More tightly validate format strings in util.cpp.chromium/3160

Re-work the previous fix to be even more particular about the input. Bug: chromium:740166 Change-Id: I6bea3b6a6dd320a83f830b07afd52951be7d1b63 Reviewed-on: https://pdfium-review.googlesource.com/7691 Commit-Queue: Tom Sepez <tsepez@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
author: Tom Sepez <tsepez@chromium.org> 2017-07-17 09:29:05 -0700
committer: Chromium commit bot <commit-bot@chromium.org> 2017-07-17 16:44:06 +0000
commit: ffbc0d9a08f8443e67965f03dc0ae427c7f8d145 (patch)
tree: 4406f3721977421f76aa28bc6b264dcc58c5c077 /fpdfsdk/javascript/util_unittest.cpp
parent: 0b7378afe3dee6db6cff8ee834e758d3a76efa3b (diff)
download: pdfium-ffbc0d9a08f8443e67965f03dc0ae427c7f8d145.tar.xz
1 files changed, 5 insertions, 5 deletions
diff --git a/fpdfsdk/javascript/util_unittest.cpp b/fpdfsdk/javascript/util_unittest.cpp
index eaebc9c7f2..b096f35a18 100644
--- a/fpdfsdk/javascript/util_unittest.cpp
+++ b/fpdfsdk/javascript/util_unittest.cpp
@@ -78,12 +78,12 @@ TEST(CJS_Util, ParseDataType) {
       // {L"%.14s", -1},
       // {L"%.f", -1},
 
+      // See https://crbug.com/740166
       // nPrecision too large (> 260) causes crashes in Windows.
-      // TODO(tsepez): Reenable when fix is out.
-      // {L"%.261d", -1},
-      // {L"%.261x", -1},
-      // {L"%.261f", -1},
-      // {L"%.261s", -1},
+      // Avoid this by limiting to two digits
+      {L"%.1d", UTIL_INT},
+      {L"%.10d", UTIL_INT},
+      {L"%.100d", -1},
 
       // Unexpected characters
       {L"%ad", -1},
author	Tom Sepez <tsepez@chromium.org>	2017-07-17 09:29:05 -0700
committer	Chromium commit bot <commit-bot@chromium.org>	2017-07-17 16:44:06 +0000
commit	ffbc0d9a08f8443e67965f03dc0ae427c7f8d145 (patch)
tree	4406f3721977421f76aa28bc6b264dcc58c5c077 /fpdfsdk/javascript/util_unittest.cpp
parent	0b7378afe3dee6db6cff8ee834e758d3a76efa3b (diff)
download	pdfium-ffbc0d9a08f8443e67965f03dc0ae427c7f8d145.tar.xz