Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(345)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: core/fpdfapi/fpdf_page/pageint.h

Issue 1930743003: Fix stack overflow from nested arrays. (Closed) Base URL: https://pdfium.googlesource.com/pdfium@master
Patch Set: unsigned Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « core/fpdfapi/fpdf_page/fpdf_page_parser_old.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 PDFium Authors. All rights reserved. 1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6 6
7 #ifndef CORE_FPDFAPI_FPDF_PAGE_PAGEINT_H_ 7 #ifndef CORE_FPDFAPI_FPDF_PAGE_PAGEINT_H_
8 #define CORE_FPDFAPI_FPDF_PAGE_PAGEINT_H_ 8 #define CORE_FPDFAPI_FPDF_PAGE_PAGEINT_H_
9 9
10 #include <map> 10 #include <map>
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
46 SyntaxType ParseNextElement(); 46 SyntaxType ParseNextElement();
47 uint8_t* GetWordBuf() { return m_WordBuffer; } 47 uint8_t* GetWordBuf() { return m_WordBuffer; }
48 uint32_t GetWordSize() const { return m_WordSize; } 48 uint32_t GetWordSize() const { return m_WordSize; }
49 CPDF_Object* GetObject() { 49 CPDF_Object* GetObject() {
50 CPDF_Object* pObj = m_pLastObj; 50 CPDF_Object* pObj = m_pLastObj;
51 m_pLastObj = NULL; 51 m_pLastObj = NULL;
52 return pObj; 52 return pObj;
53 } 53 }
54 uint32_t GetPos() const { return m_Pos; } 54 uint32_t GetPos() const { return m_Pos; }
55 void SetPos(uint32_t pos) { m_Pos = pos; } 55 void SetPos(uint32_t pos) { m_Pos = pos; }
56 CPDF_Object* ReadNextObject(FX_BOOL bAllowNestedArray = FALSE, 56 CPDF_Object* ReadNextObject(bool bAllowNestedArray, uint32_t dwInArrayLevel);
57 FX_BOOL bInArray = FALSE);
58 57
59 protected: 58 protected:
60 friend class fpdf_page_parser_old_ReadHexString_Test; 59 friend class fpdf_page_parser_old_ReadHexString_Test;
61 60
62 void GetNextWord(FX_BOOL& bIsNumber); 61 void GetNextWord(FX_BOOL& bIsNumber);
63 CFX_ByteString ReadString(); 62 CFX_ByteString ReadString();
64 CFX_ByteString ReadHexString(); 63 CFX_ByteString ReadHexString();
65 const uint8_t* m_pBuf; 64 const uint8_t* m_pBuf;
66 65
67 // Length in bytes of m_pBuf. 66 // Length in bytes of m_pBuf.
(...skipping 24 matching lines...) Expand all
92 } m_Number; 91 } m_Number;
93 CPDF_Object* m_pObject; 92 CPDF_Object* m_pObject;
94 struct { 93 struct {
95 int m_Len; 94 int m_Len;
96 char m_Buffer[32]; 95 char m_Buffer[32];
97 } m_Name; 96 } m_Name;
98 }; 97 };
99 }; 98 };
100 #define _FPDF_MAX_FORM_LEVEL_ 30 99 #define _FPDF_MAX_FORM_LEVEL_ 30
101 #define _FPDF_MAX_TYPE3_FORM_LEVEL_ 4 100 #define _FPDF_MAX_TYPE3_FORM_LEVEL_ 4
102 #define _FPDF_MAX_OBJECT_STACK_SIZE_ 512
103 class CPDF_StreamContentParser { 101 class CPDF_StreamContentParser {
104 public: 102 public:
105 CPDF_StreamContentParser(CPDF_Document* pDoc, 103 CPDF_StreamContentParser(CPDF_Document* pDoc,
106 CPDF_Dictionary* pPageResources, 104 CPDF_Dictionary* pPageResources,
107 CPDF_Dictionary* pParentResources, 105 CPDF_Dictionary* pParentResources,
108 const CFX_Matrix* pmtContentToUser, 106 const CFX_Matrix* pmtContentToUser,
109 CPDF_PageObjectHolder* pObjectHolder, 107 CPDF_PageObjectHolder* pObjectHolder,
110 CPDF_Dictionary* pResources, 108 CPDF_Dictionary* pResources,
111 CFX_FloatRect* pBBox, 109 CFX_FloatRect* pBBox,
112 CPDF_AllStates* pAllStates, 110 CPDF_AllStates* pAllStates,
(...skipping 413 matching lines...) Expand 10 before | Expand all | Expand 10 after
526 }; 524 };
527 525
528 CFX_ByteStringC PDF_FindKeyAbbreviationForTesting(const CFX_ByteStringC& abbr); 526 CFX_ByteStringC PDF_FindKeyAbbreviationForTesting(const CFX_ByteStringC& abbr);
529 CFX_ByteStringC PDF_FindValueAbbreviationForTesting( 527 CFX_ByteStringC PDF_FindValueAbbreviationForTesting(
530 const CFX_ByteStringC& abbr); 528 const CFX_ByteStringC& abbr);
531 529
532 void PDF_ReplaceAbbr(CPDF_Object* pObj); 530 void PDF_ReplaceAbbr(CPDF_Object* pObj);
533 bool IsPathOperator(const uint8_t* buf, size_t len); 531 bool IsPathOperator(const uint8_t* buf, size_t len);
534 532
535 #endif // CORE_FPDFAPI_FPDF_PAGE_PAGEINT_H_ 533 #endif // CORE_FPDFAPI_FPDF_PAGE_PAGEINT_H_
OLDNEW
« no previous file with comments | « core/fpdfapi/fpdf_page/fpdf_page_parser_old.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698