[poppler] poppler/JBIG2Stream.cc
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Mon Nov 16 18:54:43 UTC 2020
poppler/JBIG2Stream.cc | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
New commits:
commit 5a65db3d992eeb8a4cd4b2531f3c59ad25940487
Author: Albert Astals Cid <aacid at kde.org>
Date: Mon Nov 16 19:49:54 2020 +0100
JBIG2Stream::readCodeTableSeg: More overflow protection in broken files
diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc
index f267f413..a80806c4 100644
--- a/poppler/JBIG2Stream.cc
+++ b/poppler/JBIG2Stream.cc
@@ -3910,7 +3910,10 @@ void JBIG2Stream::readCodeTableSeg(unsigned int segNum, unsigned int length)
huffTab[i].val = val;
huffTab[i].prefixLen = huffDecoder->readBits(prefixBits);
huffTab[i].rangeLen = huffDecoder->readBits(rangeBits);
- val += 1 << huffTab[i].rangeLen;
+ if (unlikely(checkedAdd(val, 1 << huffTab[i].rangeLen, &val))) {
+ free(huffTab);
+ return;
+ }
++i;
}
if (i + oob + 3 > huffTabSize) {
More information about the poppler
mailing list