diff options
| author | Albert Astals Cid <aacid@kde.org> | 2021-01-09 17:34:55 +0100 |
|---|---|---|
| committer | Albert Astals Cid <aacid@kde.org> | 2021-01-09 17:34:55 +0100 |
| commit | e68410e359da932c7f30d8f0a41a5496268b339c (patch) | |
| tree | a327b4cc0eb4368f350a2aef47cd29217ea4fe1c | |
| parent | 9dcf1e396a240df50bcc05339855732d1535260b (diff) | |
Gfx::opSetFillGray: Make sure the colorspace is gray
Otherwise we will end up doing an uninitialized memory read down the
road
oss-fuzz/10040
| -rw-r--r-- | poppler/Gfx.cc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/poppler/Gfx.cc b/poppler/Gfx.cc index 20d450ed..694538cf 100644 --- a/poppler/Gfx.cc +++ b/poppler/Gfx.cc @@ -1310,7 +1310,8 @@ void Gfx::opSetFillGray(Object args[], int numArgs) if (!obj.isNull()) { colorSpace = GfxColorSpace::parse(res, &obj, out, state); } - if (colorSpace == nullptr) { + if (colorSpace == nullptr || colorSpace->getNComps() != 1) { + delete colorSpace; colorSpace = state->copyDefaultGrayColorSpace(); } state->setFillColorSpace(colorSpace); |