LCMS: rename folder

Change-Id: I5f240cb0779648dc5427fecb5561086e7c0fb16a
Reviewed-on: https://pdfium-review.googlesource.com/10650
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>

1 files changed, 17 insertions, 0 deletions

diff --git a/third_party/lcms/0018-verify-size-before-reading.patch b/third_party/lcms/0018-verify-size-before-reading.patch
new file mode 100644
index 0000000000..e72e310a1b
--- /dev/null
+++ b/third_party/lcms/0018-verify-size-before-reading.patch
@@ -0,0 +1,17 @@
+diff --git a/third_party/lcms/src/cmstypes.c b/third_party/lcms/src/cmstypes.c
+index 75f1fae32..4d96a1ed6 100644
+--- a/third_party/lcms/src/cmstypes.c
++++ b/third_party/lcms/src/cmstypes.c
+@@ -173,6 +173,12 @@ cmsBool ReadPositionTable(struct _cms_typehandler_struct* self,
+ {
+     cmsUInt32Number i;
+     cmsUInt32Number *ElementOffsets = NULL, *ElementSizes = NULL;
++    cmsUInt32Number currentPosition;
++
++    currentPosition = io->Tell(io);
++    // Verify there is enough space left to read two cmsUInt32Number items for Count items.
++    if (((io->ReportedSize - currentPosition) / (2 * sizeof(cmsUInt32Number))) < Count)
++        return FALSE;
+ 
+     // Let's take the offsets to each element
+     ElementOffsets = (cmsUInt32Number *) _cmsCalloc(io ->ContextID, Count, sizeof(cmsUInt32Number));