diff options
| author | Nicolas Pena <npm@chromium.org> | 2017-07-20 16:57:05 -0400 |
|---|---|---|
| committer | Chromium commit bot <commit-bot@chromium.org> | 2017-07-20 22:28:00 +0000 |
| commit | d60609d3a12fb0e9925166b027c3f57884b77c5d (patch) | |
| tree | f441804c10471addbfa1d9ca616bd43cf9dd42b0 /fpdfsdk/formfiller/cffl_combobox.cpp | |
| parent | e03f8b1c9ccb8923c97f43a45b4a2dbc8c60a786 (diff) | |
| download | pdfium-d60609d3a12fb0e9925166b027c3f57884b77c5d.tar.xz | |
LibTIFF: remove a couple of patches
This CL removes two patches that correspond to non-security CF bugs.
There are now only a few patches left: two patches to prevent overflow
in _TIFFCheckRealloc (overflows here are dangerous as they can cause
heap-buffer-overflows), one patch to prevent integer overflows which CF
reported as a security issue, and one recent upstream patch (which would
be removed in the next LibTIFF upgrade).
Next steps:
* Figure out how to reproduce the security issue from _TIFFCheckRealloc
(samples from the bugs seem to just timeout on asan) and report bug
upstream once it's confirmed that a change is needed.
* Ditto integer overflow, except it was already reported upstream, so
ping upstream once reproduction without the patch is possible again.
Change-Id: I6f9096a6e69698d5ded6a59c4aca5e07b351e716
Reviewed-on: https://pdfium-review.googlesource.com/8532
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
Diffstat (limited to 'fpdfsdk/formfiller/cffl_combobox.cpp')
0 files changed, 0 insertions, 0 deletions