diff options
author | Tom Sepez <tsepez@chromium.org> | 2016-03-24 11:09:45 -0700 |
---|---|---|
committer | Tom Sepez <tsepez@chromium.org> | 2016-03-24 11:09:45 -0700 |
commit | 676947ce0204914da1d8fb159730432c0fb0a3a2 (patch) | |
tree | 5749b1a559ad2b7b5c9c776c8fb93dc009994124 /third_party/libopenjpeg20/t2.c | |
parent | 282cee1b5ef000c8b03f53f5cbb243893d4440d1 (diff) | |
download | pdfium-676947ce0204914da1d8fb159730432c0fb0a3a2.tar.xz |
Added bounds checking to GetNameFromTT to handle corrupt files.
Patch by forshaw.
This patch adds bounds checking to the names buffer passed to GetNameFromTT.
There are observed crashes in this function where data is read outside of
the bounds allocated and passed to GetNameFromTT. There's no reason that
this function should ever try and read outside of the allocated bounds.
BUG=583037
TBR=forshaw@chromium.org
patch from issue 1829013002 at patchset 40001 (http://crrev.com/1829013002#ps40001)
Review URL: https://codereview.chromium.org/1830243003 .
Diffstat (limited to 'third_party/libopenjpeg20/t2.c')
0 files changed, 0 insertions, 0 deletions