poppler/JBIG2Stream.cc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
New commits: commit 388f1bc081bbd612c318ec9cf241911f0271f772 Author: Albert Astals Cid <[email protected]> Date: Wed Nov 11 19:49:52 2020 +0100 JBIG2Stream::readTextRegion: Prevent integer overflow on broken files oss-fuzz/19177 diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc index 60fbea49..3014c9e1 100644 --- a/poppler/JBIG2Stream.cc +++ b/poppler/JBIG2Stream.cc @@ -2251,7 +2251,10 @@ JBIG2Bitmap *JBIG2Stream::readTextRegion(bool huff, bool refine, int w, int h, u } else { arithDecoder->decodeInt(&dt, iaitStats); } - tt = t + dt; + if (unlikely(checkedAdd(t, dt, &tt))) { + delete bitmap; + return nullptr; + } // symbol ID if (huff) { _______________________________________________ poppler mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/poppler
