summaryrefslogtreecommitdiff
path: root/fxjs/cfxjse_class.h
diff options
context:
space:
mode:
authorNicolas Pena <npm@chromium.org>2017-06-13 12:14:11 -0400
committerChromium commit bot <commit-bot@chromium.org>2017-06-13 16:50:49 +0000
commit6500c6faf82f636d55c9ca5682711022890bef1d (patch)
treeac688a6fd0571c4afe0aba43004c48c516ea830f /fxjs/cfxjse_class.h
parent3516256c28c29d13e9092e7bb3ea3b417d3bb6df (diff)
downloadpdfium-6500c6faf82f636d55c9ca5682711022890bef1d.tar.xz
Check validity of color indices in bmp_decode_rgb
The pal_num member of bmp_ptr indicates the number of color indices used by the bitmap. This CL returns an error when an invalid index is found, since otherwise a heap-buffer-overflow can occur since the size of m_pSrcPalette is calculated based on pal_num. Bug: chromium:616670 Change-Id: I397958704bed1aa1ae259016ffd5033c07a801ee Reviewed-on: https://pdfium-review.googlesource.com/6470 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org>
Diffstat (limited to 'fxjs/cfxjse_class.h')
0 files changed, 0 insertions, 0 deletions