summaryrefslogtreecommitdiff
path: root/core/fpdfapi
diff options
context:
space:
mode:
authorHenrique Nakashima <hnakashima@chromium.org>2017-12-15 18:41:34 +0000
committerChromium commit bot <commit-bot@chromium.org>2017-12-15 18:41:34 +0000
commit667fa571db51cbd53e012898f11ead7172e9263c (patch)
tree37c9b2d840994a24ad92f951519b762f7aba441d /core/fpdfapi
parent3208356db199098d1110780e138b74b6436deb0b (diff)
downloadpdfium-667fa571db51cbd53e012898f11ead7172e9263c.tar.xz
Validate base color space of Indexed color spaces.chromium/3296
Change-Id: I2c1dbf4fe08396130d2fcecd70e175233316579b Reviewed-on: https://pdfium-review.googlesource.com/21430 Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
Diffstat (limited to 'core/fpdfapi')
-rw-r--r--core/fpdfapi/page/cpdf_colorspace.cpp6
1 files changed, 6 insertions, 0 deletions
diff --git a/core/fpdfapi/page/cpdf_colorspace.cpp b/core/fpdfapi/page/cpdf_colorspace.cpp
index 89d5285878..ea61c1896b 100644
--- a/core/fpdfapi/page/cpdf_colorspace.cpp
+++ b/core/fpdfapi/page/cpdf_colorspace.cpp
@@ -1015,6 +1015,12 @@ bool CPDF_IndexedCS::v_Load(CPDF_Document* pDoc,
if (!m_pBaseCS)
return false;
+ // The base color space cannot be a Pattern or Indexed space, according to the
+ // PDF 1.7 spec, page 263.
+ if (m_pBaseCS->GetFamily() == PDFCS_INDEXED ||
+ m_pBaseCS->GetFamily() == PDFCS_PATTERN)
+ return false;
+
m_pCountedBaseCS = pDocPageData->FindColorSpacePtr(m_pBaseCS->GetArray());
m_nBaseComponents = m_pBaseCS->CountComponents();
m_pCompMinMax = FX_Alloc2D(float, m_nBaseComponents, 2);