diff options
| author | Tom Sepez <tsepez@chromium.org> | 2017-08-14 16:24:29 -0700 |
|---|---|---|
| committer | Chromium commit bot <commit-bot@chromium.org> | 2017-08-16 18:15:21 +0000 |
| commit | 63b2fc7e0248d2112935775f52027a018b9aa737 (patch) | |
| tree | e3ebd1a5cc18317ee6fc1204fe04a141ac4a6421 | |
| parent | b370e5a8f8df8cd6827ddb99b958d6a00642035e (diff) | |
| download | pdfium-63b2fc7e0248d2112935775f52027a018b9aa737.tar.xz | |
Check for possible empty object returns from NewFxDynamicObj()
Avoid some potential crashiness.
TBR=jochen@chromium.org
Bug: 754610
Change-Id: Ie8143c1909df7ba5783b7d20b61e31f093d04b34
Reviewed-on: https://pdfium-review.googlesource.com/10970
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
| -rw-r--r-- | fpdfsdk/javascript/global.cpp | 19 | ||||
| -rw-r--r-- | fxjs/fxjs_v8.cpp | 8 | ||||
| -rw-r--r-- | fxjs/fxjs_v8_embeddertest.cpp | 1 |
3 files changed, 19 insertions, 9 deletions
diff --git a/fpdfsdk/javascript/global.cpp b/fpdfsdk/javascript/global.cpp index d7f17fa41c..8dcddf4339 100644 --- a/fpdfsdk/javascript/global.cpp +++ b/fpdfsdk/javascript/global.cpp @@ -206,11 +206,13 @@ void JSGlobalAlternate::UpdateGlobalPersistentVariables() { break; case JS_GlobalDataType::OBJECT: { v8::Local<v8::Object> pObj = pRuntime->NewFxDynamicObj(-1); - PutObjectProperty(pObj, &pData->data); - SetGlobalVariables(pData->data.sKey, JS_GlobalDataType::OBJECT, 0, - false, "", pObj, pData->bPersistent == 1); - pRuntime->PutObjectProperty(m_pJSObject->ToV8Object(), - pData->data.sKey.UTF8Decode(), pObj); + if (!pObj.IsEmpty()) { + PutObjectProperty(pObj, &pData->data); + SetGlobalVariables(pData->data.sKey, JS_GlobalDataType::OBJECT, 0, + false, "", pObj, pData->bPersistent == 1); + pRuntime->PutObjectProperty(m_pJSObject->ToV8Object(), + pData->data.sKey.UTF8Decode(), pObj); + } } break; case JS_GlobalDataType::NULLOBJ: SetGlobalVariables(pData->data.sKey, JS_GlobalDataType::NULLOBJ, 0, @@ -335,8 +337,11 @@ void JSGlobalAlternate::PutObjectProperty(v8::Local<v8::Object> pObj, break; case JS_GlobalDataType::OBJECT: { v8::Local<v8::Object> pNewObj = pRuntime->NewFxDynamicObj(-1); - PutObjectProperty(pNewObj, pObjData); - pRuntime->PutObjectProperty(pObj, pObjData->sKey.UTF8Decode(), pNewObj); + if (!pNewObj.IsEmpty()) { + PutObjectProperty(pNewObj, pObjData); + pRuntime->PutObjectProperty(pObj, pObjData->sKey.UTF8Decode(), + pNewObj); + } } break; case JS_GlobalDataType::NULLOBJ: pRuntime->PutObjectProperty(pObj, pObjData->sKey.UTF8Decode(), diff --git a/fxjs/fxjs_v8.cpp b/fxjs/fxjs_v8.cpp index d3d2010b30..05986b4eb8 100644 --- a/fxjs/fxjs_v8.cpp +++ b/fxjs/fxjs_v8.cpp @@ -409,8 +409,12 @@ void CFXJS_Engine::InitializeEngine() { } else if (pObjDef->m_ObjType == FXJSOBJTYPE_STATIC) { v8::Local<v8::String> pObjName = NewString(pObjDef->m_ObjName); v8::Local<v8::Object> obj = NewFxDynamicObj(i, true); - v8Context->Global()->Set(v8Context, pObjName, obj).FromJust(); - m_StaticObjects[i] = new v8::Global<v8::Object>(m_isolate, obj); + if (!obj.IsEmpty()) { + v8Context->Global()->Set(v8Context, pObjName, obj).FromJust(); + m_StaticObjects[i] = new v8::Global<v8::Object>(m_isolate, obj); + } else { + m_StaticObjects[i] = nullptr; + } } } m_V8PersistentContext.Reset(m_isolate, v8Context); diff --git a/fxjs/fxjs_v8_embeddertest.cpp b/fxjs/fxjs_v8_embeddertest.cpp index 4d05a20bf9..5a8ee63bea 100644 --- a/fxjs/fxjs_v8_embeddertest.cpp +++ b/fxjs/fxjs_v8_embeddertest.cpp @@ -192,6 +192,7 @@ TEST_F(FXJSV8EmbedderTest, NewObject) { v8::Context::Scope context_scope(GetV8Context()); auto object = engine()->NewFxDynamicObj(-1); + ASSERT_FALSE(object.IsEmpty()); EXPECT_EQ(0u, engine()->GetObjectPropertyNames(object).size()); EXPECT_FALSE(engine()->GetObjectProperty(object, L"clams").IsEmpty()); EXPECT_TRUE(engine()->GetObjectProperty(object, L"clams")->IsUndefined()); |