diff options
| author | Tom Sepez <tsepez@chromium.org> | 2018-07-19 21:10:16 +0000 |
|---|---|---|
| committer | Chromium commit bot <commit-bot@chromium.org> | 2018-07-19 21:10:16 +0000 |
| commit | 408392263860a9d2fc314a69d45ca1553a896ea5 (patch) | |
| tree | 08eefce1ac49fe9134e3f02fad727bce579327b5 | |
| parent | 5527682463d1c250e01e868655b58da7625db0c1 (diff) | |
| download | pdfium-408392263860a9d2fc314a69d45ca1553a896ea5.tar.xz | |
Change some ASSERTS() to early returns in cfxjse_class.cpp
Given the issues we've seen on the non-XFA side, be more careful
about using V8-provided data on the XFA side.
Change-Id: I13b7fa9ac852be74c8135410734445b2c9a23c97
Reviewed-on: https://pdfium-review.googlesource.com/38430
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
| -rw-r--r-- | fxjs/cfxjse_class.cpp | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/fxjs/cfxjse_class.cpp b/fxjs/cfxjse_class.cpp index 2a2e0da333..67186ff66f 100644 --- a/fxjs/cfxjse_class.cpp +++ b/fxjs/cfxjse_class.cpp @@ -76,33 +76,37 @@ void Context_GlobalObjToString( void DynPropGetterAdapter_MethodCallback( const v8::FunctionCallbackInfo<v8::Value>& info) { v8::Local<v8::Object> hCallBackInfo = info.Data().As<v8::Object>(); - ASSERT(hCallBackInfo->InternalFieldCount() == 2); + if (hCallBackInfo->InternalFieldCount() != 2) + return; - const FXJSE_CLASS_DESCRIPTOR* lpClass = - static_cast<const FXJSE_CLASS_DESCRIPTOR*>( - hCallBackInfo->GetAlignedPointerFromInternalField(0)); - ASSERT(lpClass == &GlobalClassDescriptor || - lpClass == &NormalClassDescriptor || - lpClass == &VariablesClassDescriptor || - lpClass == &kFormCalcFM2JSDescriptor); + auto* pClassDescriptor = static_cast<const FXJSE_CLASS_DESCRIPTOR*>( + hCallBackInfo->GetAlignedPointerFromInternalField(0)); + if (pClassDescriptor != &GlobalClassDescriptor && + pClassDescriptor != &NormalClassDescriptor && + pClassDescriptor != &VariablesClassDescriptor && + pClassDescriptor != &kFormCalcFM2JSDescriptor) { + return; + } v8::Local<v8::String> hPropName = hCallBackInfo->GetInternalField(1).As<v8::String>(); - ASSERT(!hPropName.IsEmpty()); + if (hPropName.IsEmpty()) + return; v8::String::Utf8Value szPropName(info.GetIsolate(), hPropName); - WideString szFxPropName = WideString::FromUTF8(*szPropName); + CJS_Return result = + pClassDescriptor->dynMethodCall(info, WideString::FromUTF8(*szPropName)); - CJS_Return result = lpClass->dynMethodCall(info, szFxPropName); if (result.HasError()) { - WideString err = - JSFormatErrorString(lpClass->name, *szPropName, result.Error()); + WideString err = JSFormatErrorString(pClassDescriptor->name, *szPropName, + result.Error()); v8::MaybeLocal<v8::String> str = v8::String::NewFromUtf8( info.GetIsolate(), ByteString::FromUnicode(err).c_str(), v8::NewStringType::kNormal); info.GetIsolate()->ThrowException(str.ToLocalChecked()); return; } + if (result.HasReturn()) info.GetReturnValue().Set(result.Return()); } |