From 89d8b4681ce98894a1ee1a6cf4bae77e00d28797 Mon Sep 17 00:00:00 2001
From: Lei Zhang <thestig@chromium.org>
Date: Thu, 10 Sep 2015 16:13:31 -0700
Subject: Guard against null image data in CJBig2_GRRDProc.

Credit to karl at skomski.com for the initial version of the CL.

BUG=527174
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1305033006 .
---
 core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp')

diff --git a/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp b/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
index 2e558ee7e8..1c56db984b 100644
--- a/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
+++ b/core/src/fxcodec/jbig2/JBig2_GeneralDecoder.cpp
@@ -719,6 +719,9 @@ CJBig2_Image* CJBig2_GRRDProc::decode_Template0_unopt(
 CJBig2_Image* CJBig2_GRRDProc::decode_Template0_opt(
     CJBig2_ArithDecoder* pArithDecoder,
     JBig2ArithCtx* grContext) {
+  if (!GRREFERENCE->m_pData)
+    return nullptr;
+
   FX_BOOL LTP, SLTP, bVal;
   FX_DWORD CONTEXT;
   FX_DWORD line1, line1_r, line2_r, line3_r;
@@ -953,6 +956,9 @@ CJBig2_Image* CJBig2_GRRDProc::decode_Template1_unopt(
 CJBig2_Image* CJBig2_GRRDProc::decode_Template1_opt(
     CJBig2_ArithDecoder* pArithDecoder,
     JBig2ArithCtx* grContext) {
+  if (!GRREFERENCE->m_pData)
+    return nullptr;
+
   FX_BOOL LTP, SLTP, bVal;
   FX_DWORD CONTEXT;
   FX_DWORD line1, line1_r, line2_r, line3_r;
-- 
cgit v1.2.3