summaryrefslogtreecommitdiff
path: root/chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium
diff options
context:
space:
mode:
authorLei Zhang <thestig@chromium.org>2020-02-07 21:19:48 +0000
committerMichael Brüning <michael.bruning@qt.io>2020-03-10 15:48:58 +0000
commitedd82d1d7ced0744c5086cfbe0cff4051dc5fee5 (patch)
treeb813aae14dd7e0e72db08345e6f23a3c9ff2a696 /chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium
parent5043a049628bbc0c28e00e40e87744efc96a8472 (diff)
downloadqtwebengine-chromium-edd82d1d7ced0744c5086cfbe0cff4051dc5fee5.tar.gz
[Backport] Security bug 1047097
Cherry-pick of patch originally reviewed on https://pdfium-review.googlesource.com/c/pdfium/+/65830 https://pdfium-review.googlesource.com/c/pdfium/+/66290: M80: Avoid an integer overflow in OpenJPEG. Patch in upstream commit 05f9b91e60debda0e83977e5e63b2e66486f7074. TBR=tsepez@chromium.org Bug: chromium:1047097 Change-Id: Ia9c3c9f3b130f87f47c5aaf5c3640c8008900ce4 Auto-Submit: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org> (cherry picked from commit 65137d177ac2f6c1591a1f6e8b8809936bfd088d) Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
Diffstat (limited to 'chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium')
-rw-r--r--chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium1
1 files changed, 1 insertions, 0 deletions
diff --git a/chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium b/chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium
index 45d8bec44e6..8fc5d4be278 100644
--- a/chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium
+++ b/chromium/third_party/pdfium/third_party/libopenjpeg20/README.pdfium
@@ -29,3 +29,4 @@ Local Modifications:
0034-opj_malloc.patch: PDFium changes in opj_malloc.
0035-opj_image_data_free.patch: Use the right free function in opj_jp2_apply_pclr.
0036-opj_j2k_update_image_dimensions.patch: fix integer overflow.
+0037-tcd_init_tile.patch: Avoid integer overflow in opj_tcd_init_tile().
View Lorry Controller Status