[poppler] poppler/GfxState.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Mon May 28 23:02:53 UTC 2018
poppler/GfxState.cc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
New commits:
commit a76c8fbd50a3a5cbe0487158e9d2b325e596d2c6
Author: Albert Astals Cid <aacid at kde.org>
Date: Tue May 29 01:01:26 2018 +0200
GfxSeparationColorSpace::getRGB: ensure color2 doesn't have uninit values
if alt->getNComps() is bigger than func->getOutputSize() (which is most
likely a faulty file) we init those indexes of color2 with 0
fixes oss-fuzz/8586
diff --git a/poppler/GfxState.cc b/poppler/GfxState.cc
index 0ef42a43..ef5d287e 100644
--- a/poppler/GfxState.cc
+++ b/poppler/GfxState.cc
@@ -2816,9 +2816,15 @@ void GfxSeparationColorSpace::getRGB(GfxColor *color, GfxRGB *rgb) {
} else {
x = colToDbl(color->c[0]);
func->transform(&x, c);
- for (i = 0; i < alt->getNComps(); ++i) {
+ const int altNComps = alt->getNComps();
+ for (i = 0; i < altNComps; ++i) {
color2.c[i] = dblToCol(c[i]);
}
+ if (unlikely(altNComps > func->getOutputSize())) {
+ for (i = func->getOutputSize(); i < altNComps; ++i) {
+ color2.c[i] = 0;
+ }
+ }
alt->getRGB(&color2, rgb);
}
}
More information about the poppler
mailing list