summaryrefslogtreecommitdiff
path: root/core/src/fxcodec/libjpeg/jpeglib.h
diff options
context:
space:
mode:
authorJUN FANG <jun_fang@foxitsoftware.com>2015-05-20 12:25:56 -0700
committerJUN FANG <jun_fang@foxitsoftware.com>2015-05-20 12:25:56 -0700
commite9ccc9bc449846107f1c539e25677f4877ddf22f (patch)
tree95ad9b3d81189bfd211d1c017979db7333428825 /core/src/fxcodec/libjpeg/jpeglib.h
parent3a251306b0fc80eadbd49a806b27c31e285c3223 (diff)
downloadpdfium-e9ccc9bc449846107f1c539e25677f4877ddf22f.tar.xz
Integer overflow in CJBig2_Image::expand
1. New size should be larger than old size in JBig2_Realloc. 2. Arguments are integers but parameters are size_t in JBIG2_memset. After integer overflows, it will be presented as a huge unsigned number on 64 bits system. BUG=483981 R=brucedawson@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/1148643002
Diffstat (limited to 'core/src/fxcodec/libjpeg/jpeglib.h')
0 files changed, 0 insertions, 0 deletions