diff options
author | tsepez <tsepez@chromium.org> | 2016-09-20 13:23:21 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-09-20 13:23:21 -0700 |
commit | 5a399de2945d7b244802565d8e9d2f6e662561da (patch) | |
tree | 9c25da0dd44043f69b750a9071533596aa92c6e3 /core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp | |
parent | 0d726c0c9931979d9b0594d56b52c861e08e09ba (diff) | |
download | pdfium-5a399de2945d7b244802565d8e9d2f6e662561da.tar.xz |
Make CPDF_Array not do indirect object creation.
We remove the indirect object holder argument and check that
call sites pass ownable objects, adding a reference in one
place that always was passing an indirect object.
Also check that the invariant isn't violated, we need to fail
here in the wild and investigate -- these are existing UAFs.
Review-Url: https://codereview.chromium.org/2355083002
Diffstat (limited to 'core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp')
-rw-r--r-- | core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp b/core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp index aeee3382f9..1a84fcb142 100644 --- a/core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp +++ b/core/fpdfapi/fpdf_parser/cpdf_dictionary.cpp @@ -17,6 +17,7 @@ #include "core/fpdfapi/fpdf_parser/include/cpdf_stream.h" #include "core/fpdfapi/fpdf_parser/include/cpdf_string.h" #include "third_party/base/stl_util.h" +#include "third_party/base/logging.h" CPDF_Dictionary::CPDF_Dictionary() {} @@ -169,7 +170,7 @@ bool CPDF_Dictionary::IsSignatureDict() const { } void CPDF_Dictionary::SetFor(const CFX_ByteString& key, CPDF_Object* pObj) { - ASSERT(!pObj || pObj->GetObjNum() == 0); + CHECK(!pObj || pObj->GetObjNum() == 0); auto it = m_Map.find(key); if (it == m_Map.end()) { if (pObj) |