diff options
author | Henrique Nakashima <hnakashima@chromium.org> | 2017-10-10 16:13:08 -0400 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2017-10-10 20:23:26 +0000 |
commit | fb6165ff8f8ad1d7725f63e509eb7f7543df231e (patch) | |
tree | 3231f9790fd9d70d1954e7d7c912072fdb3cf2de /fxjs/cfxjse_context.h | |
parent | 1886471c3432dee4d9a9be5678a757dde8717652 (diff) | |
download | pdfium-fb6165ff8f8ad1d7725f63e509eb7f7543df231e.tar.xz |
Fix dangling pointer to ID array in CPDF_SecurityHandler.chromium/3238chromium/3237
This was caused by breaking the reference from CPDF_SecurityHandler to
CPDF_Parser in https://pdfium-review.googlesource.com/c/pdfium/+/15290
The reference was replaced with a reference to the ID Array and a copy
of the password. The issue is that when parsing PDFs with multiple
trailers, the trailer containing the ID array may be replaced and
destroyed in CPDF_Parser::TrailerData::SetMainTrailer() after being
passed to CPDF_SecurityHandler, which would then have a dangling
pointer to it.
This CL changes the CPDF_SecurityHandler to hold a copy of the original
file ID instead of all the ID Array.
Bug: chromium:771479,chromium:772376
Change-Id: Id98100502093d890fc2fe6a3da139f910daf38f4
Reviewed-on: https://pdfium-review.googlesource.com/15910
Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Diffstat (limited to 'fxjs/cfxjse_context.h')
0 files changed, 0 insertions, 0 deletions