summaryrefslogtreecommitdiff
path: root/xfa/fde/css/fde_cssdeclaration.cpp
diff options
context:
space:
mode:
authornpm <npm@chromium.org>2016-11-28 12:49:29 -0800
committerCommit bot <commit-bot@chromium.org>2016-11-28 12:49:29 -0800
commit239915200225fea4c5a02e9630044ef13fccb66d (patch)
treefe761ea15a77754bae4cb813e3f33392a523e3c2 /xfa/fde/css/fde_cssdeclaration.cpp
parenteb9625c04876c45862fb30e48a4fd6d5998db0e9 (diff)
downloadpdfium-239915200225fea4c5a02e9630044ef13fccb66d.tar.xz
Fix crash in CFDE_CSSSyntaxParser when parsing empty url
When parsing "url('')", Subtract() should be called to correctly set m_iDatLen. But iLength will be 0 because there is no url. So I changed the ASSERT. Also replaced some non-const refs with pointers to make the code more readable. BUG=659509 Review-Url: https://codereview.chromium.org/2535663003
Diffstat (limited to 'xfa/fde/css/fde_cssdeclaration.cpp')
-rw-r--r--xfa/fde/css/fde_cssdeclaration.cpp18
1 files changed, 10 insertions, 8 deletions
diff --git a/xfa/fde/css/fde_cssdeclaration.cpp b/xfa/fde/css/fde_cssdeclaration.cpp
index 2196d6bd91..f6af900042 100644
--- a/xfa/fde/css/fde_cssdeclaration.cpp
+++ b/xfa/fde/css/fde_cssdeclaration.cpp
@@ -301,33 +301,35 @@ IFDE_CSSValue* CFDE_CSSDeclaration::ParseColor(const FDE_CSSPROPERTYARGS* pArgs,
}
return FXTARGET_NewWith(pArgs->pStaticStore) CFDE_CSSPrimitiveValue(dwColor);
}
+
IFDE_CSSValue* CFDE_CSSDeclaration::ParseURI(const FDE_CSSPROPERTYARGS* pArgs,
const FX_WCHAR* pszValue,
int32_t iValueLen) {
int32_t iOffset;
- if (!FDE_ParseCSSURI(pszValue, iValueLen, iOffset, iValueLen)) {
+ if (!FDE_ParseCSSURI(pszValue, &iOffset, &iValueLen))
return nullptr;
- }
- if (iValueLen <= 0) {
+
+ if (iValueLen <= 0)
return nullptr;
- }
+
pszValue = CopyToLocal(pArgs, pszValue + iOffset, iValueLen);
return pszValue
? FXTARGET_NewWith(pArgs->pStaticStore)
CFDE_CSSPrimitiveValue(FDE_CSSPRIMITIVETYPE_URI, pszValue)
: nullptr;
}
+
IFDE_CSSValue* CFDE_CSSDeclaration::ParseString(
const FDE_CSSPROPERTYARGS* pArgs,
const FX_WCHAR* pszValue,
int32_t iValueLen) {
int32_t iOffset;
- if (!FDE_ParseCSSString(pszValue, iValueLen, iOffset, iValueLen)) {
+ if (!FDE_ParseCSSString(pszValue, iValueLen, &iOffset, &iValueLen))
return nullptr;
- }
- if (iValueLen <= 0) {
+
+ if (iValueLen <= 0)
return nullptr;
- }
+
pszValue = CopyToLocal(pArgs, pszValue + iOffset, iValueLen);
return pszValue
? FXTARGET_NewWith(pArgs->pStaticStore)