Check is first page number valid in CPDF_LinearizedHeader.

Bug=chromium:850407,chromium:850440 Change-Id: I0115f75677db618b0de5e1e78b13da80b1da9559 Reviewed-on: https://pdfium-review.googlesource.com/34390 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
author: Artem Strygin <art-snake@yandex-team.ru> 2018-06-07 18:01:27 +0000
committer: Chromium commit bot <commit-bot@chromium.org> 2018-06-07 18:01:27 +0000
commit: f51a4767ee7854991d94d6814aa13f5763f05760 (patch)
tree: dd519311670498683fb59d3d141c793c5b9da76b /core
parent: e769ab578af3cf646f6268c992fd9c9dcd494708 (diff)
download: pdfium-f51a4767ee7854991d94d6814aa13f5763f05760.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/core/fpdfapi/parser/cpdf_linearized_header.cpp b/core/fpdfapi/parser/cpdf_linearized_header.cpp
index 994d69f9b6..5032bc3807 100644
--- a/core/fpdfapi/parser/cpdf_linearized_header.cpp
+++ b/core/fpdfapi/parser/cpdf_linearized_header.cpp
@@ -43,6 +43,7 @@ bool IsLinearizedHeaderValid(const CPDF_LinearizedHeader* header,
   return header->GetFileSize() == file_size &&
          static_cast<int>(header->GetFirstPageNo()) >= 0 &&
          header->GetFirstPageNo() < kMaxInt &&
+         header->GetFirstPageNo() < header->GetPageCount() &&
          header->GetMainXRefTableFirstEntryOffset() < file_size &&
          header->GetPageCount() > 0 &&
          header->GetFirstPageEndOffset() < file_size &&
author	Artem Strygin <art-snake@yandex-team.ru>	2018-06-07 18:01:27 +0000
committer	Chromium commit bot <commit-bot@chromium.org>	2018-06-07 18:01:27 +0000
commit	f51a4767ee7854991d94d6814aa13f5763f05760 (patch)
tree	dd519311670498683fb59d3d141c793c5b9da76b /core
parent	e769ab578af3cf646f6268c992fd9c9dcd494708 (diff)
download	pdfium-f51a4767ee7854991d94d6814aa13f5763f05760.tar.xz