Check for possible empty object returns from NewFxDynamicObj()

Avoid some potential crashiness.

TBR=jochen@chromium.org

Bug: 754610
Change-Id: Ie8143c1909df7ba5783b7d20b61e31f093d04b34
Reviewed-on: https://pdfium-review.googlesource.com/10970
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>

2 files changed, 7 insertions, 2 deletions

diff --git a/fxjs/fxjs_v8.cpp b/fxjs/fxjs_v8.cpp
index d3d2010b30..05986b4eb8 100644
--- a/fxjs/fxjs_v8.cpp
+++ b/fxjs/fxjs_v8.cpp
@@ -409,8 +409,12 @@ void CFXJS_Engine::InitializeEngine() {
     } else if (pObjDef->m_ObjType == FXJSOBJTYPE_STATIC) {
       v8::Local<v8::String> pObjName = NewString(pObjDef->m_ObjName);
       v8::Local<v8::Object> obj = NewFxDynamicObj(i, true);
-      v8Context->Global()->Set(v8Context, pObjName, obj).FromJust();
-      m_StaticObjects[i] = new v8::Global<v8::Object>(m_isolate, obj);
+      if (!obj.IsEmpty()) {
+        v8Context->Global()->Set(v8Context, pObjName, obj).FromJust();
+        m_StaticObjects[i] = new v8::Global<v8::Object>(m_isolate, obj);
+      } else {
+        m_StaticObjects[i] = nullptr;
+      }
     }
   }
   m_V8PersistentContext.Reset(m_isolate, v8Context);
diff --git a/fxjs/fxjs_v8_embeddertest.cpp b/fxjs/fxjs_v8_embeddertest.cpp
index 4d05a20bf9..5a8ee63bea 100644
--- a/fxjs/fxjs_v8_embeddertest.cpp
+++ b/fxjs/fxjs_v8_embeddertest.cpp
@@ -192,6 +192,7 @@ TEST_F(FXJSV8EmbedderTest, NewObject) {
   v8::Context::Scope context_scope(GetV8Context());
 
   auto object = engine()->NewFxDynamicObj(-1);
+  ASSERT_FALSE(object.IsEmpty());
   EXPECT_EQ(0u, engine()->GetObjectPropertyNames(object).size());
   EXPECT_FALSE(engine()->GetObjectProperty(object, L"clams").IsEmpty());
   EXPECT_TRUE(engine()->GetObjectProperty(object, L"clams")->IsUndefined());