summaryrefslogtreecommitdiff
path: root/core/fxge
diff options
context:
space:
mode:
authorNicolas Pena <npm@chromium.org>2017-02-14 11:56:37 -0500
committerChromium commit bot <commit-bot@chromium.org>2017-02-14 18:28:22 +0000
commit7d4ccd7b5dd9ebb14e97ad35fb3bc093225b939a (patch)
tree9641facfa872657211574ed6ccd6dad0645fff53 /core/fxge
parent940f559b985d4a742c21b21cb077a232e44dd289 (diff)
downloadpdfium-7d4ccd7b5dd9ebb14e97ad35fb3bc093225b939a.tar.xz
Prevent heap-buffer-overflow in CCodec_ProgressiveDecoder
In CCodec_ProgressiveDecoder::GifInputRecordPositionBufCallback, m_pSrcPalette can be allocated size pal_num. So if pal_index >= pal_num, then bail out. BUG=691278 Change-Id: Ib0157cf51cbf52ecd5d60b027e5fc32898a906ed Reviewed-on: https://pdfium-review.googlesource.com/2699 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
Diffstat (limited to 'core/fxge')
0 files changed, 0 insertions, 0 deletions