diff options
author | JUN FANG <jun_fang@foxitsoftware.com> | 2015-05-20 12:25:56 -0700 |
---|---|---|
committer | JUN FANG <jun_fang@foxitsoftware.com> | 2015-05-20 13:44:37 -0700 |
commit | 24d24506f7e5f185a8f6577f7ccd59dbbad3eed5 (patch) | |
tree | 8a36e0c42392cce63b33a32fb77f20bb1df5b56c /third_party | |
parent | 3c3201f333eaf22931fbd4916f2ef0fd0479fead (diff) | |
download | pdfium-24d24506f7e5f185a8f6577f7ccd59dbbad3eed5.tar.xz |
Merge to XFA: Integer overflow in CJBig2_Image::expand
1. New size should be larger than old size in JBig2_Realloc.
2. Arguments are integers but parameters are size_t in JBIG2_memset.
After integer overflows, it will be presented as a huge
unsigned number on 64 bits system.
BUG=483981
R=brucedawson@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/1148643002
Diffstat (limited to 'third_party')
0 files changed, 0 insertions, 0 deletions