diff options
| author | JUN FANG <jun_fang@foxitsoftware.com> | 2015-04-15 12:00:53 -0700 |
|---|---|---|
| committer | JUN FANG <jun_fang@foxitsoftware.com> | 2015-04-15 12:00:53 -0700 |
| commit | ae4256f45df69bbfdf722a6ec17e1e851911ae4e (patch) | |
| tree | 2f0e50ddcc7c11a46c72d1cb5b1bbb39e40c4614 | |
| parent | b3300162a1ebacc973ff9793029caf4db9a4f5e5 (diff) | |
| download | pdfium-ae4256f45df69bbfdf722a6ec17e1e851911ae4e.tar.xz | |
Fix offset outside bounds of constant string warnings
BUG=380476
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1061013003
| -rw-r--r-- | core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp | 42 |
1 files changed, 19 insertions, 23 deletions
diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp index 7c3253f2df..c6383e559e 100644 --- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp +++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp @@ -627,13 +627,12 @@ FX_BOOL CPDF_Parser::RebuildCrossRef() } FX_INT32 status = 0; FX_INT32 inside_index = 0; - FX_DWORD objnum, gennum; + FX_DWORD objnum = 0, gennum = 0; FX_INT32 depth = 0; FX_LPBYTE buffer = FX_Alloc(FX_BYTE, 4096); FX_FILESIZE pos = m_Syntax.m_HeaderOffset; - FX_FILESIZE start_pos, start_pos1; + FX_FILESIZE start_pos = 0, start_pos1 = 0; FX_FILESIZE last_obj = -1, last_xref = -1, last_trailer = -1; - FX_BOOL bInUpdate = FALSE; while (pos < m_Syntax.m_FileLen) { FX_BOOL bOverFlow = FALSE; FX_DWORD size = (FX_DWORD)(m_Syntax.m_FileLen - pos); @@ -894,7 +893,6 @@ FX_BOOL CPDF_Parser::RebuildCrossRef() } else { pObj->Release(); } - bInUpdate = TRUE; } } } @@ -1400,10 +1398,10 @@ CPDF_Object* CPDF_Parser::ParseIndirectObjectAt(CPDF_IndirectObjects* pObjList, return NULL; } CPDF_Object* pObj = m_Syntax.GetObject(pObjList, objnum, parser_gennum, pContext); - FX_FILESIZE endOffset = m_Syntax.SavePos(); + m_Syntax.SavePos(); CFX_ByteString bsWord = m_Syntax.GetKeyword(); if (bsWord == FX_BSTRC("endobj")) { - endOffset = m_Syntax.SavePos(); + m_Syntax.SavePos(); } m_Syntax.RestorePos(SavedPos); if (pObj) { @@ -2158,8 +2156,6 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList, FX_DWO return pRet; } if (word == FX_BSTRC("<<")) { - FX_FILESIZE saveDictOffset = m_Pos - 2; - FX_DWORD dwDictSize = 0; if (bTypeOnly) { return (CPDF_Object*)PDFOBJ_DICTIONARY; } @@ -2179,11 +2175,9 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList, FX_DWO } FX_FILESIZE SavedPos = m_Pos - key.GetLength(); if (key == FX_BSTRC(">>")) { - dwDictSize = m_Pos - saveDictOffset; break; } if (key == FX_BSTRC("endobj")) { - dwDictSize = m_Pos - 6 - saveDictOffset; m_Pos = SavedPos; break; } @@ -2330,8 +2324,9 @@ CPDF_Object* CPDF_SyntaxParser::GetObjectByStrict(CPDF_IndirectObjects* pObjList if (m_WordBuffer[0] == ']') { return pArray; } - if (pArray) + if (pArray) { pArray->Release(); + } return NULL; } pArray->Add(pObj); @@ -2356,8 +2351,9 @@ CPDF_Object* CPDF_SyntaxParser::GetObjectByStrict(CPDF_IndirectObjects* pObjList FX_FILESIZE SavedPos = m_Pos; CFX_ByteString key = GetNextWord(bIsNumber); if (key.IsEmpty()) { - if (pDict) + if (pDict) { pDict->Release(); + } return NULL; } if (key == FX_BSTRC(">>")) { @@ -2373,8 +2369,9 @@ CPDF_Object* CPDF_SyntaxParser::GetObjectByStrict(CPDF_IndirectObjects* pObjList key = PDF_NameDecode(key); CPDF_Object* pObj = GetObject(pObjList, objnum, gennum); if (pObj == NULL) { - if (pDict) + if (pDict) { pDict->Release(); + } FX_BYTE ch; while (1) { if (!GetNextChar(ch)) { @@ -2386,11 +2383,9 @@ CPDF_Object* CPDF_SyntaxParser::GetObjectByStrict(CPDF_IndirectObjects* pObjList } return NULL; } - if (key.GetLength() == 1) { - pDict->SetAt(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1), pObj); - } else { + if (key.GetLength() > 1) { pDict->AddValue(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1), pObj); - } + } } if (pContext) { pContext->m_DictEnd = m_Pos; @@ -2406,8 +2401,9 @@ CPDF_Object* CPDF_SyntaxParser::GetObjectByStrict(CPDF_IndirectObjects* pObjList if (pStream) { return pStream; } - if (pDict) + if (pDict) { pDict->Release(); + } return NULL; } else { m_Pos = SavedPos; @@ -2772,7 +2768,7 @@ protected: FX_BOOL CheckPageStatus(IFX_DownloadHints* pHints); FX_BOOL CheckAllCrossRefStream(IFX_DownloadHints *pHints); - FX_DWORD CheckCrossRefStream(IFX_DownloadHints *pHints, FX_FILESIZE &xref_offset); + FX_INT32 CheckCrossRefStream(IFX_DownloadHints *pHints, FX_FILESIZE &xref_offset); FX_BOOL IsLinearizedFile(FX_LPBYTE pData, FX_DWORD dwLen); void SetStartOffset(FX_FILESIZE dwOffset); FX_BOOL GetNextToken(CFX_ByteString &token); @@ -3789,7 +3785,7 @@ FX_BOOL CPDF_DataAvail::CheckEnd(IFX_DownloadHints* pHints) pHints->AddSegment(req_pos, dwSize); return FALSE; } -FX_DWORD CPDF_DataAvail::CheckCrossRefStream(IFX_DownloadHints* pHints, FX_FILESIZE &xref_offset) +FX_INT32 CPDF_DataAvail::CheckCrossRefStream(IFX_DownloadHints* pHints, FX_FILESIZE &xref_offset) { xref_offset = 0; FX_DWORD req_size = (FX_DWORD)(m_Pos + 512 > m_dwFileLen ? m_dwFileLen - m_Pos : 512); @@ -3966,8 +3962,8 @@ FX_BOOL CPDF_DataAvail::CheckCrossRefItem(IFX_DownloadHints *pHints) FX_BOOL CPDF_DataAvail::CheckAllCrossRefStream(IFX_DownloadHints *pHints) { FX_FILESIZE xref_offset = 0; - FX_DWORD dwRet = CheckCrossRefStream(pHints, xref_offset); - if (dwRet == 1) { + FX_INT32 nRet = CheckCrossRefStream(pHints, xref_offset); + if (nRet == 1) { if (!xref_offset) { m_docStatus = PDF_DATAAVAIL_LOADALLCRSOSSREF; } else { @@ -3975,7 +3971,7 @@ FX_BOOL CPDF_DataAvail::CheckAllCrossRefStream(IFX_DownloadHints *pHints) m_Pos = xref_offset; } return TRUE; - } else if (dwRet == -1) { + } else if (nRet == -1) { m_docStatus = PDF_DATAAVAIL_ERROR; } return FALSE; |