Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(156)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

Issue 454283002: Fix the issue 'SEGV on unknown address in CPDF_DataAvail::GetObjectSize' (Closed) Base URL: https://pdfium.googlesource.com/pdfium.git@master
Patch Set: Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « core/include/fpdfapi/fpdf_parser.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 PDFium Authors. All rights reserved. 1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6 6
7 #include "../../../include/fpdfapi/fpdf_parser.h" 7 #include "../../../include/fpdfapi/fpdf_parser.h"
8 #include "../../../include/fpdfapi/fpdf_module.h" 8 #include "../../../include/fpdfapi/fpdf_module.h"
9 #include "../../../include/fpdfapi/fpdf_page.h" 9 #include "../../../include/fpdfapi/fpdf_page.h"
10 #include "../../../../third_party/numerics/safe_math.h" 10 #include "../../../../third_party/numerics/safe_math.h"
(...skipping 2711 matching lines...) Expand 10 before | Expand all | Expand 10 after
2722 m_bufferSize = 0; 2722 m_bufferSize = 0;
2723 m_PagesObjNum = 0; 2723 m_PagesObjNum = 0;
2724 m_dwCurrentXRefSteam = 0; 2724 m_dwCurrentXRefSteam = 0;
2725 m_dwAcroFormObjNum = 0; 2725 m_dwAcroFormObjNum = 0;
2726 m_dwInfoObjNum = 0; 2726 m_dwInfoObjNum = 0;
2727 m_pDocument = 0; 2727 m_pDocument = 0;
2728 m_dwEncryptObjNum = 0; 2728 m_dwEncryptObjNum = 0;
2729 m_dwPrevXRefOffset = 0; 2729 m_dwPrevXRefOffset = 0;
2730 m_dwLastXRefOffset = 0; 2730 m_dwLastXRefOffset = 0;
2731 m_bDocAvail = FALSE; 2731 m_bDocAvail = FALSE;
2732 m_bMainXRefLoad = FALSE; 2732 m_bMainXRefLoadTried = FALSE;
2733 m_bDocAvail = FALSE; 2733 m_bDocAvail = FALSE;
2734 m_bLinearized = FALSE; 2734 m_bLinearized = FALSE;
2735 m_bPagesLoad = FALSE; 2735 m_bPagesLoad = FALSE;
2736 m_bPagesTreeLoad = FALSE; 2736 m_bPagesTreeLoad = FALSE;
2737 m_bMainXRefLoadedOK = FALSE; 2737 m_bMainXRefLoadedOK = FALSE;
2738 m_bAnnotsLoad = FALSE; 2738 m_bAnnotsLoad = FALSE;
2739 m_bHaveAcroForm = FALSE; 2739 m_bHaveAcroForm = FALSE;
2740 m_bAcroFormLoad = FALSE; 2740 m_bAcroFormLoad = FALSE;
2741 m_bPageLoadedOK = FALSE; 2741 m_bPageLoadedOK = FALSE;
2742 m_bNeedDownLoadResource = FALSE; 2742 m_bNeedDownLoadResource = FALSE;
(...skipping 1357 matching lines...) Expand 10 before | Expand all | Expand 10 after
4100 return TRUE; 4100 return TRUE;
4101 } 4101 }
4102 m_pDocument->LoadPages(); 4102 m_pDocument->LoadPages();
4103 return FALSE; 4103 return FALSE;
4104 } 4104 }
4105 FX_BOOL CPDF_DataAvail::CheckLinearizedData(IFX_DownloadHints* pHints) 4105 FX_BOOL CPDF_DataAvail::CheckLinearizedData(IFX_DownloadHints* pHints)
4106 { 4106 {
4107 if (m_bLinearedDataOK) { 4107 if (m_bLinearedDataOK) {
4108 return TRUE; 4108 return TRUE;
4109 } 4109 }
4110 if (!m_pFileAvail->IsDataAvail(m_dwLastXRefOffset, (FX_DWORD)(m_dwFileLen - m_dwLastXRefOffset))) { 4110
4111 pHints->AddSegment(m_dwLastXRefOffset, (FX_DWORD)(m_dwFileLen - m_dwLast XRefOffset)); 4111 if (!m_bMainXRefLoadTried) {
4112 return FALSE; 4112 FX_SAFE_DWORD data_size = m_dwFileLen;
4113 data_size -= m_dwLastXRefOffset;
4114 if (!data_size.IsValid()) {
4115 return FALSE;
4116 }
4117 if (!m_pFileAvail->IsDataAvail(m_dwLastXRefOffset, data_size.ValueOrDie( ))) {
4118 pHints->AddSegment(m_dwLastXRefOffset, data_size.ValueOrDie());
4119 return FALSE;
4120 }
4121 FX_DWORD dwRet = ((CPDF_Parser *)m_pDocument->GetParser())->LoadLineariz edMainXRefTable();
4122 m_bMainXRefLoadTried = TRUE;
4123 if (dwRet != PDFPARSE_ERROR_SUCCESS) {
4124 return FALSE;
4125 }
4126 if (!PreparePageItem()) {
4127 return FALSE;
4128 }
4129 m_bMainXRefLoadedOK = TRUE;
4130 m_bLinearedDataOK = TRUE;
4113 } 4131 }
4114 FX_DWORD dwRet = 0; 4132
4115 if (!m_bMainXRefLoad) { 4133 return m_bLinearedDataOK;
4116 dwRet = ((CPDF_Parser *)m_pDocument->GetParser())->LoadLinearizedMainXRe fTable();
4117 if (dwRet == PDFPARSE_ERROR_SUCCESS) {
4118 if (!PreparePageItem()) {
4119 return FALSE;
4120 }
4121 m_bMainXRefLoadedOK = TRUE;
4122 }
4123 m_bMainXRefLoad = TRUE;
4124 }
4125 m_bLinearedDataOK = TRUE;
4126 return TRUE;
4127 } 4134 }
4128 FX_BOOL CPDF_DataAvail::CheckPageAnnots(FX_INT32 iPage, IFX_DownloadHints* pHint s) 4135 FX_BOOL CPDF_DataAvail::CheckPageAnnots(FX_INT32 iPage, IFX_DownloadHints* pHint s)
4129 { 4136 {
4130 if (!m_objs_array.GetSize()) { 4137 if (!m_objs_array.GetSize()) {
4131 m_objs_array.RemoveAll(); 4138 m_objs_array.RemoveAll();
4132 m_objnum_array.RemoveAll(); 4139 m_objnum_array.RemoveAll();
4133 CPDF_Dictionary *pPageDict = m_pDocument->GetPage(iPage); 4140 CPDF_Dictionary *pPageDict = m_pDocument->GetPage(iPage);
4134 if (!pPageDict) { 4141 if (!pPageDict) {
4135 return TRUE; 4142 return TRUE;
4136 } 4143 }
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after
4344 } 4351 }
4345 if (!m_bLinearizedFormParamLoad) { 4352 if (!m_bLinearizedFormParamLoad) {
4346 CPDF_Dictionary *pRoot = m_pDocument->GetRoot(); 4353 CPDF_Dictionary *pRoot = m_pDocument->GetRoot();
4347 if (!pRoot) { 4354 if (!pRoot) {
4348 return PDFFORM_AVAIL; 4355 return PDFFORM_AVAIL;
4349 } 4356 }
4350 CPDF_Object *pAcroForm = pRoot->GetElement(FX_BSTRC("AcroForm")); 4357 CPDF_Object *pAcroForm = pRoot->GetElement(FX_BSTRC("AcroForm"));
4351 if (!pAcroForm) { 4358 if (!pAcroForm) {
4352 return PDFFORM_NOTEXIST; 4359 return PDFFORM_NOTEXIST;
4353 } 4360 }
4354 if (!m_bMainXRefLoad && !CheckLinearizedData(pHints)) { 4361 if (!CheckLinearizedData(pHints)) {
4355 return PDFFORM_NOTAVAIL; 4362 return PDFFORM_NOTAVAIL;
4356 } 4363 }
4357 if (!m_objs_array.GetSize()) { 4364 if (!m_objs_array.GetSize()) {
4358 m_objs_array.Add(pAcroForm->GetDict()); 4365 m_objs_array.Add(pAcroForm->GetDict());
4359 } 4366 }
4360 m_bLinearizedFormParamLoad = TRUE; 4367 m_bLinearizedFormParamLoad = TRUE;
4361 } 4368 }
4362 CFX_PtrArray new_objs_array; 4369 CFX_PtrArray new_objs_array;
4363 FX_BOOL bRet = IsObjectsAvail(m_objs_array, FALSE, pHints, new_objs_array); 4370 FX_BOOL bRet = IsObjectsAvail(m_objs_array, FALSE, pHints, new_objs_array);
4364 m_objs_array.RemoveAll(); 4371 m_objs_array.RemoveAll();
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
4405 { 4412 {
4406 FX_INT32 iSize = m_childNode.GetSize(); 4413 FX_INT32 iSize = m_childNode.GetSize();
4407 for (FX_INT32 i = 0; i < iSize; ++i) { 4414 for (FX_INT32 i = 0; i < iSize; ++i) {
4408 CPDF_PageNode *pNode = (CPDF_PageNode*)m_childNode[i]; 4415 CPDF_PageNode *pNode = (CPDF_PageNode*)m_childNode[i];
4409 if (pNode) { 4416 if (pNode) {
4410 delete pNode; 4417 delete pNode;
4411 } 4418 }
4412 } 4419 }
4413 m_childNode.RemoveAll(); 4420 m_childNode.RemoveAll();
4414 } 4421 }
OLDNEW
« no previous file with comments | « core/include/fpdfapi/fpdf_parser.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698