diff options
author | Lei Zhang <thestig@chromium.org> | 2015-10-26 13:54:28 -0700 |
---|---|---|
committer | Lei Zhang <thestig@chromium.org> | 2015-10-26 13:54:28 -0700 |
commit | a568ff2dddd3ef44f224d21b31afff8eb14b6d31 (patch) | |
tree | 67266204d8297ebc5093695911eebb3ae809eed1 /core/src | |
parent | 95d25e4585358c74ae91c2ed5e08099ebbfdf24c (diff) | |
download | pdfium-a568ff2dddd3ef44f224d21b31afff8eb14b6d31.tar.xz |
Fix a leak in CPDF_SyntaxParser::GetObject().
As seen in FPDFViewEmbeddertest.Crasher_451830.
R=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1385803002 .
Diffstat (limited to 'core/src')
-rw-r--r-- | core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp index d486cfe231..27cc8688cc 100644 --- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp +++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp @@ -2139,6 +2139,13 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList, ++nKeys; key = PDF_NameDecode(key); + if (key.IsEmpty()) + continue; + + CFX_ByteStringC keyNoSlash(key.c_str() + 1, key.GetLength() - 1); + if (keyNoSlash.IsEmpty()) + continue; + if (key == FX_BSTRC("/Contents")) dwSignValuePos = m_Pos; @@ -2146,14 +2153,12 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList, if (!pObj) continue; - if (key.GetLength() >= 1) { - if (nKeys < 32) { - pDict->SetAt(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1), - pObj); - } else { - pDict->AddValue(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1), - pObj); - } + // TODO(thestig): Remove this conditional once CPDF_Dictionary has a + // better underlying map implementation. + if (nKeys < 32) { + pDict->SetAt(keyNoSlash, pObj); + } else { + pDict->AddValue(keyNoSlash, pObj); } } |