SEGV in CFX_BaseSegmentedArray::Iterate() when CS has malformed dictionary.

Failure to check document-controlled value before using it. BUG=481363 R=palmer@chromium.org, thestig@chromium.org Review URL: https://codereview.chromium.org/1110653002
author: Tom Sepez <tsepez@chromium.org> 2015-04-27 13:24:03 -0700
committer: Tom Sepez <tsepez@chromium.org> 2015-04-27 13:24:03 -0700
commit: bb93b0ba5b3c430d3b996e2c009d48feb17a44c3 (patch)
tree: 6f62b5280dd1755d8b52c775484b20cbe22fd7d5 /core/src/fpdfapi/fpdf_page
parent: 99ee3d3527bc00f83f01e1db007d190a6b3458f5 (diff)
download: pdfium-bb93b0ba5b3c430d3b996e2c009d48feb17a44c3.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/core/src/fpdfapi/fpdf_page/fpdf_page_colors.cpp b/core/src/fpdfapi/fpdf_page/fpdf_page_colors.cpp
index fc4e282f10..b6bf7950ff 100644
--- a/core/src/fpdfapi/fpdf_page/fpdf_page_colors.cpp
+++ b/core/src/fpdfapi/fpdf_page/fpdf_page_colors.cpp
@@ -438,6 +438,9 @@ public:
 FX_BOOL CPDF_LabCS::v_Load(CPDF_Document* pDoc, CPDF_Array* pArray)
 {
     CPDF_Dictionary* pDict = pArray->GetDict(1);
+    if (!pDict) {
+        return FALSE;
+    }
     CPDF_Array* pParam = pDict->GetArray(FX_BSTRC("WhitePoint"));
     int i;
     for (i = 0; i < 3; i ++) {
author	Tom Sepez <tsepez@chromium.org>	2015-04-27 13:24:03 -0700
committer	Tom Sepez <tsepez@chromium.org>	2015-04-27 13:24:03 -0700
commit	bb93b0ba5b3c430d3b996e2c009d48feb17a44c3 (patch)
tree	6f62b5280dd1755d8b52c775484b20cbe22fd7d5 /core/src/fpdfapi/fpdf_page
parent	99ee3d3527bc00f83f01e1db007d190a6b3458f5 (diff)
download	pdfium-bb93b0ba5b3c430d3b996e2c009d48feb17a44c3.tar.xz