summaryrefslogtreecommitdiff
path: root/testing/libfuzzer/xfa_codec_fuzzer.h
diff options
context:
space:
mode:
authorRyan Harrison <rharrison@chromium.org>2017-10-30 14:06:12 +0000
committerChromium commit bot <commit-bot@chromium.org>2017-10-30 14:06:12 +0000
commit1fc3c3b309d96b4e4f4c6d8b270a4e72710ca4a1 (patch)
tree745554eacab563734d6f4b58e8b93c312fbd9797 /testing/libfuzzer/xfa_codec_fuzzer.h
parent7170226d20208e6286057e5c0804e0b549ae33bc (diff)
downloadpdfium-1fc3c3b309d96b4e4f4c6d8b270a4e72710ca4a1.tar.xz
Fix overflow in image size check
BUG=chromium:779342 Change-Id: I2a087a08fe87594eb73d9d955955be0e66e5cdc2 Reviewed-on: https://pdfium-review.googlesource.com/17030 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
Diffstat (limited to 'testing/libfuzzer/xfa_codec_fuzzer.h')
-rw-r--r--testing/libfuzzer/xfa_codec_fuzzer.h2
1 files changed, 1 insertions, 1 deletions
diff --git a/testing/libfuzzer/xfa_codec_fuzzer.h b/testing/libfuzzer/xfa_codec_fuzzer.h
index e91ea20577..9a1230dbf9 100644
--- a/testing/libfuzzer/xfa_codec_fuzzer.h
+++ b/testing/libfuzzer/xfa_codec_fuzzer.h
@@ -39,7 +39,7 @@ class XFACodecFuzzer {
// Skipping very large images, since they will take a long time and may lead
// to OOM.
- if (decoder->GetWidth() * decoder->GetHeight() > kXFACodecFuzzerPixelLimit)
+ if (decoder->GetWidth() > kXFACodecFuzzerPixelLimit / decoder->GetHeight())
return 0;
auto bitmap = pdfium::MakeRetain<CFX_DIBitmap>();