|
|
DescriptionSwitch CFX_SAXReader to use std::stack.
Fix some nullptr errors.
BUG=pdfium:608
Committed: https://pdfium.googlesource.com/pdfium/+/aa69291d2c0f86259351a857acc3f9f073b56a55
Patch Set 1 #
Total comments: 6
Patch Set 2 : address comments, switch to unique_ptr #
Total comments: 2
Patch Set 3 : no double frees #Patch Set 4 : rebase #Patch Set 5 : rebase #Messages
Total messages: 28 (20 generated)
The CQ bit was checked by thestig@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
thestig@chromium.org changed reviewers: + tsepez@chromium.org, weili@chromium.org
Implementing one's own stack is hard.
https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.cpp File xfa/fde/xml/cfx_saxreader.cpp (right): https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.c... xfa/fde/xml/cfx_saxreader.cpp:146: while (CFX_SAXItem* pItem = GetCurrentItem()) { can we push a null item onto the stack? Kinda wish this loop was "while stack not empty" https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.c... xfa/fde/xml/cfx_saxreader.cpp:163: CFX_SAXItem* pNew = new CFX_SAXItem; nit: maybe ctor should take dwID as an argument since we immediately then set it in all these cases? https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.c... xfa/fde/xml/cfx_saxreader.cpp:715: if (pItem->m_eNode != CFX_SAXItem::Type::Tag) nit: combine with above, also why does this one need to check for null pitem and the others dont?
https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.cpp File xfa/fde/xml/cfx_saxreader.cpp (right): https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.c... xfa/fde/xml/cfx_saxreader.cpp:146: while (CFX_SAXItem* pItem = GetCurrentItem()) { On 2016/09/29 16:59:13, Tom Sepez wrote: > can we push a null item onto the stack? Kinda wish this loop was "while stack > not empty" No, but I'll switch to unique_ptr. https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.c... xfa/fde/xml/cfx_saxreader.cpp:163: CFX_SAXItem* pNew = new CFX_SAXItem; On 2016/09/29 16:59:14, Tom Sepez wrote: > nit: maybe ctor should take dwID as an argument since we immediately then set it > in all these cases? Done. https://codereview.chromium.org/2378133003/diff/1/xfa/fde/xml/cfx_saxreader.c... xfa/fde/xml/cfx_saxreader.cpp:715: if (pItem->m_eNode != CFX_SAXItem::Type::Tag) On 2016/09/29 16:59:13, Tom Sepez wrote: > nit: combine with above, also why does this one need to check for null pitem and > the others dont? Done. Because the input from the bug triggered a nullptr deref here.
The CQ bit was checked by thestig@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
https://codereview.chromium.org/2378133003/diff/20001/xfa/fde/xml/cfx_saxread... File xfa/fde/xml/cfx_saxreader.cpp (right): https://codereview.chromium.org/2378133003/diff/20001/xfa/fde/xml/cfx_saxread... xfa/fde/xml/cfx_saxreader.cpp:173: delete pItem; How does this play with unique_ptr & pop? Double free?
https://codereview.chromium.org/2378133003/diff/20001/xfa/fde/xml/cfx_saxread... File xfa/fde/xml/cfx_saxreader.cpp (right): https://codereview.chromium.org/2378133003/diff/20001/xfa/fde/xml/cfx_saxread... xfa/fde/xml/cfx_saxreader.cpp:173: delete pItem; On 2016/09/29 20:25:37, Tom Sepez wrote: > How does this play with unique_ptr & pop? Double free? Of course. Simplified.
The CQ bit was checked by thestig@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: linux_no_v8 on master.tryserver.client.pdfium (JOB_FAILED, https://build.chromium.org/p/tryserver.client.pdfium/builders/linux_no_v8/bui...)
The CQ bit was checked by thestig@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: win on master.tryserver.client.pdfium (JOB_TIMED_OUT, no build URL) win_no_v8 on master.tryserver.client.pdfium (JOB_TIMED_OUT, no build URL) win_xfa_clang on master.tryserver.client.pdfium (JOB_TIMED_OUT, no build URL)
lgtm
The CQ bit was checked by thestig@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from tsepez@chromium.org Link to the patchset: https://codereview.chromium.org/2378133003/#ps80001 (title: "rebase")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Description was changed from ========== Switch CFX_SAXReader to use std::stack. Fix some nullptr errors. BUG=pdfium:608 ========== to ========== Switch CFX_SAXReader to use std::stack. Fix some nullptr errors. BUG=pdfium:608 Committed: https://pdfium.googlesource.com/pdfium/+/aa69291d2c0f86259351a857acc3f9f073b5... ==========
Message was sent while issue was closed.
Committed patchset #5 (id:80001) as https://pdfium.googlesource.com/pdfium/+/aa69291d2c0f86259351a857acc3f9f073b5... |