mirror of
https://github.com/qpdf/qpdf.git
synced 2024-12-22 19:08:59 +00:00
Check for overflow in page labels (fuzz issue 23599)
This commit is contained in:
parent
7f4a4df919
commit
c1684eae91
1
TODO
1
TODO
@ -65,7 +65,6 @@ Fuzz Errors
|
|||||||
* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=<N>
|
* https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=<N>
|
||||||
|
|
||||||
* New:
|
* New:
|
||||||
* 23599: integer overflow: https://oss-fuzz.com/testcase?key=6290807920525312
|
|
||||||
* 23642: leak: https://oss-fuzz.com/testcase-detail/4906569690251264
|
* 23642: leak: https://oss-fuzz.com/testcase-detail/4906569690251264
|
||||||
|
|
||||||
* Ignoring these:
|
* Ignoring these:
|
||||||
|
BIN
fuzz/qpdf_extra/23599.fuzz
Normal file
BIN
fuzz/qpdf_extra/23599.fuzz
Normal file
Binary file not shown.
@ -53,6 +53,7 @@ QPDFPageLabelDocumentHelper::getLabelForPage(long long page_idx)
|
|||||||
{
|
{
|
||||||
start = St.getIntValue();
|
start = St.getIntValue();
|
||||||
}
|
}
|
||||||
|
QIntC::range_check(start, offset);
|
||||||
start += offset;
|
start += offset;
|
||||||
result = QPDFObjectHandle::newDictionary();
|
result = QPDFObjectHandle::newDictionary();
|
||||||
result.replaceOrRemoveKey("/S", S);
|
result.replaceOrRemoveKey("/S", S);
|
||||||
|
Loading…
Reference in New Issue
Block a user