diff options
author | Dan Sinclair <dsinclair@chromium.org> | 2018-02-05 17:59:49 +0000 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2018-02-05 17:59:49 +0000 |
commit | 2896cfaff519136d7d770ca048b448e6b3ad9324 (patch) | |
tree | 7f0dee9f23c392d416198183e8b6cf44e9155d4a /fxjs/cfxjse_formcalc_context.cpp | |
parent | 1ea9f3f92f2586de844ccbf8f8f2ef3f00aa20fa (diff) | |
download | pdfium-2896cfaff519136d7d770ca048b448e6b3ad9324.tar.xz |
[XFA] dot_accessor may not provide a valid object.
If the object being accessed through the dot_accessor does not exist
it's possible to receive a nullptr in ResolveObject. Instead of
ASSERTing just return false and let the caller handle the failure.
Bug: chromium::778904
Change-Id: I918c1c5dcb23b86082793c5037d58e0ab043559e
Reviewed-on: https://pdfium-review.googlesource.com/25350
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Diffstat (limited to 'fxjs/cfxjse_formcalc_context.cpp')
-rw-r--r-- | fxjs/cfxjse_formcalc_context.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fxjs/cfxjse_formcalc_context.cpp b/fxjs/cfxjse_formcalc_context.cpp index 3306cd9042..9f0664cacc 100644 --- a/fxjs/cfxjse_formcalc_context.cpp +++ b/fxjs/cfxjse_formcalc_context.cpp @@ -5944,7 +5944,9 @@ bool CFXJSE_FormCalcContext::ResolveObjects(CFXJSE_Value* pThis, dFlags = XFA_RESOLVENODE_Siblings | XFA_RESOLVENODE_Parent; } else { pNode = CFXJSE_Engine::ToObject(pRefValue, nullptr); - ASSERT(pNode); + if (!pNode) + return false; + if (bHasNoResolveName) { WideString wsName; if (CXFA_Node* pXFANode = pNode->AsNode()) { |