Fix infinite loop for objects that reference themselves.

core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp

Index: core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp
diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp
index 592a7b13265dc3fb403734af9ca9db9ae0d84823..3cb849425ff56f6a437734a734e52e40a4660df6 100644
--- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp
+++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_objects.cpp
@@ -134,6 +134,7 @@ int CPDF_Object::GetInteger() const {
   }
   return 0;
 }
+
 CPDF_Dictionary* CPDF_Object::GetDict() const {
   switch (m_Type) {
     case PDFOBJ_DICTIONARY:
@@ -142,19 +143,19 @@ CPDF_Dictionary* CPDF_Object::GetDict() const {
       return ((CPDF_Stream*)this)->GetDict();
     case PDFOBJ_REFERENCE: {
       CPDF_Reference* pRef = (CPDF_Reference*)this;
-      if (pRef->m_pObjList == NULL) {
-        break;
-      }
-      CPDF_Object* pObj =
-          pRef->m_pObjList->GetIndirectObject(pRef->m_RefObjNum);
-      if (pObj == NULL) {
-        return NULL;
-      }
+      CPDF_IndirectObjects* pIndirect = pRef->GetObjList();
+      if (!pIndirect)
+        return nullptr;
+      CPDF_Object* pObj = pIndirect->GetIndirectObject(pRef->m_RefObjNum);

[jun_fang, 2015/08/21 21:44:43]

nit: call pRef->GetRefObjNum to get object number to replace pRef->m_RefObjNum.
It's the same rule as pRef->GetObjList().

[Lei Zhang, 2015/08/31 05:45:02]

Done. I made the same change everywhere in the file.

+      if (!pObj || (pObj == this))
+        return nullptr;
       return pObj->GetDict();
     }
+    default:
+      return nullptr;
   }
-  return NULL;
 }
+
 CPDF_Array* CPDF_Object::GetArray() const {
   if (m_Type == PDFOBJ_ARRAY)
     return (CPDF_Array*)this;