summaryrefslogtreecommitdiff
path: root/core/fpdfapi/parser/cpdf_parser.cpp
diff options
context:
space:
mode:
authorLei Zhang <thestig@chromium.org>2017-08-01 11:08:33 -0700
committerChromium commit bot <commit-bot@chromium.org>2017-08-01 21:32:01 +0000
commit1c5d8504ed38dbf19ae4dee04360cf0893cdb18f (patch)
treeba6378465e4f0659b023e8e2674fb2ba447e0d45 /core/fpdfapi/parser/cpdf_parser.cpp
parent04f736099c065d83193d2ceeccd6d125d7fe789d (diff)
downloadpdfium-1c5d8504ed38dbf19ae4dee04360cf0893cdb18f.tar.xz
Change CPDF_Parser::GetIndirectBinary() to return a std::vector.
Fixes potential leaks in CPDF_Creator::WriteOldIndirectObject(), the only caller. Change-Id: I8a20da8a555c8d28f3bcd467a193a6a81c9f91d9 Reviewed-on: https://pdfium-review.googlesource.com/9751 Reviewed-by: Art Snake <art-snake@yandex-team.ru> Commit-Queue: Lei Zhang <thestig@chromium.org>
Diffstat (limited to 'core/fpdfapi/parser/cpdf_parser.cpp')
-rw-r--r--core/fpdfapi/parser/cpdf_parser.cpp41
1 files changed, 20 insertions, 21 deletions
diff --git a/core/fpdfapi/parser/cpdf_parser.cpp b/core/fpdfapi/parser/cpdf_parser.cpp
index 0f4da6e28f..eb59195aa2 100644
--- a/core/fpdfapi/parser/cpdf_parser.cpp
+++ b/core/fpdfapi/parser/cpdf_parser.cpp
@@ -1222,19 +1222,16 @@ FX_FILESIZE CPDF_Parser::GetObjectSize(uint32_t objnum) const {
return *it - offset;
}
-void CPDF_Parser::GetIndirectBinary(uint32_t objnum,
- uint8_t*& pBuffer,
- uint32_t& size) {
- pBuffer = nullptr;
- size = 0;
+std::vector<uint8_t> CPDF_Parser::GetIndirectBinary(uint32_t objnum) {
+ std::vector<uint8_t> buffer;
if (!IsValidObjectNumber(objnum))
- return;
+ return buffer;
if (GetObjectType(objnum) == ObjectType::kCompressed) {
CFX_RetainPtr<CPDF_StreamAcc> pObjStream =
GetObjectStream(m_ObjectInfo[objnum].pos);
if (!pObjStream)
- return;
+ return buffer;
int32_t offset = GetStreamFirst(pObjStream);
const uint8_t* pData = pObjStream->GetData();
@@ -1250,6 +1247,7 @@ void CPDF_Parser::GetIndirectBinary(uint32_t objnum,
if (thisnum != objnum)
continue;
+ size_t size = 0;
if (i == 1) {
size = totalsize - (thisoff + offset);
} else {
@@ -1258,19 +1256,19 @@ void CPDF_Parser::GetIndirectBinary(uint32_t objnum,
size = nextoff - thisoff;
}
- pBuffer = FX_Alloc(uint8_t, size);
- memcpy(pBuffer, pData + thisoff + offset, size);
- return;
+ buffer.resize(size);
+ memcpy(buffer.data(), pData + thisoff + offset, size);
+ break;
}
- return;
+ return buffer;
}
if (GetObjectType(objnum) != ObjectType::kNotCompressed)
- return;
+ return buffer;
FX_FILESIZE pos = m_ObjectInfo[objnum].pos;
if (pos == 0)
- return;
+ return buffer;
FX_FILESIZE SavedPos = m_pSyntax->GetPos();
m_pSyntax->SetPos(pos);
@@ -1279,30 +1277,30 @@ void CPDF_Parser::GetIndirectBinary(uint32_t objnum,
CFX_ByteString word = m_pSyntax->GetNextWord(&bIsNumber);
if (!bIsNumber) {
m_pSyntax->SetPos(SavedPos);
- return;
+ return buffer;
}
uint32_t parser_objnum = FXSYS_atoui(word.c_str());
if (parser_objnum && parser_objnum != objnum) {
m_pSyntax->SetPos(SavedPos);
- return;
+ return buffer;
}
word = m_pSyntax->GetNextWord(&bIsNumber);
if (!bIsNumber) {
m_pSyntax->SetPos(SavedPos);
- return;
+ return buffer;
}
if (m_pSyntax->GetKeyword() != "obj") {
m_pSyntax->SetPos(SavedPos);
- return;
+ return buffer;
}
auto it = m_SortedOffset.find(pos);
if (it == m_SortedOffset.end() || ++it == m_SortedOffset.end()) {
m_pSyntax->SetPos(SavedPos);
- return;
+ return buffer;
}
FX_FILESIZE nextoff = *it;
@@ -1332,11 +1330,12 @@ void CPDF_Parser::GetIndirectBinary(uint32_t objnum,
nextoff = m_pSyntax->GetPos();
}
- size = (uint32_t)(nextoff - pos);
- pBuffer = FX_Alloc(uint8_t, size);
+ size_t size = (uint32_t)(nextoff - pos);
+ buffer.resize(size);
m_pSyntax->SetPos(pos);
- m_pSyntax->ReadBlock(pBuffer, size);
+ m_pSyntax->ReadBlock(buffer.data(), size);
m_pSyntax->SetPos(SavedPos);
+ return buffer;
}
std::unique_ptr<CPDF_Object> CPDF_Parser::ParseIndirectObjectAt(
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 19:36:43 +0000