From 9bdbc16e3c8f30e32a1f399543d04ac5b1e9c97c Mon Sep 17 00:00:00 2001
From: Nicolas Pena <npm@chromium.org>
Date: Fri, 5 May 2017 16:27:37 -0400
Subject: Fix undefined shift in opj_bio_read
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bug: chromium:666683
Change-Id: I1c633d82e9ef75dd99ef032b4fc46fe8d3651cd1
Reviewed-on: https://pdfium-review.googlesource.com/5050
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
---
 .../libopenjpeg20/0031-undefined-shift-opj_bio_read.patch   | 13 +++++++++++++
 third_party/libopenjpeg20/README.pdfium                     |  1 +
 third_party/libopenjpeg20/bio.c                             |  2 ++
 3 files changed, 16 insertions(+)
 create mode 100644 third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch

diff --git a/third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch b/third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch
new file mode 100644
index 0000000000..22188bef99
--- /dev/null
+++ b/third_party/libopenjpeg20/0031-undefined-shift-opj_bio_read.patch
@@ -0,0 +1,13 @@
+diff --git a/third_party/libopenjpeg20/bio.c b/third_party/libopenjpeg20/bio.c
+index e4edb3724..e51d0e2b4 100644
+--- a/third_party/libopenjpeg20/bio.c
++++ b/third_party/libopenjpeg20/bio.c
+@@ -162,6 +162,8 @@ OPJ_UINT32 opj_bio_read(opj_bio_t *bio, OPJ_UINT32 n) {
+        OPJ_UINT32 i;
+     OPJ_UINT32 v;
+        v = 0;
++       if (n > 32)
++               n = 32;
+        for (i = n - 1; i < n; i--) {
+                v += opj_bio_getbit(bio) << i;
+        }
diff --git a/third_party/libopenjpeg20/README.pdfium b/third_party/libopenjpeg20/README.pdfium
index a75de2cca1..d73c72b827 100644
--- a/third_party/libopenjpeg20/README.pdfium
+++ b/third_party/libopenjpeg20/README.pdfium
@@ -40,4 +40,5 @@ Local Modifications:
 0028-upstream-check-size-in-opj_j2k_read_siz.patch: upstream patch in j2k.c.
 0029-avoid-division-by-0: fix some /0 and %0 in pi.c (caused by bad shifts).
 0030-undefined-shift-opj_get_all_encoding_parameters.patch: fix undefined shift in pi.c method.
+0031-undefined-shift-opj_bio_read.patch: fix undefined shift in bio.c method.
 TODO(thestig): List all the other patches.
diff --git a/third_party/libopenjpeg20/bio.c b/third_party/libopenjpeg20/bio.c
index e4edb3724e..e51d0e2b46 100644
--- a/third_party/libopenjpeg20/bio.c
+++ b/third_party/libopenjpeg20/bio.c
@@ -162,6 +162,8 @@ OPJ_UINT32 opj_bio_read(opj_bio_t *bio, OPJ_UINT32 n) {
 	OPJ_UINT32 i;
     OPJ_UINT32 v;
 	v = 0;
+	if (n > 32)
+		n = 32;
 	for (i = n - 1; i < n; i--) {
 		v += opj_bio_getbit(bio) << i;
 	}
-- 
cgit v1.2.3