Assert objnum non-zero in ReplaceIndirectObjectIfHigherGeneration()

Removes a path where it might not have taken ownership of an object, at the expense of making callers check first. This eases making the second argument an unique_ptr someday. Review-Url: https://codereview.chromium.org/2475823002
author: tsepez <tsepez@chromium.org> 2016-11-04 11:02:59 -0700
committer: Commit bot <commit-bot@chromium.org> 2016-11-04 11:02:59 -0700
commit: 761eed284e1248f851fbb23beaa45835b644ecee (patch)
tree: 34cff2bb264236174957fb0b7fc7a8c3c1f26e30
parent: f0d5b6c35fa343108a3ab7a25bc2cc2b3cf105b3 (diff)
download: pdfium-761eed284e1248f851fbb23beaa45835b644ecee.tar.xz
3 files changed, 10 insertions, 4 deletions
diff --git a/core/fpdfapi/parser/cfdf_document.cpp b/core/fpdfapi/parser/cfdf_document.cpp
index d39ec31d3c..bcaa9daec3 100644
--- a/core/fpdfapi/parser/cfdf_document.cpp
+++ b/core/fpdfapi/parser/cfdf_document.cpp
@@ -58,6 +58,9 @@ void CFDF_Document::ParseStream(IFX_SeekableReadStream* pFile, bool bOwnFile) {
     CFX_ByteString word = parser.GetNextWord(&bNumber);
     if (bNumber) {
       uint32_t objnum = FXSYS_atoui(word.c_str());
+      if (!objnum)
+        break;
+
       word = parser.GetNextWord(&bNumber);
       if (!bNumber)
         break;
diff --git a/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp b/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp
index 6e549de5a7..9427543396 100644
--- a/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp
+++ b/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp
@@ -56,7 +56,8 @@ uint32_t CPDF_IndirectObjectHolder::AddIndirectObject(CPDF_Object* pObj) {
 bool CPDF_IndirectObjectHolder::ReplaceIndirectObjectIfHigherGeneration(
     uint32_t objnum,
     CPDF_Object* pObj) {
-  if (!objnum || !pObj)
+  ASSERT(objnum);
+  if (!pObj)
     return false;
 
   CPDF_Object* pOldObj = GetIndirectObject(objnum);
diff --git a/core/fpdfapi/parser/cpdf_parser.cpp b/core/fpdfapi/parser/cpdf_parser.cpp
index cff0f77b32..96e59fb62f 100644
--- a/core/fpdfapi/parser/cpdf_parser.cpp
+++ b/core/fpdfapi/parser/cpdf_parser.cpp
@@ -960,14 +960,16 @@ bool CPDF_Parser::LoadCrossRefV5(FX_FILESIZE* pos, bool bMainXRef) {
   if (!pObject)
     return false;
 
-  CPDF_Object* pUnownedObject = pObject.get();
+  uint32_t objnum = pObject->m_ObjNum;
+  if (!objnum)
+    return false;
 
+  CPDF_Object* pUnownedObject = pObject.get();
   if (m_pDocument) {
     CPDF_Dictionary* pRootDict = m_pDocument->GetRoot();
-    if (pRootDict && pRootDict->GetObjNum() == pObject->m_ObjNum)
+    if (pRootDict && pRootDict->GetObjNum() == objnum)
       return false;
     // Takes ownership of object (std::move someday).
-    uint32_t objnum = pObject->m_ObjNum;
     if (!m_pDocument->ReplaceIndirectObjectIfHigherGeneration(
             objnum, pObject.release())) {
       return false;
author	tsepez <tsepez@chromium.org>	2016-11-04 11:02:59 -0700
committer	Commit bot <commit-bot@chromium.org>	2016-11-04 11:02:59 -0700
commit	761eed284e1248f851fbb23beaa45835b644ecee (patch)
tree	34cff2bb264236174957fb0b7fc7a8c3c1f26e30
parent	f0d5b6c35fa343108a3ab7a25bc2cc2b3cf105b3 (diff)
download	pdfium-761eed284e1248f851fbb23beaa45835b644ecee.tar.xz