Age | Commit message (Collapse) | Author |
|
This CL applies this patch that fixes a recent null dereference regression:
https://github.com/vadz/libtiff/commit/57f4b28c00d78bd5d74768585d0e46b2e12e94f7
Bug: chromium:743621
Change-Id: I0f9d4321dc6ea71dd31cf0ba8420cc25d401f0d8
Reviewed-on: https://pdfium-review.googlesource.com/9490
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL uses sizeof to calculate sizes in tiffconf. It adds SIZEOF_VOIDP
to allow LibTIFF to take codepaths reducing OOMs. Finally, it gets rid
of _FX_WIN32_MOBILE_ since it's never defined.
Bug: chromium:718494
Change-Id: I9e6fb2812487ccd7d08e56fd1954c716ddccd07b
Reviewed-on: https://pdfium-review.googlesource.com/9410
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL removes two patches that correspond to non-security CF bugs.
There are now only a few patches left: two patches to prevent overflow
in _TIFFCheckRealloc (overflows here are dangerous as they can cause
heap-buffer-overflows), one patch to prevent integer overflows which CF
reported as a security issue, and one recent upstream patch (which would
be removed in the next LibTIFF upgrade).
Next steps:
* Figure out how to reproduce the security issue from _TIFFCheckRealloc
(samples from the bugs seem to just timeout on asan) and report bug
upstream once it's confirmed that a change is needed.
* Ditto integer overflow, except it was already reported upstream, so
ping upstream once reproduction without the patch is possible again.
Change-Id: I6f9096a6e69698d5ded6a59c4aca5e07b351e716
Reviewed-on: https://pdfium-review.googlesource.com/8532
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL upgrades LibTIFF, removing patch files that correspond to bugs
that have been resolved in 4.0.8.
Change-Id: Id99d2fc9b3f25993dcb60cf1558b73674eb725bf
Reviewed-on: https://pdfium-review.googlesource.com/8490
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
https://chromium.googlesource.com/chromium/src/third_party/freetype2.git/+log/cf8d9b4ce3fa..38bdf22bfe68
$ git log cf8d9b4ce..38bdf22bf --date=short --no-merges --format='%ad %ae %s'
2017-07-13 wl [truetype] Improve code comment.
2017-07-13 wl [base] Fix memory leak.
2017-07-12 wl [base] Integer overflow.
2017-07-12 wl Document how to scale manually.
2017-07-12 wl CHANGES: Add information on global metrics rounding.
2017-07-12 wl * src/truetype/ttpload.c (tt_face_get_location): Off-by-one typo.
2017-07-11 htl10 Changelog: typo, chromium issue id is 2276 instead of 2278
2017-07-07 wl [cff] Integer overflow.
2017-07-06 apodtele Tweak suggested use of `lsb_delta' and `rsb_delta'.
TBR=thestig@chromium.org
BUG: pdfium:812
Change-Id: Iaabe11da93752dcbe9c1e7ac80b6758010e074ba
Reviewed-on: https://pdfium-review.googlesource.com/8030
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This CL applies two upstream patches that help with OOM problems:
https://github.com/vadz/libtiff/commit/1077fad562e03d1cad591dd10163dd80ad63ab0e
https://github.com/vadz/libtiff/commit/0a619f1e553e46df8022b889ff44f8a1faa1e48d
These do not yet fix the bug below.
Bug: chromium:718494
Change-Id: If68c20f504b27c07dba2765f8e5ef708c1a54d7e
Reviewed-on: https://pdfium-review.googlesource.com/7731
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL adds a comment to point to the upstream bug of a patch fixing
an OOM. The fix is fine for us but not accepted upstream so it should
be ignored once upstream fixes the bug.
Bug: chromium:681311
Change-Id: I6986fb7c851e260e84f764449ff1ee46441e71b4
Reviewed-on: https://pdfium-review.googlesource.com/6953
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
In a way similar to the existing USE_SYSTEM_ZLIB. The default is of course
still the bundled lcms2.
Change-Id: I219b50854b3c7870b0f4d94574ba39f6cb26f556
Reviewed-on: https://pdfium-review.googlesource.com/5870
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Roll build/ to f671d3b and replace "//build/config/sanitizers:deps"
with "//build/config:exe_and_shlib_deps"
Bug=chromium:723069
R=thestig@chromium.org
Change-Id: Ib890f22a13769a594ce248637aeabc5ac3062ab2
Reviewed-on: https://pdfium-review.googlesource.com/5670
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Update ftoption.h with new (unused by us) setting:
AF_CONFIG_OPTION_TT_SIZE_METRICS
Change-Id: Ia8004e1ab1e72778319d23e7dfa8cbdcbebfdd34
Reviewed-on: https://pdfium-review.googlesource.com/5555
Reviewed-by: Nicolás Peña <npm@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Upstream patch:
https://github.com/vadz/libtiff/commit/5a4eceed8d2f28d05f49add9ce647684d59d461a
Bug: chromium:722071
Change-Id: Idef412edbeb3255375ab18c68721dbaf7c601119
Reviewed-on: https://pdfium-review.googlesource.com/5511
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
bpno_plus_one is used as a parameter bpno for a bunch of methods that calculate
1 << bpno. Thus, use a reduced value when it's large enough to cause undefined
shift. bpno_plus_one itself remains unchanged so that the number of calls
remains the same
Bug: chromium:698526
Change-Id: I40431d41a04f3e2315bd3c80114cd0fcbd2815b4
Reviewed-on: https://pdfium-review.googlesource.com/5310
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
The 38 value seems arbitrary, and the prec is used in OPJ_INT32 with 1 <<
(prec - 1). So limit it to be at most 31, and avoid undefined shifts.
Bug: chromium:698498
Change-Id: I840f2e65231ac7847ed26bcaea36471a53be49e8
Reviewed-on: https://pdfium-review.googlesource.com/5173
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This CL applies the following upstream patch:
https://github.com/mm2/Little-CMS/commit/02c95fa76bdc4f73113373070278666f47aff82f
Bug: chromium:718500
Change-Id: I7898b22e44a5ea5c0d1c301233037fbaabb8e327
Reviewed-on: https://pdfium-review.googlesource.com/5092
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
If the count of items is large enough, there maybe not enough data in
the file to read. This Cl verifies we'll have enough data before
attempting to allocate the memory to store the results.
Bug: chromium:718504
Change-Id: I82e7df3511e529c4bd72a772e9d6e607a0615927
Reviewed-on: https://pdfium-review.googlesource.com/5110
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
In a way similar to the existing USE_SYSTEM_LIBJPEG. The default is of
course still the DEPS-based zlib checkout.
Changes in v2:
1) Since Chromium doesn't have //third_party:zlib (AKA a "zlib" target in
//third_party/BUILD.GN) all the targets that depended on //third_party:zlib now
depend on third_party:zlib, which always points to PDFium's
third_party/BUILD.GN. The targets that depended on //third_party:zlib in
third_party/BUILD.GN just depend on :zlib instead.
2) Move the zlib bits out of !build_with_chromium block.
Change-Id: Id73eb07591418ff2ae71b83b87c18af71b49a22a
Reviewed-on: https://pdfium-review.googlesource.com/5030
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Bug: chromium:666683
Change-Id: I1c633d82e9ef75dd99ef032b4fc46fe8d3651cd1
Reviewed-on: https://pdfium-review.googlesource.com/5050
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
The value 1u << (l_pdx + l_level_no) is only used to calculate a minimum,
so skip it when the shift doesn't even fit unsigned integer. Also use the uint
min version since all values being considered are unsigned anyways.
Bug: chromium:666892
Change-Id: I79c6e52022aa894033c5cdabec29c4b8313e293b
Reviewed-on: https://pdfium-review.googlesource.com/4891
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Change-Id: I7a2fc956236005fca4848bd2be6db4585bc4e7d7
Reviewed-on: https://pdfium-review.googlesource.com/4477
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
VS does not like to see <, > in the XML nodes of the build files. Work
around this issue by replacing less-than and greater-than characters in
the FreeType custom config include file path definitions with escaped
quotes.
BUG=pdfium:701
Change-Id: I879ade670158ccb4d435b65cde382c6e6b32e002
Reviewed-on: https://pdfium-review.googlesource.com/4330
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
Allows us to apply this same predicate onto ordinary arrays.
Change-Id: I917be09ed5e55167657c9af97f45f2ea2dbc6ab4
Reviewed-on: https://pdfium-review.googlesource.com/4270
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
This reverts commit 36c5b170e722362d4b5f7cb6e4e0099ed227a307.
Reason for revert: This appears to be blocking the roll into Chromium.
https://chromium-review.googlesource.com/c/476165/
Original change's description:
> core: allow building against system zlib
>
> In a way similar to the existing USE_SYSTEM_LIBJPEG. The default is of
> course still the DEPS-based zlib checkout.
>
> Change-Id: I649e75beb1a19c4cf7abda42fa10ebe5babfe946
> Reviewed-on: https://pdfium-review.googlesource.com/4070
> Reviewed-by: Lei Zhang <thestig@chromium.org>
> Commit-Queue: Lei Zhang <thestig@chromium.org>
>
TBR=thestig@chromium.org,dsinclair@chromium.org,npm@chromium.org,vmiklos@collabora.co.uk,pdfium-reviews@googlegroups.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: I1ee6fb002f444ff9b559ce6a69679e63de7ff9cc
Reviewed-on: https://pdfium-review.googlesource.com/4393
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Upstream patches applied:
https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
https://github.com/vadz/libtiff/commit/0abd094b6e5079c4d8be733829240491cb230f3d
https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8
https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490
https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4
Bug: chromium:711638
Change-Id: I017bfa91f7682c190bd7f8dbe36c2c3d1ac68728
Reviewed-on: https://pdfium-review.googlesource.com/4313
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
Upstream commit:
https://github.com/vadz/libtiff/commit/d60332057b9575ada4f264489582b13e30137be1
Bug: chromium:711638
Change-Id: I46de1a00f9bb8d5de8df64ec78a9d62dcb4352ed
Reviewed-on: https://pdfium-review.googlesource.com/4310
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
In a way similar to the existing USE_SYSTEM_LIBJPEG. The default is of
course still the DEPS-based zlib checkout.
Change-Id: I649e75beb1a19c4cf7abda42fa10ebe5babfe946
Reviewed-on: https://pdfium-review.googlesource.com/4070
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
BUG=pdfium:691
Change-Id: If6f1e200e763827ec640b2b79171f3899ea7927e
Reviewed-on: https://pdfium-review.googlesource.com/4050
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Chris Palmer <palmer@chromium.org>
|
|
Check out libjpeg-turbo via DEPS.
Also checkout yasm via DEPS and copy some yasm build files from
Chromium.
BUG=chromium:541704,pdfium:389
Change-Id: Ic7af415f002a3ca2acd9223ed3474dedf3930b32
Reviewed-on: https://pdfium-review.googlesource.com/3470
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
In TIFFFillStrip, calls to TIFFReadBufferSetup may allocate large amounts of
memory. In this CL we do sanity checks on the claimed size of the raw strip
data before that happens, to prevent out-of-memory.
Bug: chromium:707431
Change-Id: I4e7c9a8630fad11d4f68a3ceccd71ffa511f4293
Reviewed-on: https://pdfium-review.googlesource.com/3811
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from mem methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I9d5ae905997dbaaec5aa0b2ae4c07358ed9c6236
Reviewed-on: https://pdfium-review.googlesource.com/3613
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from file methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I095c64fed69bf70e00a2594fa94a1fdc71a7060e
Reviewed-on: https://pdfium-review.googlesource.com/3610
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
This Cl drops the FXSYS_ from math methods which are the same on all
platforms.
Bug: pdfium:694
Change-Id: I85c9ff841fd9095b1434f67319847ba0cd9df7ac
Reviewed-on: https://pdfium-review.googlesource.com/3598
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
This Cl drops the FXSYS_ from string methods which are the same on
all platforms.
Bug: pdfium:694
Change-Id: I1698aafd84f40474997549ae91ce35603377e303
Reviewed-on: https://pdfium-review.googlesource.com/3597
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
After moving to a DEPS based FreeType checkout, integration with
Chromium no longer works correctly when pdf_bundle_freetype is set
to true, because relative paths would point to
third_party/pdfium/third_party/freetype, and that no longer exists.
BUG=pdfium:688
TBR=drott@chromium.org,dsinclair@chromium.org,npm@chromium.org
Change-Id: I346072ddc1052d25be58ca1610f6d1c002fc03ef
Reviewed-on: https://pdfium-review.googlesource.com/3556
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
BUG=chromium:541704
Change-Id: I313d8853450ff5940b3baa4054ff441b342c46b7
Reviewed-on: https://pdfium-review.googlesource.com/3350
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
BUG=pdfium:688
Change-Id: I7787b29d0fedc48f1360ab041d43829d0e805462
Change-Id: I7787b29d0fedc48f1360ab041d43829d0e805462
Reviewed-on: https://pdfium-review.googlesource.com/3331
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
CL list:
https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1
https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec
https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86
https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018
https://github.com/vadz/libtiff/commit/b4b41925115059b49f97432bda0613411df2f686
Bug: chromium:706349
Change-Id: I782156e7486919a62e25eeb95cb8699f1b2c5ee1
Reviewed-on: https://pdfium-review.googlesource.com/3374
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This reverts commit 21362ee6370e6ef0f5a8275af5afde3f127887c9.
Reason for revert: Breaks win_clang.
Original change's description:
> Enable Wshift-negative-value in PDFium.
>
> BUG=chromium:507717
>
> Change-Id: If0030640497ce103de7713f8497570602950a2b6
> Reviewed-on: https://pdfium-review.googlesource.com/3270
> Commit-Queue: Nico Weber <thakis@chromium.org>
> Reviewed-by: Nico Weber <thakis@chromium.org>
>
TBR=thestig@chromium.org,thakis@chromium.org,pdfium-reviews@googlegroups.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=chromium:507717
Change-Id: I4d482b6b7dade74373995f6d9cfdc6d1d66431a3
Reviewed-on: https://pdfium-review.googlesource.com/3410
Reviewed-by: Nico Weber <thakis@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
|
|
Add a public config to fxfreetype to make includes visible and provide a
freetype_common group as a public dependency on fxcrt. freetype_common
switches between fxfreetype and //build/config/freetype, which gives
embedders the flexibility to configure the source of FreeType.
BUG=chromium:700926
Change-Id: I73ae26979dcf69a419485def23c7a13dffa2a15d
Reviewed-on: https://pdfium-review.googlesource.com/2971
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
BUG=pdfium:601
Change-Id: I07756cd208cd2221802ff2d331f316b6618a41e0
Reviewed-on: https://pdfium-review.googlesource.com/3120
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: I024573f341cba48d9f5d2bc38683a016639b14e2
Reviewed-on: https://pdfium-review.googlesource.com/3119
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
|
|
This CL fixes the only caller to TIFFReadDirEntryData with potentially large
size so that we avoid big mallocs when we know we will fail. It does this as
follows:
- Avoid the unnecessary computations if datasize is very small. We don't want
to be slower in this case.
- If !isMapped(tif), we will Seek and Read. Check that ending position is
reachable. In the other case, do a simple check for out of bounds.
Bug: chromium:681311
Change-Id: Ia172d8b4d401753b7c8d5455dc1ada5335f6fa6b
Reviewed-on: https://pdfium-review.googlesource.com/3253
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
|
|
BUG=chromium:507717
Change-Id: If0030640497ce103de7713f8497570602950a2b6
Reviewed-on: https://pdfium-review.googlesource.com/3270
Commit-Queue: Nico Weber <thakis@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
|
|
This is the same version used by Chromium (as
also the latest release of zlib).
BUG=687631
Change-Id: Ia4bcdee3c36443ba01914d157ea795d7fb881a45
Reviewed-on: https://pdfium-review.googlesource.com/3096
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Change-Id: If3f67767f738b7f23230ca8c37c9af2e31696e82
Reviewed-on: https://pdfium-review.googlesource.com/3117
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|
|
Ue it to fix a typo as well.
BUG=pdfium:634
Change-Id: I2d686242ffb841aedc2fae6a3cf7a00bea667404
Reviewed-on: https://pdfium-review.googlesource.com/3113
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
We'll add callers in a later CL.
BUG=pdfium:678
Change-Id: I98c8b2832c4750df326218e24ee8c1bd33b89b50
Reviewed-on: https://pdfium-review.googlesource.com/3066
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
|
|
Avoid writing |Type| in CollectionSize<Type>() so that index
type can change without rewriting conditions.
Change-Id: I40c94ca39148b379908760ba9b861114b88af7bb
Reviewed-on: https://pdfium-review.googlesource.com/3056
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
|
|
Change-Id: I158b7d80b0ec28b742a9f2d5a96f3dde7fb3ab56
Reviewed-on: https://pdfium-review.googlesource.com/3031
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>
|
|
The undefined shifts in libopenjpeg are sometimes used as divisors. This CL
checks that we are not trying to divide by 0 or mod by 0 in some places in
pi.c.
BUG=chromium:699491
Change-Id: Iaf629112437068d6479dbbb52b339bec6edefed0
Reviewed-on: https://pdfium-review.googlesource.com/2962
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Nicolás Peña <npm@chromium.org>
|
|
This happens to fix the bug in question but I suspect they still do not
have enough checks to prevent undefined shifts. Patch:
https://github.com/uclouvain/openjpeg/pull/762/commits/5afb4d0546dd1b0a162b4e895cfdcfa4b32f1180
BUG=694042
Change-Id: I9466eb2b095f07233517ff5f1bcb0c2437be78ac
Reviewed-on: https://pdfium-review.googlesource.com/2888
Commit-Queue: dsinclair <dsinclair@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
|