From 0bd847232a1f430c70dd9d8df177ce68a3cde010 Mon Sep 17 00:00:00 2001 From: Nicolas Pena Date: Mon, 14 Aug 2017 10:36:01 -0400 Subject: LCMS: upgrade to 2.8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This CL upgrades LCMS from version 2.6 to 2.8. All changes from LCMS original version 2.8 are stored in patch files: - Patch 0: memory management modifications to use PDFium methods. This was previously not in any patch, so the changes were manually applied. - Patches 1-5: new patch files corresponding to old changes that can be seen in the history, but did not previously have patch files. - Patches 6-25: previous patches (patch numbers shifted by 6). The one for from16-to-8-overflow.patch was deleted as it was already upstream. Some patches did not apply cleanly so their .patch files were modified. - Patch 26: as I just moved files directly, unsupported characters were moved in unchanged, so I had to fix all of them: e with tilde and other characters were replaced to allow compilation on Windows. - Patch 27: Went over the code and re-applied changes that included comments clearly indicating this was Foxit. These changes are all already seen in the initial PDFium commit. Change-Id: Ic1d84e54803ef9e6b280ef7619bbf0b757312fbf Reviewed-on: https://pdfium-review.googlesource.com/10590 Commit-Queue: Nicolás Peña Reviewed-by: dsinclair --- third_party/lcms/0024-verify-size-before-reading.patch | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 third_party/lcms/0024-verify-size-before-reading.patch (limited to 'third_party/lcms/0024-verify-size-before-reading.patch') diff --git a/third_party/lcms/0024-verify-size-before-reading.patch b/third_party/lcms/0024-verify-size-before-reading.patch new file mode 100644 index 0000000000..e72e310a1b --- /dev/null +++ b/third_party/lcms/0024-verify-size-before-reading.patch @@ -0,0 +1,17 @@ +diff --git a/third_party/lcms/src/cmstypes.c b/third_party/lcms/src/cmstypes.c +index 75f1fae32..4d96a1ed6 100644 +--- a/third_party/lcms/src/cmstypes.c ++++ b/third_party/lcms/src/cmstypes.c +@@ -173,6 +173,12 @@ cmsBool ReadPositionTable(struct _cms_typehandler_struct* self, + { + cmsUInt32Number i; + cmsUInt32Number *ElementOffsets = NULL, *ElementSizes = NULL; ++ cmsUInt32Number currentPosition; ++ ++ currentPosition = io->Tell(io); ++ // Verify there is enough space left to read two cmsUInt32Number items for Count items. ++ if (((io->ReportedSize - currentPosition) / (2 * sizeof(cmsUInt32Number))) < Count) ++ return FALSE; + + // Let's take the offsets to each element + ElementOffsets = (cmsUInt32Number *) _cmsCalloc(io ->ContextID, Count, sizeof(cmsUInt32Number)); -- cgit v1.2.3