Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(304)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: core/src/fpdfdoc/doc_form.cpp

Issue 1387703002: Fix NULL pointer dereference in CPDF_InterForm. (Closed) Base URL: https://pdfium.googlesource.com/pdfium@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « core/include/fpdfdoc/fpdf_doc.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 PDFium Authors. All rights reserved. 1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6 6
7 #include "../../include/fpdfdoc/fpdf_doc.h" 7 #include "../../include/fpdfdoc/fpdf_doc.h"
8 #include "doc_utils.h" 8 #include "doc_utils.h"
9 9
10 const int nMaxRecursion = 32; 10 const int nMaxRecursion = 32;
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after
226 _Node *pNode = &m_Root, *pLast = NULL; 226 _Node *pNode = &m_Root, *pLast = NULL;
227 while (nLength > 0 && pNode) { 227 while (nLength > 0 && pNode) {
228 pLast = pNode; 228 pLast = pNode;
229 CFX_WideString name = CFX_WideString(pName, nLength); 229 CFX_WideString name = CFX_WideString(pName, nLength);
230 pNode = _Lookup(pLast, name); 230 pNode = _Lookup(pLast, name);
231 name_extractor.GetNext(pName, nLength); 231 name_extractor.GetNext(pName, nLength);
232 } 232 }
233 return pNode; 233 return pNode;
234 } 234 }
235 CPDF_InterForm::CPDF_InterForm(CPDF_Document* pDocument, FX_BOOL bGenerateAP) 235 CPDF_InterForm::CPDF_InterForm(CPDF_Document* pDocument, FX_BOOL bGenerateAP)
236 : CFX_PrivateData() { 236 : CFX_PrivateData(),
237 m_pDocument = pDocument; 237 m_pDocument(pDocument),
238 m_bGenerateAP = bGenerateAP; 238 m_bGenerateAP(bGenerateAP),
239 m_pFormNotify = NULL; 239 m_pFormDict(nullptr),
240 m_bUpdated = FALSE; 240 m_pFieldTree(new CFieldTree),
241 m_pFieldTree = new CFieldTree; 241 m_pFormNotify(nullptr),
242 m_bUpdated(FALSE) {
242 CPDF_Dictionary* pRoot = m_pDocument->GetRoot(); 243 CPDF_Dictionary* pRoot = m_pDocument->GetRoot();
244 if (!pRoot)
245 return;
246
243 m_pFormDict = pRoot->GetDict("AcroForm"); 247 m_pFormDict = pRoot->GetDict("AcroForm");
244 if (m_pFormDict == NULL) { 248 if (!m_pFormDict)
245 return; 249 return;
246 } 250
247 CPDF_Array* pFields = m_pFormDict->GetArray("Fields"); 251 CPDF_Array* pFields = m_pFormDict->GetArray("Fields");
248 if (pFields == NULL) { 252 if (!pFields)
249 return; 253 return;
250 } 254
251 int count = pFields->GetCount(); 255 int count = pFields->GetCount();
252 for (int i = 0; i < count; i++) { 256 for (int i = 0; i < count; i++) {
253 LoadField(pFields->GetDict(i)); 257 LoadField(pFields->GetDict(i));
254 } 258 }
255 } 259 }
256 260
257 CPDF_InterForm::~CPDF_InterForm() { 261 CPDF_InterForm::~CPDF_InterForm() {
258 for (auto it : m_ControlMap) 262 for (auto it : m_ControlMap)
259 delete it.second; 263 delete it.second;
260 if (m_pFieldTree) { 264
261 int nCount = m_pFieldTree->m_Root.CountFields(); 265 int nCount = m_pFieldTree->m_Root.CountFields();
262 for (int i = 0; i < nCount; ++i) { 266 for (int i = 0; i < nCount; ++i) {
263 delete m_pFieldTree->m_Root.GetField(i); 267 delete m_pFieldTree->m_Root.GetField(i);
264 }
265 delete m_pFieldTree;
266 } 268 }
267 } 269 }
268 270
269 FX_BOOL CPDF_InterForm::m_bUpdateAP = TRUE; 271 FX_BOOL CPDF_InterForm::m_bUpdateAP = TRUE;
270 FX_BOOL CPDF_InterForm::UpdatingAPEnabled() { 272 FX_BOOL CPDF_InterForm::UpdatingAPEnabled() {
271 return m_bUpdateAP; 273 return m_bUpdateAP;
272 } 274 }
273 void CPDF_InterForm::EnableUpdateAP(FX_BOOL bUpdateAP) { 275 void CPDF_InterForm::EnableUpdateAP(FX_BOOL bUpdateAP) {
274 m_bUpdateAP = bUpdateAP; 276 m_bUpdateAP = bUpdateAP;
275 } 277 }
(...skipping 1095 matching lines...) Expand 10 before | Expand all | Expand 10 after
1371 FDF_ImportField(pField, L"", bNotify); 1373 FDF_ImportField(pField, L"", bNotify);
1372 } 1374 }
1373 if (bNotify && m_pFormNotify != NULL) { 1375 if (bNotify && m_pFormNotify != NULL) {
1374 m_pFormNotify->AfterFormImportData(this); 1376 m_pFormNotify->AfterFormImportData(this);
1375 } 1377 }
1376 return TRUE; 1378 return TRUE;
1377 } 1379 }
1378 void CPDF_InterForm::SetFormNotify(const CPDF_FormNotify* pNotify) { 1380 void CPDF_InterForm::SetFormNotify(const CPDF_FormNotify* pNotify) {
1379 m_pFormNotify = (CPDF_FormNotify*)pNotify; 1381 m_pFormNotify = (CPDF_FormNotify*)pNotify;
1380 } 1382 }
OLDNEW
« no previous file with comments | « core/include/fpdfdoc/fpdf_doc.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698