LibOpenJPEG: restrict l_img_comp->prec to avoid undefined shift

The 38 value seems arbitrary, and the prec is used in OPJ_INT32 with 1 << (prec - 1). So limit it to be at most 31, and avoid undefined shifts. Bug: chromium:698498 Change-Id: I840f2e65231ac7847ed26bcaea36471a53be49e8 Reviewed-on: https://pdfium-review.googlesource.com/5173 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
author: Nicolas Pena <npm@chromium.org> 2017-05-09 14:56:06 -0400
committer: Chromium commit bot <commit-bot@chromium.org> 2017-05-09 19:46:29 +0000
commit: fe5c7c28c2f048eda4aa58cb8932d0d6f3f98114 (patch)
tree: d8bc200fcbbe9928641a0e7ced0cb6d9f0f0819e /third_party/libopenjpeg20/0032-undefined-shift-opj_j2k_read_siz.patch
parent: 6161445d85f28115519985e616039623b970b0a1 (diff)
download: pdfium-fe5c7c28c2f048eda4aa58cb8932d0d6f3f98114.tar.xz
1 files changed, 16 insertions, 0 deletions
diff --git a/third_party/libopenjpeg20/0032-undefined-shift-opj_j2k_read_siz.patch b/third_party/libopenjpeg20/0032-undefined-shift-opj_j2k_read_siz.patch
new file mode 100644
index 0000000000..f89025fa72
--- /dev/null
+++ b/third_party/libopenjpeg20/0032-undefined-shift-opj_j2k_read_siz.patch
@@ -0,0 +1,16 @@
+diff --git a/third_party/libopenjpeg20/j2k.c b/third_party/libopenjpeg20/j2k.c
+index cb5a28373..9e35de186 100644
+--- a/third_party/libopenjpeg20/j2k.c
++++ b/third_party/libopenjpeg20/j2k.c
+@@ -2121,9 +2121,9 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k,
+                                   i, l_img_comp->dx, l_img_comp->dy);
+                     return OPJ_FALSE;
+                 }
+-                if( l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */
++                if( l_img_comp->prec > 31) { /* TODO openjpeg won't handle more than ? */
+                     opj_event_msg(p_manager, EVT_ERROR,
+-                                  "Invalid values for comp = %d : prec=%u (should be between 1 and 38 according to the JPEG2000 norm)\n",
++                                  "Invalid values for comp = %d : prec=%u (should be between 1 and 31 according to the JPEG2000 norm)\n",
+                                   i, l_img_comp->prec);
+                     return OPJ_FALSE;
+                 }
author	Nicolas Pena <npm@chromium.org>	2017-05-09 14:56:06 -0400
committer	Chromium commit bot <commit-bot@chromium.org>	2017-05-09 19:46:29 +0000
commit	fe5c7c28c2f048eda4aa58cb8932d0d6f3f98114 (patch)
tree	d8bc200fcbbe9928641a0e7ced0cb6d9f0f0819e /third_party/libopenjpeg20/0032-undefined-shift-opj_j2k_read_siz.patch
parent	6161445d85f28115519985e616039623b970b0a1 (diff)
download	pdfium-fe5c7c28c2f048eda4aa58cb8932d0d6f3f98114.tar.xz