Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix for heap vulnerability
  • Loading branch information
flexpaper committed Mar 23, 2019
1 parent 330067c commit 80bf71f
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 3 deletions.
12 changes: 9 additions & 3 deletions xpdf/CharCodeToUnicode.cc
Expand Up @@ -21,6 +21,7 @@
#include "GlobalParams.h"
#include "PSTokenizer.h"
#include "CharCodeToUnicode.h"
#include "GooLikely.h"

//------------------------------------------------------------------------

Expand Down Expand Up @@ -320,9 +321,14 @@ void CharCodeToUnicode::addMapping(CharCode code, char *uStr, int n,
if (code >= mapLen) {
oldLen = mapLen;
mapLen = (code + 256) & ~255;
map = (Unicode *)greallocn(map, mapLen, sizeof(Unicode));
for (i = oldLen; i < mapLen; ++i) {
map[i] = 0;
if (unlikely(code >= mapLen)) {
error(-1, "Illegal code value in CharCodeToUnicode::addMapping");
return;
} else {
map = (Unicode *)greallocn(map, mapLen, sizeof(Unicode));
for (i = oldLen; i < mapLen; ++i) {
map[i] = 0;
}
}
}
if (n <= 4) {
Expand Down
22 changes: 22 additions & 0 deletions xpdf/GooLikely.h
@@ -0,0 +1,22 @@
//========================================================================
//
// GooLikely.h
//
// This file is licensed under the GPLv2 or later
//
// Copyright (C) 2008 Kees Cook <kees@outflux.net>
//
//========================================================================

#ifndef GOOLIKELY_H
#define GOOLIKELY_H

#if defined(__GNUC__) && (__GNUC__ > 2) && defined(__OPTIMIZE__)
# define likely(x) __builtin_expect((x), 1)
# define unlikely(x) __builtin_expect((x), 0)
#else
# define likely(x) (x)
# define unlikely(x) (x)
#endif

#endif

0 comments on commit 80bf71f

Please sign in to comment.