summaryrefslogtreecommitdiff
path: root/fpdfsdk/src/javascript/app.cpp
diff options
context:
space:
mode:
authorBo Xu <bo_xu@foxitsoftware.com>2014-07-14 12:13:53 -0700
committerBo Xu <bo_xu@foxitsoftware.com>2014-07-14 12:13:53 -0700
commit8daab317ff959905e926b861a7d2aa876fd10429 (patch)
treed42dbefe9bbdf4492c537253fbc23abf21585fb5 /fpdfsdk/src/javascript/app.cpp
parent456cde93a928629bbf2ac64bda13ef7923359823 (diff)
downloadpdfium-8daab317ff959905e926b861a7d2aa876fd10429.tar.xz
Fix an out-of-boundary issue for wide string
BUG=381521 R=palmer@chromium.org Review URL: https://codereview.chromium.org/383563002
Diffstat (limited to 'fpdfsdk/src/javascript/app.cpp')
-rw-r--r--fpdfsdk/src/javascript/app.cpp22
1 files changed, 10 insertions, 12 deletions
diff --git a/fpdfsdk/src/javascript/app.cpp b/fpdfsdk/src/javascript/app.cpp
index a3e61c01ab..3b92a992d9 100644
--- a/fpdfsdk/src/javascript/app.cpp
+++ b/fpdfsdk/src/javascript/app.cpp
@@ -886,15 +886,15 @@ FX_BOOL app::browseForDoc(OBJ_METHOD_PARAMS)
{
JSObject pObj = (JSObject )params[0];
- v8::Handle<v8::Value> pValue = JS_GetObjectElement(isolate,pObj,L"bSave");
- bSave = (bool)CJS_Value(isolate,pValue,GET_VALUE_TYPE(pValue));
-
+ v8::Handle<v8::Value> pValue = JS_GetObjectElement(isolate,pObj,L"bSave");
+ bSave = (bool)CJS_Value(isolate,pValue,GET_VALUE_TYPE(pValue));
+
pValue = JS_GetObjectElement(isolate, pObj,L"cFilenameInit");
{
CJS_Value t = CJS_Value(isolate, pValue, GET_VALUE_TYPE(pValue));
- cFilenameInit = t.operator CFX_ByteString();
+ cFilenameInit = t.operator CFX_ByteString();
}
-
+
pValue = JS_GetObjectElement(isolate,pObj,L"cFSInit");
{
CJS_Value t = CJS_Value(isolate, pValue, GET_VALUE_TYPE(pValue));
@@ -1097,25 +1097,23 @@ FX_BOOL app::response(OBJ_METHOD_PARAMS)
}
CJS_Context* pContext = (CJS_Context *)cc;
- ASSERT(pContext != NULL);
+ ASSERT(pContext != NULL);
CPDFDoc_Environment* pApp = pContext->GetReaderApp();
- ASSERT(pApp != NULL);
+ ASSERT(pApp != NULL);
int nLength = 2048;
char* pBuff = new char[nLength];
nLength = pApp->JS_appResponse(swQuestion, swTitle, swDefault, swLabel, bPassWord, pBuff, nLength);
if(nLength<=0)
{
+ delete[] pBuff;
vRet.SetNull();
return FALSE;
}
else
{
- nLength = nLength>2046?2046:nLength;
- pBuff[nLength] = 0;
- pBuff[nLength+1] = 0;
- swResponse = CFX_WideString::FromUTF16LE((unsigned short*)pBuff, nLength);
- vRet = swResponse;
+ nLength = nLength > sizeof(pBuff) ? sizeof(pBuff) : nLength;
+ vRet = swResponse = CFX_WideString::FromUTF16LE((unsigned short*)pBuff, nLength / 2);
}
delete[] pBuff;