Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(40)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: core/fpdfapi/fpdf_parser/cpdf_object_unittest.cpp

Issue 2250533002: Fix stack overflow in object Clone() functions (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: rebase again Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « core/fpdfapi/fpdf_parser/cpdf_object.cpp ('k') | core/fpdfapi/fpdf_parser/cpdf_reference.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 PDFium Authors. All rights reserved. 1 // Copyright 2016 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "core/fpdfapi/fpdf_parser/cpdf_boolean.h" 5 #include "core/fpdfapi/fpdf_parser/cpdf_boolean.h"
6 #include "core/fpdfapi/fpdf_parser/cpdf_null.h" 6 #include "core/fpdfapi/fpdf_parser/cpdf_null.h"
7 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" 7 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h"
8 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" 8 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h"
9 #include "core/fpdfapi/fpdf_parser/include/cpdf_name.h" 9 #include "core/fpdfapi/fpdf_parser/include/cpdf_name.h"
10 #include "core/fpdfapi/fpdf_parser/include/cpdf_number.h" 10 #include "core/fpdfapi/fpdf_parser/include/cpdf_number.h"
11 #include "core/fpdfapi/fpdf_parser/include/cpdf_reference.h" 11 #include "core/fpdfapi/fpdf_parser/include/cpdf_reference.h"
12 #include "core/fpdfapi/fpdf_parser/include/cpdf_stream.h" 12 #include "core/fpdfapi/fpdf_parser/include/cpdf_stream.h"
13 #include "core/fpdfapi/fpdf_parser/include/cpdf_string.h" 13 #include "core/fpdfapi/fpdf_parser/include/cpdf_string.h"
14 14
15 #include <memory> 15 #include <memory>
16 #include <string> 16 #include <string>
17 #include <vector> 17 #include <vector>
18 18
19 #include "core/fpdfapi/fpdf_parser/include/cpdf_indirect_object_holder.h" 19 #include "core/fpdfapi/fpdf_parser/include/cpdf_indirect_object_holder.h"
20 #include "core/fxcrt/include/fx_basic.h" 20 #include "core/fxcrt/include/fx_basic.h"
21 #include "testing/gtest/include/gtest/gtest.h" 21 #include "testing/gtest/include/gtest/gtest.h"
22 22
23 namespace { 23 namespace {
24 24
25 using ScopedArray = std::unique_ptr<CPDF_Array, ReleaseDeleter<CPDF_Array>>; 25 using ScopedArray = std::unique_ptr<CPDF_Array, ReleaseDeleter<CPDF_Array>>;
26 using ScopedDict =
27 std::unique_ptr<CPDF_Dictionary, ReleaseDeleter<CPDF_Dictionary>>;
26 28
27 void TestArrayAccessors(const CPDF_Array* arr, 29 void TestArrayAccessors(const CPDF_Array* arr,
28 size_t index, 30 size_t index,
29 const char* str_val, 31 const char* str_val,
30 const char* const_str_val, 32 const char* const_str_val,
31 int int_val, 33 int int_val,
32 float float_val, 34 float float_val,
33 CPDF_Array* arr_val, 35 CPDF_Array* arr_val,
34 CPDF_Dictionary* dict_val, 36 CPDF_Dictionary* dict_val,
35 CPDF_Stream* stream_val) { 37 CPDF_Stream* stream_val) {
(...skipping 701 matching lines...) Expand 10 before | Expand all | Expand 10 after
737 EXPECT_EQ(arr->GetCount(), arr1->GetCount()); 739 EXPECT_EQ(arr->GetCount(), arr1->GetCount());
738 for (size_t i = 0; i < arr->GetCount(); ++i) { 740 for (size_t i = 0; i < arr->GetCount(); ++i) {
739 EXPECT_EQ(CPDF_Object::REFERENCE, arr->GetObjectAt(i)->GetType()); 741 EXPECT_EQ(CPDF_Object::REFERENCE, arr->GetObjectAt(i)->GetType());
740 EXPECT_EQ(indirect_objs[i], arr->GetObjectAt(i)->GetDirect()); 742 EXPECT_EQ(indirect_objs[i], arr->GetObjectAt(i)->GetDirect());
741 EXPECT_EQ(indirect_objs[i], arr->GetDirectObjectAt(i)); 743 EXPECT_EQ(indirect_objs[i], arr->GetDirectObjectAt(i));
742 EXPECT_EQ(CPDF_Object::REFERENCE, arr1->GetObjectAt(i)->GetType()); 744 EXPECT_EQ(CPDF_Object::REFERENCE, arr1->GetObjectAt(i)->GetType());
743 EXPECT_EQ(indirect_objs[i], arr1->GetObjectAt(i)->GetDirect()); 745 EXPECT_EQ(indirect_objs[i], arr1->GetObjectAt(i)->GetDirect());
744 EXPECT_EQ(indirect_objs[i], arr1->GetDirectObjectAt(i)); 746 EXPECT_EQ(indirect_objs[i], arr1->GetDirectObjectAt(i));
745 } 747 }
746 } 748 }
749
750 TEST(PDFObjectTest, CloneCheckLoop) {
751 {
752 // Create an object with a reference loop.
753 ScopedArray arr_obj(new CPDF_Array);
754 // Dictionary object.
755 CPDF_Dictionary* dict_obj = new CPDF_Dictionary;
756 dict_obj->SetAt("arr", arr_obj.get());
757 arr_obj->InsertAt(0, dict_obj);
758
759 // Clone this object to see whether stack overflow will be triggered.
760 ScopedArray cloned_array(arr_obj->Clone()->AsArray());
761 // Cloned object should be the same as the original.
762 ASSERT_TRUE(cloned_array);
763 EXPECT_EQ(1u, cloned_array->GetCount());
764 CPDF_Object* cloned_dict = cloned_array->GetObjectAt(0);
765 ASSERT_TRUE(cloned_dict);
766 ASSERT_TRUE(cloned_dict->IsDictionary());
767 // Recursively referenced object is not cloned.
768 EXPECT_EQ(nullptr, cloned_dict->AsDictionary()->GetObjectBy("arr"));
769 }
770 {
771 std::unique_ptr<CPDF_IndirectObjectHolder> m_ObjHolder(
772 new CPDF_IndirectObjectHolder(nullptr));
773 // Create an object with a reference loop.
774 CPDF_Dictionary* dict_obj = new CPDF_Dictionary;
775 CPDF_Array* arr_obj = new CPDF_Array;
776 m_ObjHolder->AddIndirectObject(dict_obj);
777 EXPECT_EQ(1u, dict_obj->GetObjNum());
778 dict_obj->SetAt("arr", arr_obj);
779 arr_obj->InsertAt(0, dict_obj, m_ObjHolder.get());
780 CPDF_Object* elem0 = arr_obj->GetObjectAt(0);
781 ASSERT_TRUE(elem0);
782 ASSERT_TRUE(elem0->IsReference());
783 EXPECT_EQ(1u, elem0->AsReference()->GetRefObjNum());
784 EXPECT_EQ(dict_obj, elem0->AsReference()->GetDirect());
785
786 // Clone this object to see whether stack overflow will be triggered.
787 ScopedDict cloned_dict(ToDictionary(dict_obj->CloneDirectObject()));
788 // Cloned object should be the same as the original.
789 ASSERT_TRUE(cloned_dict);
790 CPDF_Object* cloned_arr = cloned_dict->GetObjectBy("arr");
791 ASSERT_TRUE(cloned_arr);
792 ASSERT_TRUE(cloned_arr->IsArray());
793 EXPECT_EQ(1u, cloned_arr->AsArray()->GetCount());
794 // Recursively referenced object is not cloned.
795 EXPECT_EQ(nullptr, cloned_arr->AsArray()->GetObjectAt(0));
796 }
797 }
OLDNEW
« no previous file with comments | « core/fpdfapi/fpdf_parser/cpdf_object.cpp ('k') | core/fpdfapi/fpdf_parser/cpdf_reference.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698