summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLei Zhang <thestig@chromium.org>2015-10-26 13:54:28 -0700
committerLei Zhang <thestig@chromium.org>2015-10-26 13:54:28 -0700
commita568ff2dddd3ef44f224d21b31afff8eb14b6d31 (patch)
tree67266204d8297ebc5093695911eebb3ae809eed1
parent95d25e4585358c74ae91c2ed5e08099ebbfdf24c (diff)
downloadpdfium-a568ff2dddd3ef44f224d21b31afff8eb14b6d31.tar.xz
Fix a leak in CPDF_SyntaxParser::GetObject().
As seen in FPDFViewEmbeddertest.Crasher_451830. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1385803002 .
-rw-r--r--core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp21
1 files changed, 13 insertions, 8 deletions
diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp
index d486cfe231..27cc8688cc 100644
--- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp
+++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp
@@ -2139,6 +2139,13 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList,
++nKeys;
key = PDF_NameDecode(key);
+ if (key.IsEmpty())
+ continue;
+
+ CFX_ByteStringC keyNoSlash(key.c_str() + 1, key.GetLength() - 1);
+ if (keyNoSlash.IsEmpty())
+ continue;
+
if (key == FX_BSTRC("/Contents"))
dwSignValuePos = m_Pos;
@@ -2146,14 +2153,12 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList,
if (!pObj)
continue;
- if (key.GetLength() >= 1) {
- if (nKeys < 32) {
- pDict->SetAt(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1),
- pObj);
- } else {
- pDict->AddValue(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1),
- pObj);
- }
+ // TODO(thestig): Remove this conditional once CPDF_Dictionary has a
+ // better underlying map implementation.
+ if (nKeys < 32) {
+ pDict->SetAt(keyNoSlash, pObj);
+ } else {
+ pDict->AddValue(keyNoSlash, pObj);
}
}