fofi/FoFiBase.cc | 25 ++++++++++++++++++++----- fofi/FoFiBase.h | 1 + 2 files changed, 21 insertions(+), 5 deletions(-)
New commits: commit 33e7d54b4a29d297108ef3dc6008190625125ec8 Author: Albert Astals Cid <[email protected]> Date: Tue Aug 30 17:36:22 2011 +0200 xpdf303: Also check against INT_MAX in FoFiBase diff --git a/fofi/FoFiBase.cc b/fofi/FoFiBase.cc index 4676251..06d12e8 100644 --- a/fofi/FoFiBase.cc +++ b/fofi/FoFiBase.cc @@ -110,7 +110,7 @@ int FoFiBase::getU8(int pos, GBool *ok) { int FoFiBase::getS16BE(int pos, GBool *ok) { int x; - if (pos < 0 || pos+1 >= len) { + if (pos < 0 || pos+1 >= len || pos > INT_MAX - 1) { *ok = gFalse; return 0; } @@ -125,7 +125,7 @@ int FoFiBase::getS16BE(int pos, GBool *ok) { int FoFiBase::getU16BE(int pos, GBool *ok) { int x; - if (pos < 0 || pos+1 >= len) { + if (pos < 0 || pos+1 >= len || pos > INT_MAX - 1) { *ok = gFalse; return 0; } @@ -137,7 +137,7 @@ int FoFiBase::getU16BE(int pos, GBool *ok) { int FoFiBase::getS32BE(int pos, GBool *ok) { int x; - if (pos < 0 || pos+3 >= len) { + if (pos < 0 || pos+3 >= len || pos > INT_MAX - 3) { *ok = gFalse; return 0; } @@ -154,7 +154,7 @@ int FoFiBase::getS32BE(int pos, GBool *ok) { Guint FoFiBase::getU32BE(int pos, GBool *ok) { Guint x; - if (pos < 0 || pos+3 >= len) { + if (pos < 0 || pos+3 >= len || pos > INT_MAX - 3) { *ok = gFalse; return 0; } @@ -183,7 +183,7 @@ Guint FoFiBase::getUVarBE(int pos, int size, GBool *ok) { Guint x; int i; - if (pos < 0 || pos + size > len) { + if (pos < 0 || pos + size > len || pos > INT_MAX - size) { *ok = gFalse; return 0; } commit fb1f56f091e5329b30279916b182f64134f3b2e6 Author: Albert Astals Cid <[email protected]> Date: Tue Aug 30 17:34:50 2011 +0200 xpdf303: Introduce FoFiBase::getU32LE diff --git a/fofi/FoFiBase.cc b/fofi/FoFiBase.cc index 5280838..4676251 100644 --- a/fofi/FoFiBase.cc +++ b/fofi/FoFiBase.cc @@ -28,6 +28,7 @@ #endif #include <stdio.h> +#include <limits.h> #include "goo/gmem.h" #include "poppler/Error.h" #include "FoFiBase.h" @@ -164,6 +165,20 @@ Guint FoFiBase::getU32BE(int pos, GBool *ok) { return x; } +Guint FoFiBase::getU32LE(int pos, GBool *ok) { + Guint x; + + if (pos < 0 || pos+3 >= len || pos > INT_MAX - 3) { + *ok = gFalse; + return 0; + } + x = file[pos+3]; + x = (x << 8) + file[pos+2]; + x = (x << 8) + file[pos+1]; + x = (x << 8) + file[pos]; + return x; +} + Guint FoFiBase::getUVarBE(int pos, int size, GBool *ok) { Guint x; int i; diff --git a/fofi/FoFiBase.h b/fofi/FoFiBase.h index 4babb63..d613acd 100644 --- a/fofi/FoFiBase.h +++ b/fofi/FoFiBase.h @@ -42,6 +42,7 @@ protected: int getU16BE(int pos, GBool *ok); int getS32BE(int pos, GBool *ok); Guint getU32BE(int pos, GBool *ok); + Guint getU32LE(int pos, GBool *ok); Guint getUVarBE(int pos, int size, GBool *ok); GBool checkRegion(int pos, int size); _______________________________________________ poppler mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/poppler
