Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(390)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1830243003: Added bounds checking to GetNameFromTT to handle corrupt files. (Closed)

Created:
4 years, 9 months ago by Tom Sepez
Modified:
4 years, 9 months ago
Reviewers:
forshaw
CC:
pdfium-reviews_googlegroups.com, Will Harris
Base URL:
https://pdfium.googlesource.com/pdfium.git@master
Target Ref:
refs/heads/master
Project:
pdfium
Visibility:
Public.

Description

Added bounds checking to GetNameFromTT to handle corrupt files. Patch by forshaw. This patch adds bounds checking to the names buffer passed to GetNameFromTT. There are observed crashes in this function where data is read outside of the bounds allocated and passed to GetNameFromTT. There's no reason that this function should ever try and read outside of the allocated bounds. BUG=583037 TBR=forshaw@chromium.org patch from issue 1829013002 at patchset 40001 (http://crrev.com/1829013002#ps40001) Committed: https://pdfium.googlesource.com/pdfium/+/676947ce0204914da1d8fb159730432c0fb0a3a2

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+46 lines, -16 lines) Patch
M core/fpdfapi/fpdf_edit/fpdf_edit_doc.cpp View 1 chunk +1 line, -1 line 0 comments Download
M core/fxge/ge/fx_ge_fontmap.cpp View 3 chunks +42 lines, -14 lines 0 comments Download
M core/include/fxge/fx_font.h View 1 chunk +3 lines, -1 line 0 comments Download

Messages

Total messages: 6 (4 generated)
Tom Sepez
TBR
4 years, 9 months ago (2016-03-24 17:38:29 UTC) #4
Tom Sepez
4 years, 9 months ago (2016-03-24 18:09:50 UTC) #6
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as
676947ce0204914da1d8fb159730432c0fb0a3a2 (presubmit successful).

Powered by Google App Engine
This is Rietveld 408576698