Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: cherry-pick a48de319c521 from pdfium #33715

Merged
merged 3 commits into from Apr 12, 2022

Conversation

nornagon
Copy link
Member

@nornagon nornagon commented Apr 11, 2022

Use safe arithmetic in CJBig2_Context::ParseSymbolDict()

These should be mitigated by size checks higher up, but it wouldn't
hurt to be sure.

Bug: chromium:1280743
Change-Id: I03c46e3d11316a9f9634256bd0e2394548d2681e
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/88290
Reviewed-by: Lei Zhang thestig@chromium.org
Commit-Queue: Tom Sepez tsepez@chromium.org

Notes: Security: backported fix for chromium:1280743.

@nornagon nornagon requested review from a team as code owners Apr 11, 2022
@nornagon nornagon added 15-x-y backport-check-skip security 🔒 semver/patch labels Apr 11, 2022
@electron-cation electron-cation bot added new-pr 🌱 and removed new-pr 🌱 labels Apr 11, 2022
@codebytere codebytere merged commit 458a843 into 15-x-y Apr 12, 2022
15 checks passed
@codebytere codebytere deleted the cherry-pick/15-x-y/pdfium/a48de319c521 branch Apr 12, 2022
@release-clerk
Copy link

release-clerk bot commented Apr 12, 2022

Release Notes Persisted

Security: backported fix for chromium:1280743.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
15-x-y backport-check-skip security 🔒 semver/patch
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants