[poppler] splash/Splash.cc
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Sat Dec 21 09:08:14 UTC 2019
splash/Splash.cc | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
New commits:
commit a0289d279d5de130065bc7f35eb264d9ba42b682
Author: Albert Astals Cid <aacid at kde.org>
Date: Sat Dec 21 09:56:38 2019 +0100
Splash::scaleImageYdXu: Protect against crash if srcWidth is too big
oss-fuzz/19630
diff --git a/splash/Splash.cc b/splash/Splash.cc
index 5491fcc0..3d80b5c4 100644
--- a/splash/Splash.cc
+++ b/splash/Splash.cc
@@ -4356,8 +4356,12 @@ void Splash::scaleImageYdXu(SplashImageSource src, void *srcData,
xq = scaledWidth % srcWidth;
// allocate buffers
+ pixBuf = (unsigned int *)gmallocn_checkoverflow(srcWidth, nComps * sizeof(int));
+ if (unlikely(!pixBuf)) {
+ error(errInternal, -1, "Splash::scaleImageYdXu. Couldn't allocate pixBuf memory");
+ return;
+ }
lineBuf = (unsigned char *)gmallocn(srcWidth, nComps);
- pixBuf = (unsigned int *)gmallocn(srcWidth, nComps * sizeof(int));
if (srcAlpha) {
alphaLineBuf = (unsigned char *)gmalloc(srcWidth);
alphaPixBuf = (unsigned int *)gmallocn(srcWidth, sizeof(int));
More information about the poppler
mailing list