From 46d2e278f62454ed2392630b6d18d33d380a20eb Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 10 Nov 2015 14:11:52 -0800 Subject: Prevent buffer underflow in CPDF_TextObject::CalcPositionData R=tsepez@chromium.org BUG=554115 Review URL: https://codereview.chromium.org/1435473004 . --- core/src/fpdfapi/fpdf_page/fpdf_page.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/core/src/fpdfapi/fpdf_page/fpdf_page.cpp b/core/src/fpdfapi/fpdf_page/fpdf_page.cpp index eaa8ef1127..3777cd078c 100644 --- a/core/src/fpdfapi/fpdf_page/fpdf_page.cpp +++ b/core/src/fpdfapi/fpdf_page/fpdf_page.cpp @@ -409,11 +409,11 @@ void CPDF_TextObject::CalcPositionData(FX_FLOAT* pTextAdvanceX, for (int i = 0; i < m_nChars; ++i) { FX_DWORD charcode = m_nChars == 1 ? (FX_DWORD)(uintptr_t)m_pCharCodes : m_pCharCodes[i]; - if (charcode == (FX_DWORD)-1) { - curpos -= FXSYS_Mul(m_pCharPos[i - 1], fontsize) / 1000; - continue; - } - if (i) { + if (i > 0) { + if (charcode == (FX_DWORD)-1) { + curpos -= FXSYS_Mul(m_pCharPos[i - 1], fontsize) / 1000; + continue; + } m_pCharPos[i - 1] = curpos; } FX_RECT char_rect; -- cgit v1.2.3