Bad indexing in CPDF_Document::FindPageIndex when page tree corrupt.

Bad indexing in CPDF_Document::FindPageIndex when page tree corrupt.

Moving to std::vector from the more forgiving CFX_ArrayTemplate
revealed the dubious page tree traversal, which depends on the
correctness of the /Count entries to properly summarize the total
descendants under a given node.

The only "correct" thing to do is to throw away these counts as parsed,
and re-compute them, perhaps in CountPages().  But I'm not willing to do
that since it may break unknown documents in the wild.

Pass out-params as pointers while we're at it.

BUG=680376
Review-Url: https://codereview.chromium.org/2636403003
Committed: https://pdfium.googlesource.com/pdfium/+/e507dc5004184ae3f8fd1cd19b723b4be69a46da

[Tom Sepez, 2017-01-18 18:00:05]

The CQ bit was checked by tsepez@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-01-18 18:00:08]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[Tom Sepez, 2017-01-18 18:04:41]

tsepez@chromium.org changed reviewers:
+ dsinclair@chromium.org

[Tom Sepez, 2017-01-18 18:04:42]

Dan, for review.

[Tom Sepez, 2017-01-18 18:07:28]

The CQ bit was checked by tsepez@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-01-18 18:07:36]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[dsinclair, 2017-01-18 18:08:15]

lgtm

[Tom Sepez, 2017-01-18 18:08:42]

https://codereview.chromium.org/2636403003/diff/40001/core/fpdfapi/parser/cpd...
File core/fpdfapi/parser/cpdf_document.cpp (left):

https://codereview.chromium.org/2636403003/diff/40001/core/fpdfapi/parser/cpd...
core/fpdfapi/parser/cpdf_document.cpp:552: m_PageList[index + i] = objnum;
Note: move to 592 and sanity checked.

[Tom Sepez, 2017-01-18 18:09:19]

The CQ bit was unchecked by tsepez@chromium.org

[Tom Sepez, 2017-01-18 18:09:21]

The CQ bit was checked by tsepez@chromium.org

[commit-bot: I haz the power, 2017-01-18 18:09:27]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-01-18 18:24:36]

CQ is committing da patch.

Bot data: {"patchset_id": 40001, "attempt_start_ts": 1484762961545420,
"parent_rev": "19c209de418a10f7d5c157cdda38e9308bfa5503", "commit_rev":
"e507dc5004184ae3f8fd1cd19b723b4be69a46da"}

[commit-bot: I haz the power, 2017-01-18 18:24:39]

Description was changed from

==========
Bad indexing in CPDF_Document::FindPageIndex when page tree corrupt.

Moving to std::vector from the more forgiving CFX_ArrayTemplate
revealed the dubious page tree traversal, which depends on the
correctness of the /Count entries to properly summarize the total
descendants under a given node.

The only "correct" thing to do is to throw away these counts as parsed,
and re-compute them, perhaps in CountPages().  But I'm not willing to do
that since it may break unknown documents in the wild.

Pass out-params as pointers while we're at it.

BUG=680376
==========

to

==========
Bad indexing in CPDF_Document::FindPageIndex when page tree corrupt.

Moving to std::vector from the more forgiving CFX_ArrayTemplate
revealed the dubious page tree traversal, which depends on the
correctness of the /Count entries to properly summarize the total
descendants under a given node.

The only "correct" thing to do is to throw away these counts as parsed,
and re-compute them, perhaps in CountPages().  But I'm not willing to do
that since it may break unknown documents in the wild.

Pass out-params as pointers while we're at it.

BUG=680376

Review-Url: https://codereview.chromium.org/2636403003
Committed:
https://pdfium.googlesource.com/pdfium/+/e507dc5004184ae3f8fd1cd19b723b4be69a...
==========

[commit-bot: I haz the power, 2017-01-18 18:24:40]

Committed patchset #3 (id:40001) as
https://pdfium.googlesource.com/pdfium/+/e507dc5004184ae3f8fd1cd19b723b4be69a...