From: Mathieu Malaterre <mathieu.malaterre@gmail.com>
Date: Wed, 26 Feb 2014 11:09:59 +0000 (+0000)
Subject: [trunk] Import patch from sumatrapdf team. This handle testcase 1610.pdf.SIGSEGV... 
X-Git-Tag: version.2.0.1~4^2~219
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7195a23a9d761d00bcf674ad1424648435fcfc57;p=openjpeg

[trunk] Import patch from sumatrapdf team. This handle testcase 1610.pdf.SIGSEGV.59c.681
Update issue 225
---

diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
index a6397eff..120e94fc 100644
--- a/src/lib/openjp2/j2k.c
+++ b/src/lib/openjp2/j2k.c
@@ -1965,6 +1965,12 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k,
                 return OPJ_FALSE;
         }
 
+        /* testcase 1610.pdf.SIGSEGV.59c.681 */
+        if (((OPJ_UINT64)l_image->x1) * ((OPJ_UINT64)l_image->y1) != (l_image->x1 * l_image->y1)) {
+                opj_event_msg(p_manager, EVT_ERROR, "Prevent buffer overflow (x1: %d, y1: %d)", l_image->x1, l_image->y1);
+                return OPJ_FALSE;
+        }
+
 #ifdef USE_JPWL
         if (l_cp->correct) {
                 /* if JPWL is on, we check whether TX errors have damaged