| Index: pdf/pdfium/pdfium_engine.cc
|
| diff --git a/pdf/pdfium/pdfium_engine.cc b/pdf/pdfium/pdfium_engine.cc
|
| index d87b6dbfcf7f7507353a9cdb9e73a2003f171dde..e8c164b03ac0dd2f8066ef7b385e59a8803d1449 100644
|
| --- a/pdf/pdfium/pdfium_engine.cc
|
| +++ b/pdf/pdfium/pdfium_engine.cc
|
| @@ -3071,8 +3071,10 @@ int PDFiumEngine::Form_Response(IPDF_JSPLATFORM* param,
|
| std::string rv = engine->client_->Prompt(question_str, default_str);
|
| base::string16 rv_16 = base::UTF8ToUTF16(rv);
|
| int rv_bytes = rv_16.size() * sizeof(base::char16);
|
| - if (response && rv_bytes <= length)
|
| - memcpy(response, rv_16.c_str(), rv_bytes);
|
| + if (response) {
|
| + int bytes_to_copy = rv_bytes < length ? rv_bytes : length;
|
| + memcpy(response, rv_16.c_str(), bytes_to_copy);
|
| + }
|
| return rv_bytes;
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 424883002:
Don't return uninitialized memory from PDFiumEngine::Form_Response(). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src