Stack exhaustion if PDFium returns circular bookmarks.

pdf/pdfium/pdfium_engine.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "pdf/pdfium/pdfium_engine.h"
 
 #include <math.h>
 
 #include "base/i18n/icu_encoding_detection.h"
 #include "base/i18n/icu_string_conversions.h"
@@ skipping 526 matching lines @@
   // Do nothing
 #else
   NOTIMPLEMENTED();
 #endif
 }
 
 // Returns a VarDictionary (representing a bookmark), which in turn contains
 // child VarDictionaries (representing the child bookmarks).
 // If NULL is passed in as the bookmark then we traverse from the "root".
 // Note that the "root" bookmark contains no useful information.
-pp::VarDictionary TraverseBookmarks(FPDF_DOCUMENT doc, FPDF_BOOKMARK bookmark) {
+pp::VarDictionary TraverseBookmarks(FPDF_DOCUMENT doc,
+                                    FPDF_BOOKMARK bookmark,
+                                    unsigned int depth) {
   pp::VarDictionary dict;
   base::string16 title;
   unsigned long buffer_size = FPDFBookmark_GetTitle(bookmark, NULL, 0);
   if (buffer_size > 0) {
     PDFiumAPIStringBufferSizeInBytesAdapter<base::string16> api_string_adapter(
         &title, buffer_size, true);
     api_string_adapter.Close(FPDFBookmark_GetTitle(
         bookmark, api_string_adapter.GetData(), buffer_size));
   }
   dict.Set(pp::Var("title"), pp::Var(base::UTF16ToUTF8(title)));
 
   FPDF_DEST dest = FPDFBookmark_GetDest(doc, bookmark);
   // Some bookmarks don't have a page to select.
   if (dest) {
     int page_index = FPDFDest_GetPageIndex(doc, dest);
     dict.Set(pp::Var("page"), pp::Var(page_index));
   }
 
   pp::VarArray children;
-  int child_index = 0;
-  for (FPDF_BOOKMARK child_bookmark = FPDFBookmark_GetFirstChild(doc, bookmark);
-      child_bookmark != NULL;
-      child_bookmark = FPDFBookmark_GetNextSibling(doc, child_bookmark)) {
-    children.Set(child_index, TraverseBookmarks(doc, child_bookmark));
-    child_index++;
+
+  // Don't trust PDFium to handle circular bookmarks.
+  const unsigned int kMaxDepth = 128;
+  if (depth < kMaxDepth) {
+    int child_index = 0;
+    for (FPDF_BOOKMARK child_bookmark =
+             FPDFBookmark_GetFirstChild(doc, bookmark);
+         child_bookmark != NULL;
+         child_bookmark = FPDFBookmark_GetNextSibling(doc, child_bookmark)) {
+      children.Set(child_index,
+                   TraverseBookmarks(doc, child_bookmark, depth + 1));
+      child_index++;
+    }
   }
   dict.Set(pp::Var("children"), children);
   return dict;
 }
 
 std::string GetDocumentMetadata(FPDF_DOCUMENT doc, const std::string& key) {
   size_t size = FPDF_GetMetaText(doc, key.c_str(), nullptr, 0);
   if (size == 0)
     return std::string();
 
@@ skipping 1843 matching lines @@
       selection_.push_back(PDFiumRange(pages_[i], 0,
                            pages_[i]->GetCharCount()));
     }
 }
 
 int PDFiumEngine::GetNumberOfPages() {
   return pages_.size();
 }
 
 pp::VarArray PDFiumEngine::GetBookmarks() {
-  pp::VarDictionary dict = TraverseBookmarks(doc_, NULL);
+  pp::VarDictionary dict = TraverseBookmarks(doc_, NULL, 0);
   // The root bookmark contains no useful information.
   return pp::VarArray(dict.Get(pp::Var("children")));
 }
 
 int PDFiumEngine::GetNamedDestinationPage(const std::string& destination) {
   // Look for the destination.
   FPDF_DEST dest = FPDF_GetNamedDestByName(doc_, destination.c_str());
   if (!dest) {
     // Look for a bookmark with the same name.
     base::string16 destination_wide = base::UTF8ToUTF16(destination);
@@ skipping 1641 matching lines @@
     double* height) {
   FPDF_DOCUMENT doc = FPDF_LoadMemDocument(pdf_buffer, pdf_buffer_size, NULL);
   if (!doc)
     return false;
   bool success = FPDF_GetPageSizeByIndex(doc, page_number, width, height) != 0;
   FPDF_CloseDocument(doc);
   return success;
 }
 
 }  // namespace chrome_pdf