Fix a heap overflow in CJBig2_Context::parseSymbolDictchromium/2371 chromium/2370 chromium/2369

BUG=476107 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1080893002
author: JUN FANG <jun_fang@foxitsoftware.com> 2015-04-13 10:34:10 -0700
committer: JUN FANG <jun_fang@foxitsoftware.com> 2015-04-13 10:34:10 -0700
commit: eddab4425614e49146f904f00da4a664ba4b581b (patch)
tree: 0717e75ef75e5f814aa540daeb4774767f013d98 /core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
parent: eeccab8f6a1785d9c94c126524b982c9d4c4b946 (diff)
download: pdfium-chromium/2369.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp b/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
index 6179317890..53faab4a46 100644
--- a/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
+++ b/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
@@ -61,6 +61,8 @@ extern const JBig2ArithQe QeTable[] = {
     { 0x5601, 46, 46, 0 }
 };
 
+extern const unsigned int JBIG2_QE_NUM = sizeof(QeTable) / sizeof(JBig2ArithQe);
+
 CJBig2_Image *CJBig2_GRDProc::decode_Arith(CJBig2_ArithDecoder *pArithDecoder, JBig2ArithCtx *gbContext)
 {
     if (GBW == 0 || GBH == 0) {
author	JUN FANG <jun_fang@foxitsoftware.com>	2015-04-13 10:34:10 -0700
committer	JUN FANG <jun_fang@foxitsoftware.com>	2015-04-13 10:34:10 -0700
commit	eddab4425614e49146f904f00da4a664ba4b581b (patch)
tree	0717e75ef75e5f814aa540daeb4774767f013d98 /core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
parent	eeccab8f6a1785d9c94c126524b982c9d4c4b946 (diff)
download	pdfium-chromium/2369.tar.xz