poppler/GfxState.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
New commits: commit c792e4cde92e6ece06592955068ffb579e826382 Author: Adam Reichold <[email protected]> Date: Sat Sep 22 12:58:50 2018 +0200 Fix integer overflow by moving check bits-per-compoennt before mask computation. oss-fuzz/9343 diff --git a/poppler/GfxState.cc b/poppler/GfxState.cc index b8423f23..3137851d 100644 --- a/poppler/GfxState.cc +++ b/poppler/GfxState.cc @@ -5708,6 +5708,9 @@ GfxImageColorMap::GfxImageColorMap(int bitsA, Object *decode, useMatte = gFalse; // bits per component and color space + if (unlikely(bitsA <= 0 || bitsA > 30)) + goto err1; + bits = bitsA; maxPixel = (1 << bits) - 1; colorSpace = colorSpaceA; @@ -5725,9 +5728,6 @@ GfxImageColorMap::GfxImageColorMap(int bitsA, Object *decode, } byte_lookup = nullptr; - if (unlikely(bits <= 0)) - goto err1; - // get decode map if (decode->isNull()) { nComps = colorSpace->getNComps(); _______________________________________________ poppler mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/poppler
