Fix infinite loop on form availability check.

The problem was, that the CPDF_SyntaxParser read last block
not from requested position. In this case It move down
requested position to fill whole buffer. As result this additional
data was not requested by DownloadHints.

To fix this allow resize data buffer in CPDF_SyntaxParser, to store
more small block, and always read from requsted position.

Also add reading check into CPDF_Parser::LoadLinearizedMainXRefTable to
prevent infinite loops.

Change-Id: I14d3f4457393025dca390aa3ceaa940716463534
Reviewed-on: https://pdfium-review.googlesource.com/11891
Commit-Queue: Art Snake <art-snake@yandex-team.ru>
Reviewed-by: dsinclair <dsinclair@chromium.org>

1 files changed, 2 insertions, 1 deletions

diff --git a/core/fpdfapi/parser/cpdf_parser.cpp b/core/fpdfapi/parser/cpdf_parser.cpp
index 6fb0d5fa1d..6643cf5123 100644
--- a/core/fpdfapi/parser/cpdf_parser.cpp
+++ b/core/fpdfapi/parser/cpdf_parser.cpp
@@ -1459,7 +1459,8 @@ CPDF_Parser::Error CPDF_Parser::LoadLinearizedMainXRefTable() {
         (FX_FILESIZE)(m_pSyntax->GetPos() + m_pSyntax->m_HeaderOffset)) {
       break;
     }
-    m_pSyntax->GetNextChar(ch);
+    if (!m_pSyntax->GetNextChar(ch))
+      return HANDLER_ERROR;
   }
   m_LastXRefOffset += dwCount;
   m_ObjectStreamMap.clear();