diff options
author | Tom Sepez <tsepez@chromium.org> | 2015-01-23 15:05:43 -0800 |
---|---|---|
committer | Tom Sepez <tsepez@chromium.org> | 2015-01-23 15:05:43 -0800 |
commit | e0bbe4aac90e56950f28e322c3d6192c35af5ea0 (patch) | |
tree | 55cc9af3afa38333b13a55810d85cd788e6196f8 /core | |
parent | af9be4fe77e1067f1cc265de8aae547f6358bc44 (diff) | |
download | pdfium-e0bbe4aac90e56950f28e322c3d6192c35af5ea0.tar.xz |
Fix null crash in CheckTrailer.
We are making checks in the incorrect order. Also adds two test
cases, one for the this crash, and another for the original issue
that motivated the patch.
Original Patch by Bo at https://codereview.chromium.org/866003003/
BUG=450871
R=bo_xu@foxitsoftware.com
Review URL: https://codereview.chromium.org/872563002
Diffstat (limited to 'core')
-rw-r--r-- | core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp index f6253757b6..5dfcc82787 100644 --- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp +++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp @@ -4026,14 +4026,14 @@ FX_BOOL CPDF_DataAvail::CheckTrailer(IFX_DownloadHints* pHints) CFX_SmartPointer<IFX_FileStream> file(FX_CreateMemoryStream(pBuf, (size_t)iSize, FALSE)); m_syntaxParser.InitParser((IFX_FileStream*)file, 0); CPDF_Object *pTrailer = m_syntaxParser.GetObject(NULL, 0, 0, 0); - if (pTrailer->GetType() != PDFOBJ_DICTIONARY) { - return FALSE; - } if (!pTrailer) { m_Pos += m_syntaxParser.SavePos(); pHints->AddSegment(m_Pos, iTrailerSize); return FALSE; } + if (pTrailer->GetType() != PDFOBJ_DICTIONARY) { + return FALSE; + } CPDF_Dictionary *pTrailerDict = pTrailer->GetDict(); if (pTrailerDict) { CPDF_Object *pEncrypt = pTrailerDict->GetElement("Encrypt"); |