diff options
author | dsinclair <dsinclair@chromium.org> | 2016-09-21 12:49:36 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-09-21 12:49:36 -0700 |
commit | c0f60dc29db66262bbc0082fcd51170a570b0d1f (patch) | |
tree | 48b53ab54770ab7dc1766d1f94e2b1cfdc386d43 /core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp | |
parent | 81d92f8ffc5e632ade8c507b8f2e34c5fe3ca902 (diff) | |
download | pdfium-c0f60dc29db66262bbc0082fcd51170a570b0d1f.tar.xz |
Check for overflow in CMap_GetCode.
Given a large enough value for the character code it's possible to overflow
the conversion to an int. This Cl updates the code to guard against overflow.
BUG=chromium:648739
Review-Url: https://codereview.chromium.org/2358023002
Diffstat (limited to 'core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp')
-rw-r--r-- | core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp b/core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp index ccf49ee46a..ec05df5226 100644 --- a/core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp +++ b/core/fpdfapi/fpdf_font/fpdf_font_cid_unittest.cpp @@ -28,6 +28,11 @@ TEST(fpdf_font_cid, CMap_GetCode) { EXPECT_EQ(12u, CPDF_CMapParser::CMap_GetCode("12")); EXPECT_EQ(12u, CPDF_CMapParser::CMap_GetCode("12d")); EXPECT_EQ(128u, CPDF_CMapParser::CMap_GetCode("128")); + + EXPECT_EQ(4294967295u, CPDF_CMapParser::CMap_GetCode("<FFFFFFFF")); + + // Overflow a uint32_t. + EXPECT_EQ(0u, CPDF_CMapParser::CMap_GetCode("<100000000")); } TEST(fpdf_font_cid, CMap_GetCodeRange) { |