair@chromium.org> 2016-09-07 13:54:01 -0700
committer: Commit bot <commit-bot@chromium.org> 2016-09-07 13:54:01 -0700
commit: f56d93f8ea1c2145401e99e61cefdbfcb7341229 (patch)
tree: 6d80ab38999c716870132a9bbe5874fd879465a9
parent: b1f5545e34375a5947004ee92cc808b3df9d4a5b (diff)
download: pdfium-f56d93f8ea1c2145401e99e61cefdbfcb7341229.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/core/fpdfapi/fpdf_render/fpdf_render_image.cpp b/core/fpdfapi/fpdf_render/fpdf_render_image.cpp
index e7e9682322..e23cab3546 100644
--- a/core/fpdfapi/fpdf_render/fpdf_render_image.cpp
+++ b/core/fpdfapi/fpdf_render/fpdf_render_image.cpp
@@ -366,6 +366,9 @@ CPDF_ImageRenderer::~CPDF_ImageRenderer() {
 FX_BOOL CPDF_ImageRenderer::StartLoadDIBSource() {
   CFX_FloatRect image_rect_f = m_ImageMatrix.GetUnitRect();
   FX_RECT image_rect = image_rect_f.GetOuterRect();
+  if (!image_rect.Valid())
+    return FALSE;
+
   int dest_width = image_rect.Width();
   int dest_height = image_rect.Height();
   if (m_ImageMatrix.a < 0) {
author	dsinclair <dsinclair@chromium.org>	2016-09-07 13:54:01 -0700
committer	Commit bot <commit-bot@chromium.org>	2016-09-07 13:54:01 -0700
commit	f56d93f8ea1c2145401e99e61cefdbfcb7341229 (patch)
tree	6d80ab38999c716870132a9bbe5874fd879465a9
parent	b1f5545e34375a5947004ee92cc808b3df9d4a5b (diff)
download	pdfium-f56d93f8ea1c2145401e99e61cefdbfcb7341229.tar.xz