Merge to XFA: Fix the issue that pdfium swallows 'fi' or 'ff' in some pdf files

core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

 // Copyright 2014 PDFium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
 
 #include <set>
 #include <utility>
 #include <vector>
 
@@ skipping 2446 matching lines @@
                                            FX_DWORD objnum,
                                            FX_DWORD gennum) {
   CPDF_Object* pLenObj = pDict->GetElement(FX_BSTRC("Length"));
   FX_FILESIZE len = -1;
   if (pLenObj && ((pLenObj->GetType() != PDFOBJ_REFERENCE) ||
                   ((((CPDF_Reference*)pLenObj)->GetObjList()) &&
                    ((CPDF_Reference*)pLenObj)->GetRefObjNum() != objnum))) {
     len = pLenObj->GetInteger();
   }
   // Check whether end of line markers follow the keyword 'stream'.
-  unsigned int numMarkers = ReadEOLMarkers(m_Pos);
-  m_Pos += numMarkers;
+  // The stream starts after end of line markers.
+  m_Pos += ReadEOLMarkers(m_Pos);
   FX_FILESIZE streamStartPos = m_Pos;
   if (pContext) {
     pContext->m_DataStart = streamStartPos;
   }
   const unsigned int ENDSTREAM_LEN = sizeof("endstream") - 1;
   const unsigned int ENDOBJ_LEN = sizeof("endobj") - 1;
   CPDF_CryptoHandler* pCryptoHandler =
       objnum == (FX_DWORD)m_MetadataObjnum ? nullptr : m_pCryptoHandler;
   if (!pCryptoHandler) {
     FX_BOOL bSearchForKeyword = TRUE;
-    unsigned int prevMarkers = 0;
-    unsigned int nextMarkers = 0;
     if (len >= 0) {
       pdfium::base::CheckedNumeric<FX_FILESIZE> pos = m_Pos;
       pos += len;
       if (pos.IsValid() && pos.ValueOrDie() < m_FileLen) {
         m_Pos = pos.ValueOrDie();
       }
-      prevMarkers = ReadEOLMarkers(m_Pos);
+      m_Pos += ReadEOLMarkers(m_Pos);
+      FXSYS_memset(m_WordBuffer, 0, ENDSTREAM_LEN + 1);
       GetNextWord();
-      nextMarkers = ReadEOLMarkers(m_Pos);
-      if (m_WordSize == ENDSTREAM_LEN && prevMarkers != 0 && nextMarkers != 0 &&
-          FXSYS_memcmp(m_WordBuffer, "endstream", ENDSTREAM_LEN) == 0) {
+      if (FXSYS_memcmp(m_WordBuffer, "endstream", ENDSTREAM_LEN) == 0 &&
+          IsWholeWord(m_Pos - ENDSTREAM_LEN, m_FileLen,
+                      FX_BSTRC("endstream").GetPtr(), ENDSTREAM_LEN, TRUE)) {
         bSearchForKeyword = FALSE;
       }
     }
     if (bSearchForKeyword) {
       // If len is not available, len needs to be calculated
       // by searching the keywords "endstream" or "endobj".
       m_Pos = streamStartPos;
       FX_FILESIZE endStreamOffset = 0;
       while (endStreamOffset >= 0) {
         endStreamOffset = FindTag(FX_BSTRC("endstream"), 0);
         if (endStreamOffset < 0) {
           // Can't find any "endstream".
           break;
         }
-        prevMarkers = ReadEOLMarkers(streamStartPos + endStreamOffset - 1);
-        nextMarkers =
-            ReadEOLMarkers(streamStartPos + endStreamOffset + ENDSTREAM_LEN);
-        if (prevMarkers != 0 && nextMarkers != 0) {
+        if (IsWholeWord(m_Pos - ENDSTREAM_LEN, m_FileLen,
+                        FX_BSTRC("endstream").GetPtr(), ENDSTREAM_LEN, TRUE)) {
           // Stop searching when the keyword "endstream" is found.
+          endStreamOffset = m_Pos - streamStartPos - ENDSTREAM_LEN;
           break;
-        } else {
-          unsigned char ch = 0x00;
-          GetCharAt(streamStartPos + endStreamOffset + ENDSTREAM_LEN, ch);
-          if (ch == 0x09 || ch == 0x20) {
-            //"endstream" is treated as a keyword
-            // when it is followed by a tab or whitespace
-            break;
-          }
         }
-        m_Pos += ENDSTREAM_LEN;
       }
       m_Pos = streamStartPos;
       FX_FILESIZE endObjOffset = 0;
       while (endObjOffset >= 0) {
         endObjOffset = FindTag(FX_BSTRC("endobj"), 0);
         if (endObjOffset < 0) {
           // Can't find any "endobj".
           break;
         }
-        prevMarkers = ReadEOLMarkers(streamStartPos + endObjOffset - 1);
-        nextMarkers =
-            ReadEOLMarkers(streamStartPos + endObjOffset + ENDOBJ_LEN);
-        if (prevMarkers != 0 && nextMarkers != 0) {
+        if (IsWholeWord(m_Pos - ENDOBJ_LEN, m_FileLen,
+                        FX_BSTRC("endobj").GetPtr(), ENDOBJ_LEN, TRUE)) {
           // Stop searching when the keyword "endobj" is found.
+          endObjOffset = m_Pos - streamStartPos - ENDOBJ_LEN;
           break;
         }
-        m_Pos += ENDOBJ_LEN;
       }
       if (endStreamOffset < 0 && endObjOffset < 0) {
         // Can't find "endstream" or "endobj".
         return nullptr;
       }
       if (endStreamOffset < 0 && endObjOffset >= 0) {
         // Correct the position of end stream.
         endStreamOffset = endObjOffset;
       } else if (endStreamOffset >= 0 && endObjOffset < 0) {
         // Correct the position of end obj.
         endObjOffset = endStreamOffset;
       } else if (endStreamOffset > endObjOffset) {
         endStreamOffset = endObjOffset;
       }
       len = endStreamOffset;
-      numMarkers = ReadEOLMarkers(streamStartPos + endStreamOffset - 2);
+      int numMarkers = ReadEOLMarkers(streamStartPos + endStreamOffset - 2);
       if (numMarkers == 2) {
         len -= 2;
       } else {
         numMarkers = ReadEOLMarkers(streamStartPos + endStreamOffset - 1);
         if (numMarkers == 1) {
           len -= 1;
         }
       }
       if (len <= 0) {
         return nullptr;
@@ skipping 16 matching lines @@
     FX_Free(pData);
     pData = dest_buf.GetBuffer();
     len = dest_buf.GetSize();
     dest_buf.DetachBuffer();
   }
   CPDF_Stream* pStream = new CPDF_Stream(pData, len, pDict);
   if (pContext) {
     pContext->m_DataEnd = pContext->m_DataStart + len;
   }
   streamStartPos = m_Pos;
+  FXSYS_memset(m_WordBuffer, 0, ENDOBJ_LEN + 1);
   GetNextWord();
-  numMarkers = ReadEOLMarkers(m_Pos);
+  int numMarkers = ReadEOLMarkers(m_Pos);
   if (m_WordSize == ENDOBJ_LEN && numMarkers != 0 &&
       FXSYS_memcmp(m_WordBuffer, "endobj", ENDOBJ_LEN) == 0) {
     m_Pos = streamStartPos;
   }
   return pStream;
 }
 void CPDF_SyntaxParser::InitParser(IFX_FileRead* pFileAccess,
                                    FX_DWORD HeaderOffset) {
   FX_Free(m_pFileBuf);
   m_pFileBuf = FX_Alloc(uint8_t, m_BufSize);
@@ skipping 10 matching lines @@
   GetNextWord();
   if (!m_bIsNumber) {
     return 0;
   }
   m_WordBuffer[m_WordSize] = 0;
   return FXSYS_atoi((const FX_CHAR*)m_WordBuffer);
 }
 FX_BOOL CPDF_SyntaxParser::IsWholeWord(FX_FILESIZE startpos,
                                        FX_FILESIZE limit,
                                        const uint8_t* tag,
-                                       FX_DWORD taglen) {
+                                       FX_DWORD taglen,
+                                       FX_BOOL checkKeyword) {
   uint8_t type = PDF_CharType[tag[0]];
   FX_BOOL bCheckLeft = type != 'D' && type != 'W';
   type = PDF_CharType[tag[taglen - 1]];
   FX_BOOL bCheckRight = type != 'D' && type != 'W';
   uint8_t ch;
   if (bCheckRight && startpos + (int32_t)taglen <= limit &&
       GetCharAt(startpos + (int32_t)taglen, ch)) {
     uint8_t type = PDF_CharType[ch];
-    if (type == 'N' || type == 'R') {
+    if (type == 'N' || type == 'R' || (checkKeyword && type == 'D')) {
       return FALSE;
     }
   }
   if (bCheckLeft && startpos > 0 && GetCharAt(startpos - 1, ch)) {
     uint8_t type = PDF_CharType[ch];
-    if (type == 'N' || type == 'R') {
+    if (type == 'N' || type == 'R' || (checkKeyword && type == 'D')) {
       return FALSE;
     }
   }
   return TRUE;
 }
 FX_BOOL CPDF_SyntaxParser::SearchWord(const CFX_ByteStringC& tag,
                                       FX_BOOL bWholeWord,
                                       FX_BOOL bForward,
                                       FX_FILESIZE limit) {
   int32_t taglen = tag.GetLength();
@@ skipping 35 matching lines @@
           continue;
         }
       } else {
         offset--;
         if (offset >= 0) {
           pos--;
           continue;
         }
       }
       FX_FILESIZE startpos = bForward ? pos - taglen + 1 : pos;
-      if (!bWholeWord || IsWholeWord(startpos, limit, tag.GetPtr(), taglen)) {
+      if (!bWholeWord ||
+          IsWholeWord(startpos, limit, tag.GetPtr(), taglen, FALSE)) {
         m_Pos = startpos;
         return TRUE;
       }
     }
     if (bForward) {
       offset = byte == tag_data[0] ? 1 : 0;
       pos++;
     } else {
       offset = byte == tag_data[taglen - 1] ? taglen - 2 : taglen - 1;
       pos--;
@@ skipping 36 matching lines @@
   uint8_t byte;
   GetCharAt(pos++, byte);
   int32_t found = -1;
   while (1) {
     for (i = 0; i < ntags; i++) {
       if (pPatterns[i].m_pTag[pPatterns[i].m_Offset] == byte) {
         pPatterns[i].m_Offset++;
         if (pPatterns[i].m_Offset == pPatterns[i].m_Len) {
           if (!bWholeWord ||
               IsWholeWord(pos - pPatterns[i].m_Len, limit, pPatterns[i].m_pTag,
-                          pPatterns[i].m_Len)) {
+                          pPatterns[i].m_Len, FALSE)) {
             found = i;
             goto end;
           } else {
             if (pPatterns[i].m_pTag[0] == byte) {
               pPatterns[i].m_Offset = 1;
             } else {
               pPatterns[i].m_Offset = 0;
             }
           }
         }
@@ skipping 1930 matching lines @@
   return FALSE;
 }
 CPDF_PageNode::~CPDF_PageNode() {
   int32_t iSize = m_childNode.GetSize();
   for (int32_t i = 0; i < iSize; ++i) {
     CPDF_PageNode* pNode = (CPDF_PageNode*)m_childNode[i];
     delete pNode;
   }
   m_childNode.RemoveAll();
 }