summaryrefslogtreecommitdiff
path: root/core
diff options
context:
space:
mode:
authornpm <npm@chromium.org>2016-11-09 17:26:27 -0800
committerCommit bot <commit-bot@chromium.org>2016-11-09 17:26:27 -0800
commit3f8cb532c93bd2839073ed4949d051245de5a4cb (patch)
tree37f246a16a74193c96b8e0892ec0c0640e5a57a3 /core
parent6173c9d2a3ce717b1ea3bfa12d6d403ee6a543a6 (diff)
downloadpdfium-3f8cb532c93bd2839073ed4949d051245de5a4cb.tar.xz
Add early returns in CJBig2_TRDProc::decode_Arith when decode fails.
None of the decodes in the method are currently being checked. This is causing pdfium to take a long time rendering corrupted files. Thus, I added a couple of early returns to help prevent this from happening. BUG=450971 Review-Url: https://codereview.chromium.org/2493633002
Diffstat (limited to 'core')
-rw-r--r--core/fxcodec/jbig2/JBig2_TrdProc.cpp6
1 files changed, 4 insertions, 2 deletions
diff --git a/core/fxcodec/jbig2/JBig2_TrdProc.cpp b/core/fxcodec/jbig2/JBig2_TrdProc.cpp
index ccd8ebf98d..1329cde5f0 100644
--- a/core/fxcodec/jbig2/JBig2_TrdProc.cpp
+++ b/core/fxcodec/jbig2/JBig2_TrdProc.cpp
@@ -266,7 +266,8 @@ CJBig2_Image* CJBig2_TRDProc::decode_Arith(CJBig2_ArithDecoder* pArithDecoder,
std::unique_ptr<CJBig2_Image> SBREG(new CJBig2_Image(SBW, SBH));
SBREG->fill(SBDEFPIXEL);
int32_t STRIPT;
- pIADT->decode(pArithDecoder, &STRIPT);
+ if (!pIADT->decode(pArithDecoder, &STRIPT))
+ return nullptr;
STRIPT *= SBSTRIPS;
STRIPT = -STRIPT;
int32_t FIRSTS = 0;
@@ -274,7 +275,8 @@ CJBig2_Image* CJBig2_TRDProc::decode_Arith(CJBig2_ArithDecoder* pArithDecoder,
while (NINSTANCES < SBNUMINSTANCES) {
int32_t CURS = 0;
int32_t DT;
- pIADT->decode(pArithDecoder, &DT);
+ if (!pIADT->decode(pArithDecoder, &DT))
+ return nullptr;
DT *= SBSTRIPS;
STRIPT += DT;
bool bFirst = true;