| OLD | NEW |
|---|
| 1 // Copyright 2016 PDFium Authors. All rights reserved. | 1 // Copyright 2016 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "core/fpdfapi/parser/cpdf_parser.h" | 7 #include "core/fpdfapi/parser/cpdf_parser.h" |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 938 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 949 if (last_xref != -1 && last_xref > last_obj) | 949 if (last_xref != -1 && last_xref > last_obj) |
| 950 last_trailer = last_xref; | 950 last_trailer = last_xref; |
| 951 else if (last_trailer == -1 || last_xref < last_obj) | 951 else if (last_trailer == -1 || last_xref < last_obj) |
| 952 last_trailer = m_pSyntax->m_FileLen; | 952 last_trailer = m_pSyntax->m_FileLen; |
| 953 | 953 |
| 954 m_SortedOffset.insert(last_trailer - m_pSyntax->m_HeaderOffset); | 954 m_SortedOffset.insert(last_trailer - m_pSyntax->m_HeaderOffset); |
| 955 return m_pTrailer && !m_ObjectInfo.empty(); | 955 return m_pTrailer && !m_ObjectInfo.empty(); |
| 956 } | 956 } |
| 957 | 957 |
| 958 FX_BOOL CPDF_Parser::LoadCrossRefV5(FX_FILESIZE* pos, FX_BOOL bMainXRef) { | 958 FX_BOOL CPDF_Parser::LoadCrossRefV5(FX_FILESIZE* pos, FX_BOOL bMainXRef) { |
| 959 CPDF_Object* pObject = ParseIndirectObjectAt(m_pDocument, *pos, 0); | 959 std::unique_ptr<CPDF_Object> pObject( |
| 960 ParseIndirectObjectAt(m_pDocument, *pos, 0)); |
| 960 if (!pObject) | 961 if (!pObject) |
| 961 return FALSE; | 962 return FALSE; |
| 962 | 963 |
| 964 CPDF_Object* pUnownedObject = pObject.get(); |
| 965 |
| 963 if (m_pDocument) { | 966 if (m_pDocument) { |
| 964 CPDF_Dictionary* pRootDict = m_pDocument->GetRoot(); | 967 CPDF_Dictionary* pRootDict = m_pDocument->GetRoot(); |
| 965 if (pRootDict && pRootDict->GetObjNum() == pObject->m_ObjNum) { | 968 if (pRootDict && pRootDict->GetObjNum() == pObject->m_ObjNum) |
| 966 // If |pObject| has an objnum assigned then this will leak as Release() | |
| 967 // will early exit. | |
| 968 if (pObject->IsStream()) | |
| 969 pObject->Release(); | |
| 970 return FALSE; | 969 return FALSE; |
| 971 } | 970 // Takes ownership of object (std::move someday). |
| 972 if (!m_pDocument->ReplaceIndirectObjectIfHigherGeneration(pObject->m_ObjNum, | 971 uint32_t objnum = pObject->m_ObjNum; |
| 973 pObject)) { | 972 if (!m_pDocument->ReplaceIndirectObjectIfHigherGeneration( |
| 973 objnum, pObject.release())) { |
| 974 return FALSE; | 974 return FALSE; |
| 975 } | 975 } |
| 976 } | 976 } |
| 977 | 977 |
| 978 CPDF_Stream* pStream = pObject->AsStream(); | 978 CPDF_Stream* pStream = pUnownedObject->AsStream(); |
| 979 if (!pStream) | 979 if (!pStream) |
| 980 return FALSE; | 980 return FALSE; |
| 981 | 981 |
| 982 CPDF_Dictionary* pDict = pStream->GetDict(); | 982 CPDF_Dictionary* pDict = pStream->GetDict(); |
| 983 *pos = pDict->GetIntegerFor("Prev"); | 983 *pos = pDict->GetIntegerFor("Prev"); |
| 984 int32_t size = pDict->GetIntegerFor("Size"); | 984 int32_t size = pDict->GetIntegerFor("Size"); |
| 985 if (size < 0) { | 985 if (size < 0) |
| 986 pStream->Release(); | |
| 987 return FALSE; | 986 return FALSE; |
| 988 } | |
| 989 | 987 |
| 990 CPDF_Dictionary* pNewTrailer = ToDictionary(pDict->Clone()); | 988 CPDF_Dictionary* pNewTrailer = ToDictionary(pDict->Clone()); |
| 991 if (bMainXRef) { | 989 if (bMainXRef) { |
| 992 m_pTrailer = pNewTrailer; | 990 m_pTrailer = pNewTrailer; |
| 993 ShrinkObjectMap(size); | 991 ShrinkObjectMap(size); |
| 994 for (auto& it : m_ObjectInfo) | 992 for (auto& it : m_ObjectInfo) |
| 995 it.second.type = 0; | 993 it.second.type = 0; |
| 996 } else { | 994 } else { |
| 997 m_Trailers.Add(pNewTrailer); | 995 m_Trailers.Add(pNewTrailer); |
| 998 } | 996 } |
| (...skipping 11 matching lines...) Expand all Loading... |
| 1010 if (nStartNum >= 0 && nCount > 0) | 1008 if (nStartNum >= 0 && nCount > 0) |
| 1011 arrIndex.push_back(std::make_pair(nStartNum, nCount)); | 1009 arrIndex.push_back(std::make_pair(nStartNum, nCount)); |
| 1012 } | 1010 } |
| 1013 } | 1011 } |
| 1014 } | 1012 } |
| 1015 | 1013 |
| 1016 if (arrIndex.size() == 0) | 1014 if (arrIndex.size() == 0) |
| 1017 arrIndex.push_back(std::make_pair(0, size)); | 1015 arrIndex.push_back(std::make_pair(0, size)); |
| 1018 | 1016 |
| 1019 pArray = pDict->GetArrayFor("W"); | 1017 pArray = pDict->GetArrayFor("W"); |
| 1020 if (!pArray) { | 1018 if (!pArray) |
| 1021 pStream->Release(); | |
| 1022 return FALSE; | 1019 return FALSE; |
| 1023 } | |
| 1024 | 1020 |
| 1025 CFX_ArrayTemplate<uint32_t> WidthArray; | 1021 CFX_ArrayTemplate<uint32_t> WidthArray; |
| 1026 FX_SAFE_UINT32 dwAccWidth = 0; | 1022 FX_SAFE_UINT32 dwAccWidth = 0; |
| 1027 for (size_t i = 0; i < pArray->GetCount(); ++i) { | 1023 for (size_t i = 0; i < pArray->GetCount(); ++i) { |
| 1028 WidthArray.Add(pArray->GetIntegerAt(i)); | 1024 WidthArray.Add(pArray->GetIntegerAt(i)); |
| 1029 dwAccWidth += WidthArray[i]; | 1025 dwAccWidth += WidthArray[i]; |
| 1030 } | 1026 } |
| 1031 | 1027 |
| 1032 if (!dwAccWidth.IsValid() || WidthArray.GetSize() < 3) { | 1028 if (!dwAccWidth.IsValid() || WidthArray.GetSize() < 3) |
| 1033 pStream->Release(); | |
| 1034 return FALSE; | 1029 return FALSE; |
| 1035 } | |
| 1036 | 1030 |
| 1037 uint32_t totalWidth = dwAccWidth.ValueOrDie(); | 1031 uint32_t totalWidth = dwAccWidth.ValueOrDie(); |
| 1038 CPDF_StreamAcc acc; | 1032 CPDF_StreamAcc acc; |
| 1039 acc.LoadAllData(pStream); | 1033 acc.LoadAllData(pStream); |
| 1040 | 1034 |
| 1041 const uint8_t* pData = acc.GetData(); | 1035 const uint8_t* pData = acc.GetData(); |
| 1042 uint32_t dwTotalSize = acc.GetSize(); | 1036 uint32_t dwTotalSize = acc.GetSize(); |
| 1043 uint32_t segindex = 0; | 1037 uint32_t segindex = 0; |
| 1044 for (uint32_t i = 0; i < arrIndex.size(); i++) { | 1038 for (uint32_t i = 0; i < arrIndex.size(); i++) { |
| 1045 int32_t startnum = arrIndex[i].first; | 1039 int32_t startnum = arrIndex[i].first; |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1085 m_ObjectInfo[startnum + j].type = type; | 1079 m_ObjectInfo[startnum + j].type = type; |
| 1086 if (type == 0) { | 1080 if (type == 0) { |
| 1087 m_ObjectInfo[startnum + j].pos = 0; | 1081 m_ObjectInfo[startnum + j].pos = 0; |
| 1088 } else { | 1082 } else { |
| 1089 FX_FILESIZE offset = | 1083 FX_FILESIZE offset = |
| 1090 GetVarInt(entrystart + WidthArray[0], WidthArray[1]); | 1084 GetVarInt(entrystart + WidthArray[0], WidthArray[1]); |
| 1091 m_ObjectInfo[startnum + j].pos = offset; | 1085 m_ObjectInfo[startnum + j].pos = offset; |
| 1092 if (type == 1) { | 1086 if (type == 1) { |
| 1093 m_SortedOffset.insert(offset); | 1087 m_SortedOffset.insert(offset); |
| 1094 } else { | 1088 } else { |
| 1095 if (offset < 0 || !IsValidObjectNumber(offset)) { | 1089 if (offset < 0 || !IsValidObjectNumber(offset)) |
| 1096 pStream->Release(); | |
| 1097 return FALSE; | 1090 return FALSE; |
| 1098 } | |
| 1099 m_ObjectInfo[offset].type = 255; | 1091 m_ObjectInfo[offset].type = 255; |
| 1100 } | 1092 } |
| 1101 } | 1093 } |
| 1102 } | 1094 } |
| 1103 segindex += count; | 1095 segindex += count; |
| 1104 } | 1096 } |
| 1105 pStream->Release(); | |
| 1106 return TRUE; | 1097 return TRUE; |
| 1107 } | 1098 } |
| 1108 | 1099 |
| 1109 CPDF_Array* CPDF_Parser::GetIDArray() { | 1100 CPDF_Array* CPDF_Parser::GetIDArray() { |
| 1110 CPDF_Object* pID = m_pTrailer ? m_pTrailer->GetObjectFor("ID") : nullptr; | 1101 CPDF_Object* pID = m_pTrailer ? m_pTrailer->GetObjectFor("ID") : nullptr; |
| 1111 if (!pID) | 1102 if (!pID) |
| 1112 return nullptr; | 1103 return nullptr; |
| 1113 | 1104 |
| 1114 if (CPDF_Reference* pRef = pID->AsReference()) { | 1105 if (CPDF_Reference* pRef = pID->AsReference()) { |
| 1115 pID = ParseIndirectObject(nullptr, pRef->GetRefObjNum()); | 1106 pID = ParseIndirectObject(nullptr, pRef->GetRefObjNum()); |
| (...skipping 512 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1628 if (!LoadLinearizedAllCrossRefV4(m_LastXRefOffset, m_dwXrefStartObjNum) && | 1619 if (!LoadLinearizedAllCrossRefV4(m_LastXRefOffset, m_dwXrefStartObjNum) && |
| 1629 !LoadLinearizedAllCrossRefV5(m_LastXRefOffset)) { | 1620 !LoadLinearizedAllCrossRefV5(m_LastXRefOffset)) { |
| 1630 m_LastXRefOffset = 0; | 1621 m_LastXRefOffset = 0; |
| 1631 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; | 1622 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; |
| 1632 return FORMAT_ERROR; | 1623 return FORMAT_ERROR; |
| 1633 } | 1624 } |
| 1634 | 1625 |
| 1635 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; | 1626 m_pSyntax->m_MetadataObjnum = dwSaveMetadataObjnum; |
| 1636 return SUCCESS; | 1627 return SUCCESS; |
| 1637 } | 1628 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2401423005:
Land all the fixes from 5609f39c but don't enable assert (Closed)
