Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(367)

Side by Side Diff: pdf/pdfium/pdfium_page.cc

Issue 2650513002: Fix buffer overrun in PDF accessibility code. (Closed)
Patch Set: Fixed merge error Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/pdf/pdf_extension_test.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "pdf/pdfium/pdfium_page.h" 5 #include "pdf/pdfium/pdfium_page.h"
6 6
7 #include <math.h> 7 #include <math.h>
8 #include <stddef.h> 8 #include <stddef.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
(...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after
173 int chars_count = FPDFText_CountChars(text_page); 173 int chars_count = FPDFText_CountChars(text_page);
174 int char_index = start_char_index; 174 int char_index = start_char_index;
175 while ( 175 while (
176 char_index < chars_count && 176 char_index < chars_count &&
177 base::IsUnicodeWhitespace(FPDFText_GetUnicode(text_page, char_index))) { 177 base::IsUnicodeWhitespace(FPDFText_GetUnicode(text_page, char_index))) {
178 char_index++; 178 char_index++;
179 } 179 }
180 int text_run_font_size = FPDFText_GetFontSize(text_page, char_index); 180 int text_run_font_size = FPDFText_GetFontSize(text_page, char_index);
181 pp::FloatRect text_run_bounds = 181 pp::FloatRect text_run_bounds =
182 GetFloatCharRectInPixels(page, text_page, char_index); 182 GetFloatCharRectInPixels(page, text_page, char_index);
183 char_index++; 183 if (char_index < chars_count)
184 char_index++;
184 while (char_index < chars_count) { 185 while (char_index < chars_count) {
185 unsigned int character = FPDFText_GetUnicode(text_page, char_index); 186 unsigned int character = FPDFText_GetUnicode(text_page, char_index);
186 187
187 if (!base::IsUnicodeWhitespace(character)) { 188 if (!base::IsUnicodeWhitespace(character)) {
188 // TODO(dmazzoni): this assumes horizontal text. 189 // TODO(dmazzoni): this assumes horizontal text.
189 // https://crbug.com/580311 190 // https://crbug.com/580311
190 pp::FloatRect char_rect = GetFloatCharRectInPixels( 191 pp::FloatRect char_rect = GetFloatCharRectInPixels(
191 page, text_page, char_index); 192 page, text_page, char_index);
192 if (!char_rect.IsEmpty() && !OverlapsOnYAxis(text_run_bounds, char_rect)) 193 if (!char_rect.IsEmpty() && !OverlapsOnYAxis(text_run_bounds, char_rect))
193 break; 194 break;
(...skipping 324 matching lines...) Expand 10 before | Expand all | Expand 10 after
518 page_->loading_count_--; 519 page_->loading_count_--;
519 } 520 }
520 521
521 PDFiumPage::Link::Link() = default; 522 PDFiumPage::Link::Link() = default;
522 523
523 PDFiumPage::Link::Link(const Link& that) = default; 524 PDFiumPage::Link::Link(const Link& that) = default;
524 525
525 PDFiumPage::Link::~Link() = default; 526 PDFiumPage::Link::~Link() = default;
526 527
527 } // namespace chrome_pdf 528 } // namespace chrome_pdf
OLDNEW
« no previous file with comments | « chrome/browser/pdf/pdf_extension_test.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698