summaryrefslogtreecommitdiff
path: root/fxjs/cfxjse_formcalc_context.cpp
diff options
context:
space:
mode:
authorDan Sinclair <dsinclair@chromium.org>2018-02-05 17:59:49 +0000
committerChromium commit bot <commit-bot@chromium.org>2018-02-05 17:59:49 +0000
commit2896cfaff519136d7d770ca048b448e6b3ad9324 (patch)
tree7f0dee9f23c392d416198183e8b6cf44e9155d4a /fxjs/cfxjse_formcalc_context.cpp
parent1ea9f3f92f2586de844ccbf8f8f2ef3f00aa20fa (diff)
downloadpdfium-2896cfaff519136d7d770ca048b448e6b3ad9324.tar.xz
[XFA] dot_accessor may not provide a valid object.
If the object being accessed through the dot_accessor does not exist it's possible to receive a nullptr in ResolveObject. Instead of ASSERTing just return false and let the caller handle the failure. Bug: chromium::778904 Change-Id: I918c1c5dcb23b86082793c5037d58e0ab043559e Reviewed-on: https://pdfium-review.googlesource.com/25350 Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org> Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Diffstat (limited to 'fxjs/cfxjse_formcalc_context.cpp')
-rw-r--r--fxjs/cfxjse_formcalc_context.cpp4
1 files changed, 3 insertions, 1 deletions
diff --git a/fxjs/cfxjse_formcalc_context.cpp b/fxjs/cfxjse_formcalc_context.cpp
index 3306cd9042..9f0664cacc 100644
--- a/fxjs/cfxjse_formcalc_context.cpp
+++ b/fxjs/cfxjse_formcalc_context.cpp
@@ -5944,7 +5944,9 @@ bool CFXJSE_FormCalcContext::ResolveObjects(CFXJSE_Value* pThis,
dFlags = XFA_RESOLVENODE_Siblings | XFA_RESOLVENODE_Parent;
} else {
pNode = CFXJSE_Engine::ToObject(pRefValue, nullptr);
- ASSERT(pNode);
+ if (!pNode)
+ return false;
+
if (bHasNoResolveName) {
WideString wsName;
if (CXFA_Node* pXFANode = pNode->AsNode()) {