diff options
author | weili <weili@chromium.org> | 2016-08-23 22:08:37 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-08-23 22:08:37 -0700 |
commit | a470b5e5371d0674d06068ec38d0d3c3279e85e1 (patch) | |
tree | e13f893084515082052e30c1cb8d94ec6303e38b /core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp | |
parent | 0dadcc6fdab7ad1f2ee95d763f31aad5d3534f93 (diff) | |
download | pdfium-a470b5e5371d0674d06068ec38d0d3c3279e85e1.tar.xz |
Fix stack overflow in object Clone() functions
For some complex objects such as CPDF_Dictionary, CPDF_Array,
CPDF_Stream, and CPDF_Reference, Clone() could be executed with
infinite recursion to cause the stack overflow. Fix this by
checking already cloned objects to avoid recursion.
BUG=pdfium:513
Review-Url: https://codereview.chromium.org/2250533002
Diffstat (limited to 'core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp')
-rw-r--r-- | core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp b/core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp index efad3c38f6..41a49cadab 100644 --- a/core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp +++ b/core/fpdfapi/fpdf_parser/cpdf_array_unittest.cpp @@ -125,10 +125,10 @@ TEST(cpdf_array, Clone) { ASSERT_EQ(kNumOfRows, arr->GetCount()); // Not dereferencing reference objects means just creating new references // instead of new copies of direct objects. - ScopedArray arr1(arr->Clone(FALSE)->AsArray()); + ScopedArray arr1(arr->Clone()->AsArray()); EXPECT_EQ(arr->GetCount(), arr1->GetCount()); // Dereferencing reference objects creates new copies of direct objects. - ScopedArray arr2(arr->Clone(TRUE)->AsArray()); + ScopedArray arr2(arr->CloneDirectObject()->AsArray()); EXPECT_EQ(arr->GetCount(), arr2->GetCount()); for (size_t i = 0; i < kNumOfRows; ++i) { CPDF_Array* arr_elem = arr->GetObjectAt(i)->AsArray(); |