diff options
author | Wei Li <weili@chromium.org> | 2016-02-12 18:21:21 -0800 |
---|---|---|
committer | Wei Li <weili@chromium.org> | 2016-02-12 18:21:21 -0800 |
commit | 42a1bc02c0810c039afbcb62170c326f0e717320 (patch) | |
tree | a686d50142aaa5fbd19b0a4fde32f33377a74102 /core/src/fpdfapi | |
parent | f5f1399f1af3c5869bf6857a125552d4834c19da (diff) | |
download | pdfium-42a1bc02c0810c039afbcb62170c326f0e717320.tar.xz |
Fix the way to access marked content.
When there is no dictionary for marked content, it potientially may cause crash. But it is not happening now since 1) we now check for the returned dict parameter 2) the alloc function in pdfium does zero initialization.
BUG=pdfium:67
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1695633004 .
Diffstat (limited to 'core/src/fpdfapi')
-rw-r--r-- | core/src/fpdfapi/fpdf_page/fpdf_page_graph_state.cpp | 16 | ||||
-rw-r--r-- | core/src/fpdfapi/fpdf_render/fpdf_render.cpp | 9 |
2 files changed, 10 insertions, 15 deletions
diff --git a/core/src/fpdfapi/fpdf_page/fpdf_page_graph_state.cpp b/core/src/fpdfapi/fpdf_page/fpdf_page_graph_state.cpp index 37e3c04e53..20345138b4 100644 --- a/core/src/fpdfapi/fpdf_page/fpdf_page_graph_state.cpp +++ b/core/src/fpdfapi/fpdf_page/fpdf_page_graph_state.cpp @@ -594,20 +594,19 @@ CPDF_ContentMarkItem::CPDF_ContentMarkItem(const CPDF_ContentMarkItem& src) { m_MarkName = src.m_MarkName; m_ParamType = src.m_ParamType; if (m_ParamType == DirectDict) { - m_pParam = ToDictionary(static_cast<CPDF_Object*>(src.m_pParam))->Clone(); + m_pParam = ToDictionary(src.m_pParam->Clone()); } else { m_pParam = src.m_pParam; } } CPDF_ContentMarkItem::~CPDF_ContentMarkItem() { - if (m_ParamType == DirectDict && m_pParam) { - ToDictionary(static_cast<CPDF_Object*>(m_pParam))->Release(); - } + if (m_ParamType == DirectDict && m_pParam) + m_pParam->Release(); } FX_BOOL CPDF_ContentMarkItem::HasMCID() const { if (m_pParam && (m_ParamType == DirectDict || m_ParamType == PropertiesDict)) { - return ToDictionary(static_cast<CPDF_Object*>(m_pParam))->KeyExist("MCID"); + return m_pParam->KeyExist("MCID"); } return FALSE; } @@ -622,8 +621,7 @@ int CPDF_ContentMarkData::GetMCID() const { type = m_Marks[i].GetParamType(); if (type == CPDF_ContentMarkItem::PropertiesDict || type == CPDF_ContentMarkItem::DirectDict) { - CPDF_Dictionary* pDict = - ToDictionary(static_cast<CPDF_Object*>(m_Marks[i].GetParam())); + CPDF_Dictionary* pDict = m_Marks[i].GetParam(); if (pDict->KeyExist("MCID")) { return pDict->GetIntegerBy("MCID"); } @@ -641,7 +639,7 @@ void CPDF_ContentMarkData::AddMark(const CFX_ByteString& name, } item.SetParam(bDirect ? CPDF_ContentMarkItem::DirectDict : CPDF_ContentMarkItem::PropertiesDict, - bDirect ? pDict->Clone() : pDict); + bDirect ? ToDictionary(pDict->Clone()) : pDict); } void CPDF_ContentMarkData::DeleteLastMark() { int size = m_Marks.GetSize(); @@ -673,7 +671,7 @@ FX_BOOL CPDF_ContentMark::LookupMark(const CFX_ByteStringC& mark, pDict = NULL; if (item.GetParamType() == CPDF_ContentMarkItem::PropertiesDict || item.GetParamType() == CPDF_ContentMarkItem::DirectDict) { - pDict = ToDictionary(static_cast<CPDF_Object*>(item.GetParam())); + pDict = item.GetParam(); } return TRUE; } diff --git a/core/src/fpdfapi/fpdf_render/fpdf_render.cpp b/core/src/fpdfapi/fpdf_render/fpdf_render.cpp index 35d62ce0b3..eeee03485a 100644 --- a/core/src/fpdfapi/fpdf_render/fpdf_render.cpp +++ b/core/src/fpdfapi/fpdf_render/fpdf_render.cpp @@ -1395,12 +1395,9 @@ FX_BOOL IPDF_OCContext::CheckObjectVisible(const CPDF_PageObject* pObj) { for (int i = 0; i < nItems; i++) { CPDF_ContentMarkItem& item = pData->GetItem(i); if (item.GetName() == "OC" && - item.GetParamType() == CPDF_ContentMarkItem::PropertiesDict) { - CPDF_Dictionary* pOCG = - ToDictionary(static_cast<CPDF_Object*>(item.GetParam())); - if (!CheckOCGVisible(pOCG)) { - return FALSE; - } + item.GetParamType() == CPDF_ContentMarkItem::PropertiesDict && + !CheckOCGVisible(item.GetParam())) { + return FALSE; } } return TRUE; |