summaryrefslogtreecommitdiff
path: root/core/fpdfapi/fpdf_parser/include
diff options
context:
space:
mode:
authorthestig <thestig@chromium.org>2016-08-29 10:05:27 -0700
committerCommit bot <commit-bot@chromium.org>2016-08-29 10:05:27 -0700
commita032f7f79c67ddef4db0f44fca8f0d245bfb8e82 (patch)
treebed23df7989999479ea99b94fa21b7a581b75134 /core/fpdfapi/fpdf_parser/include
parent81ee14da357bb8bb141930d96e07a46f6d472720 (diff)
downloadpdfium-a032f7f79c67ddef4db0f44fca8f0d245bfb8e82.tar.xz
Add some limit checks to ReadSharedObjHintTable().
BUG=641444 Review-Url: https://codereview.chromium.org/2283893003
Diffstat (limited to 'core/fpdfapi/fpdf_parser/include')
-rw-r--r--core/fpdfapi/fpdf_parser/include/cpdf_parser.h6
1 files changed, 4 insertions, 2 deletions
diff --git a/core/fpdfapi/fpdf_parser/include/cpdf_parser.h b/core/fpdfapi/fpdf_parser/include/cpdf_parser.h
index 3d2408fad1..5d6d6f93fc 100644
--- a/core/fpdfapi/fpdf_parser/include/cpdf_parser.h
+++ b/core/fpdfapi/fpdf_parser/include/cpdf_parser.h
@@ -34,6 +34,10 @@ class CPDF_Parser {
HANDLER_ERROR
};
+ // A limit on the maximum object number in the xref table. Theoretical limits
+ // are higher, but this may be large enough in practice.
+ static const uint32_t kMaxObjectNumber = 1048576;
+
CPDF_Parser();
~CPDF_Parser();
@@ -170,8 +174,6 @@ class CPDF_Parser {
// All indirect object numbers that are being parsed.
std::set<uint32_t> m_ParsingObjNums;
-
-
};
#endif // CORE_FPDFAPI_FPDF_PARSER_INCLUDE_CPDF_PARSER_H_
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-14 15:19:20 +0000