2
1
mirror of https://github.com/qpdf/qpdf.git synced 2024-12-22 10:58:58 +00:00

Security: fix potential multiplication overflow

Better sanity check inputs to bit stream reader
This commit is contained in:
Jay Berkenbilt 2013-10-05 05:51:54 -04:00
parent c2e91d8ec3
commit eb1b1264b4
2 changed files with 7 additions and 0 deletions

View File

@ -1,5 +1,8 @@
2013-10-05 Jay Berkenbilt <ejb@ql.org>
* Security fix: perform additional argument sanity checks when
reading bit streams.
* Security fix: in QUtil::toUTF8, change bounds checking to avoid
having a pointer point temporarily outside the bounds of an
array. Some compiler optimizations could have made the original

View File

@ -16,6 +16,10 @@ BitStream::reset()
{
p = start;
bit_offset = 7;
if (static_cast<unsigned int>(nbytes) > static_cast<unsigned int>(-1) / 8)
{
throw std::runtime_error("array too large for bitstream");
}
bits_available = 8 * nbytes;
}