Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(157)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1877033003: Prevent an OOB access in CPDF_DIBSource::TranslateScanline24bpp (Closed)

Created:
4 years, 8 months ago by Oliver Chang
Modified:
4 years, 8 months ago
Reviewers:
Tom Sepez
Base URL:
https://pdfium.googlesource.com/pdfium.git@master
Target Ref:
refs/heads/master
Project:
pdfium
Visibility:
Public.

Description

Prevent an OOB access in CPDF_DIBSource::TranslateScanline24bpp if |m_Family| was RGB, the code assumed there were 3 components, which may not be the case. BUG=chromium:602046 R=tsepez@chromium.org Committed: https://pdfium.googlesource.com/pdfium/+/6a3521f049b35c801f124f1573718021a785ff6b

Patch Set 1 #

Total comments: 3

Patch Set 2 : return early #

Unified diffs Side-by-side diffs Delta from patch set Stats (+3 lines, -0 lines) Patch
M core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp View 1 1 chunk +3 lines, -0 lines 0 comments Download

Messages

Total messages: 12 (4 generated)
Tom Sepez
Can we also add the test? https://codereview.chromium.org/1877033003/diff/1/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp File core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp (right): https://codereview.chromium.org/1877033003/diff/1/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp#newcode921 core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp:921: m_nComponents == 3) ...
4 years, 8 months ago (2016-04-12 00:39:27 UTC) #3
Oliver Chang
I can only reproduce this on a chromium checkout, probably because chromium uses libjpeg_turbo while ...
4 years, 8 months ago (2016-04-12 00:48:59 UTC) #4
Tom Sepez
> I'm not sure if we get good output, but it doesn't look like the ...
4 years, 8 months ago (2016-04-12 16:30:57 UTC) #5
Oliver Chang
https://codereview.chromium.org/1877033003/diff/1/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp File core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp (right): https://codereview.chromium.org/1877033003/diff/1/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp#newcode921 core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp:921: m_nComponents == 3) { On 2016/04/12 00:48:59, Oliver Chang ...
4 years, 8 months ago (2016-04-12 16:36:22 UTC) #6
Oliver Chang
On 2016/04/12 16:36:22, Oliver Chang wrote: > https://codereview.chromium.org/1877033003/diff/1/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp > File core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp (right): > > https://codereview.chromium.org/1877033003/diff/1/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp#newcode921 ...
4 years, 8 months ago (2016-04-12 18:41:26 UTC) #7
Tom Sepez
lgtm
4 years, 8 months ago (2016-04-12 20:06:40 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1877033003/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1877033003/20001
4 years, 8 months ago (2016-04-12 20:11:04 UTC) #10
commit-bot: I haz the power
4 years, 8 months ago (2016-04-12 20:31:40 UTC) #12
Message was sent while issue was closed. 
Committed patchset #2 (id:20001) as
https://pdfium.googlesource.com/pdfium/+/6a3521f049b35c801f124f1573718021a785...

Powered by Google App Engine
This is Rietveld 408576698