[poppler] poppler/GfxState.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Fri May 25 15:43:37 UTC 2018
poppler/GfxState.cc | 4 ++++
1 file changed, 4 insertions(+)
New commits:
commit fef32ba463a225618a967c541d939fd69e02f2dd
Author: Albert Astals Cid <aacid at kde.org>
Date: Fri May 25 17:42:22 2018 +0200
GfxPatchMeshShading::parse: Add bounds check for compBits
The spec is much more strict on what is valid, but i'm only doing a check so that the code doesn't break
fixes oss-fuzz/8445
diff --git a/poppler/GfxState.cc b/poppler/GfxState.cc
index 07da59a7..71ab480b 100644
--- a/poppler/GfxState.cc
+++ b/poppler/GfxState.cc
@@ -5145,6 +5145,10 @@ GfxPatchMeshShading *GfxPatchMeshShading::parse(GfxResources *res, int typeA, Di
error(errSyntaxWarning, -1, "Missing or invalid BitsPerComponent in shading dictionary");
return nullptr;
}
+ if (unlikely(compBits <= 0 || compBits > 31)) {
+ error(errSyntaxWarning, -1, "Invalid BitsPerComponent in shading dictionary");
+ return nullptr;
+ }
obj1 = dict->lookup("BitsPerFlag");
if (obj1.isInt()) {
flagBits = obj1.getInt();
More information about the poppler
mailing list