diff options
author | Tom Sepez <tsepez@chromium.org> | 2017-05-26 09:37:01 -0700 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2017-05-26 18:29:46 +0000 |
commit | 741c362fb75fd8acd2ed2059c6e3e716a63a7ac8 (patch) | |
tree | b97aa74db40168128b7ec64f9fa2ef5191e7eb4a /core | |
parent | d9281818c09a628668202558fbd1b79f39a98e4c (diff) | |
download | pdfium-741c362fb75fd8acd2ed2059c6e3e716a63a7ac8.tar.xz |
Avoid dangling encrypt dict pointer in CPDF_Parser
CPDF_Parser::StartParse should release the current encrypt dict
before trashing it by calling RebuildCrossRef() at cpdf_parser.cpp:195.
This gives rise to the pattern that calls to ReleaseEncryptHandler()
are followed by SetEncryptDict(nullptr), so just move the later into
the former.
Bug: 726503
Change-Id: I38bc81f0c0416812035a8a2541c09e875f1fb49a
Reviewed-on: https://pdfium-review.googlesource.com/6030
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Diffstat (limited to 'core')
-rw-r--r-- | core/fpdfapi/parser/cpdf_parser.cpp | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/core/fpdfapi/parser/cpdf_parser.cpp b/core/fpdfapi/parser/cpdf_parser.cpp index bf8bc7b542..01c3b8ccd1 100644 --- a/core/fpdfapi/parser/cpdf_parser.cpp +++ b/core/fpdfapi/parser/cpdf_parser.cpp @@ -63,7 +63,6 @@ CPDF_Parser::CPDF_Parser() CPDF_Parser::~CPDF_Parser() { ReleaseEncryptHandler(); - SetEncryptDictionary(nullptr); } uint32_t CPDF_Parser::GetLastObjNum() const { @@ -222,8 +221,6 @@ CPDF_Parser::Error CPDF_Parser::StartParse( } CPDF_Parser::Error CPDF_Parser::SetEncryptHandler() { ReleaseEncryptHandler(); - SetEncryptDictionary(nullptr); - if (!m_pTrailer) return FORMAT_ERROR; @@ -260,6 +257,7 @@ CPDF_Parser::Error CPDF_Parser::SetEncryptHandler() { void CPDF_Parser::ReleaseEncryptHandler() { m_pSyntax->m_pCryptoHandler.Reset(); m_pSecurityHandler.reset(); + SetEncryptDictionary(nullptr); } FX_FILESIZE CPDF_Parser::GetObjectOffset(uint32_t objnum) const { |