diff options
author | Nicolas Pena <npm@chromium.org> | 2017-08-22 11:01:51 -0400 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2017-08-25 18:03:45 +0000 |
commit | 175a8588f4290df8ec32d697c0248eb5c6b2c396 (patch) | |
tree | 43822c8c1beb00fd05623292def2da96b5c294bb /third_party/lcms/0028-do-not-quickfloor.patch | |
parent | 8ada2ef8000abce4eb98506cc6195c78067f1000 (diff) | |
download | pdfium-175a8588f4290df8ec32d697c0248eb5c6b2c396.tar.xz |
Do not QuickFloor on cmsintrp
In this CL, the flag CMS_DONT_USE_FAST_FLOOR is set to true because quickfloor
could cause heap-buffer-overflow due to flooring errors. In the testcase for
the bug, Input[2] is a number very close but smaller than 1 such that
quickfloor returned 1 (whereas Input[2] >= 1.0 was false).
Bug: chromium:752725
Change-Id: Ibb1763aa120a600e86602f1a46c4cd6d0d6bebd5
Reviewed-on: https://pdfium-review.googlesource.com/11310
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
Diffstat (limited to 'third_party/lcms/0028-do-not-quickfloor.patch')
-rw-r--r-- | third_party/lcms/0028-do-not-quickfloor.patch | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/third_party/lcms/0028-do-not-quickfloor.patch b/third_party/lcms/0028-do-not-quickfloor.patch new file mode 100644 index 0000000000..598917a939 --- /dev/null +++ b/third_party/lcms/0028-do-not-quickfloor.patch @@ -0,0 +1,13 @@ +diff --git a/third_party/lcms/include/lcms2.h b/third_party/lcms/include/lcms2.h +index 739e6e1f8..c84a4fd93 100644 +--- a/third_party/lcms/include/lcms2.h ++++ b/third_party/lcms/include/lcms2.h +@@ -38,7 +38,7 @@ + // #define CMS_DONT_USE_INT64 1 + + // Uncomment this if your compiler doesn't work with fast floor function +-// #define CMS_DONT_USE_FAST_FLOOR 1 ++#define CMS_DONT_USE_FAST_FLOOR 1 + + // Uncomment this line if you want lcms to use the black point tag in profile, + // if commented, lcms will compute the black point by its own. |