From c37d7d452d6a37c997c8709576dd71406ecff618 Mon Sep 17 00:00:00 2001
From: stackexploit <stackexploit@gmail.com>
Date: Mon, 29 Aug 2016 12:04:49 -0700
Subject: openjpeg: Prevent an integer overflow in opj_jp2_apply_pclr.

This patch also prevent a null pointer access problem.

BUG=chromium:638829
R=ochang@chromium.org

Review-Url: https://codereview.chromium.org/2270343002
---
 third_party/libopenjpeg20/README.pdfium | 1 +
 1 file changed, 1 insertion(+)

(limited to 'third_party/libopenjpeg20/README.pdfium')

diff --git a/third_party/libopenjpeg20/README.pdfium b/third_party/libopenjpeg20/README.pdfium
index 7779044799..2c8d93c1d0 100644
--- a/third_party/libopenjpeg20/README.pdfium
+++ b/third_party/libopenjpeg20/README.pdfium
@@ -31,4 +31,5 @@ Local Modifications:
 0019-tcd_init_tile.patch: Prevent integer overflows during calculation of |l_nb_code_blocks_size|.
 0020-opj_aligned_malloc.patch: Prevent overflows when using opj_aligned_malloc().
 0021-tcd_init_tile_negative.patch: Prevent negative x, y values in opj_tcd_init_tile.
+0022-jp2_apply_pclr_overflow.patch: Prevent integer overflow in opj_jp2_apply_pclr.
 TODO(thestig): List all the other patches.
-- 
cgit v1.2.3