summaryrefslogtreecommitdiff
path: root/xfa/fxfa/fm2js/cxfa_fmexpression.cpp
diff options
context:
space:
mode:
authorRyan Harrison <rharrison@chromium.org>2017-10-25 14:32:14 -0400
committerChromium commit bot <commit-bot@chromium.org>2017-10-25 18:50:23 +0000
commit1e19e25cd10c24f25beddff56b7c4b5fdc5adbcb (patch)
tree0dbc342a37e7d28dbf76a0dc9a10d77fabe5f289 /xfa/fxfa/fm2js/cxfa_fmexpression.cpp
parent8f524d6ff9c5c5e07388438e58aca7dc39f43a1f (diff)
downloadpdfium-1e19e25cd10c24f25beddff56b7c4b5fdc5adbcb.tar.xz
Add in depth check for ToJavascript and related methods
There exists a similar check for the parser, but it doesn't catch all cases of excessive memory usage, since a single parse step can generate multiple expressions that need to be converted or other cases where the parse depth doesn't match the emission depth later. Due to the expressions appearing in two different inheritence hierachies the depth information needs to be stored outside of the classes, thus the new depth class. Another way to handle this would be to change the method calls to take in a visitor object that tracks depth. This would require significant reworking of some of the code, so I am going to file a bug about doing that conversion as a cleanup. BUG=chromium:752495 Change-Id: Ica7c9b60ecf1e17530ea88b7bfb01582c63043be Reviewed-on: https://pdfium-review.googlesource.com/16752 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Diffstat (limited to 'xfa/fxfa/fm2js/cxfa_fmexpression.cpp')
-rw-r--r--xfa/fxfa/fm2js/cxfa_fmexpression.cpp100
1 files changed, 95 insertions, 5 deletions
diff --git a/xfa/fxfa/fm2js/cxfa_fmexpression.cpp b/xfa/fxfa/fm2js/cxfa_fmexpression.cpp
index a1bbb50271..e8ab35ea67 100644
--- a/xfa/fxfa/fm2js/cxfa_fmexpression.cpp
+++ b/xfa/fxfa/fm2js/cxfa_fmexpression.cpp
@@ -9,6 +9,7 @@
#include <utility>
#include "core/fxcrt/cfx_widetextbuf.h"
+#include "xfa/fxfa/fm2js/cxfa_fmtojavascriptdepth.h"
namespace {
@@ -30,11 +31,13 @@ CXFA_FMExpression::CXFA_FMExpression(uint32_t line, XFA_FM_EXPTYPE type)
: m_type(type), m_line(line) {}
bool CXFA_FMExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
- return true;
+ CXFA_FMToJavaScriptDepth depthManager;
+ return depthManager.IsWithinMaxDepth();
}
bool CXFA_FMExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
- return true;
+ CXFA_FMToJavaScriptDepth depthManager;
+ return depthManager.IsWithinMaxDepth();
}
CXFA_FMFunctionDefinition::CXFA_FMFunctionDefinition(
@@ -52,6 +55,10 @@ CXFA_FMFunctionDefinition::CXFA_FMFunctionDefinition(
CXFA_FMFunctionDefinition::~CXFA_FMFunctionDefinition() {}
bool CXFA_FMFunctionDefinition::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
if (m_isGlobal && m_pExpressions.empty()) {
javascript << L"// comments only";
return true;
@@ -111,7 +118,8 @@ bool CXFA_FMFunctionDefinition::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMFunctionDefinition::ToImpliedReturnJS(CFX_WideTextBuf&) {
- return true;
+ CXFA_FMToJavaScriptDepth depthManager;
+ return depthManager.IsWithinMaxDepth();
}
CXFA_FMVarExpression::CXFA_FMVarExpression(
@@ -125,6 +133,10 @@ CXFA_FMVarExpression::CXFA_FMVarExpression(
CXFA_FMVarExpression::~CXFA_FMVarExpression() {}
bool CXFA_FMVarExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"var ";
WideString tempName(m_wsName);
if (m_wsName[0] == L'!') {
@@ -149,6 +161,10 @@ bool CXFA_FMVarExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMVarExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"var ";
WideString tempName(m_wsName);
if (m_wsName[0] == L'!') {
@@ -185,6 +201,10 @@ CXFA_FMExpExpression::CXFA_FMExpExpression(
CXFA_FMExpExpression::~CXFA_FMExpExpression() {}
bool CXFA_FMExpExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
bool ret = m_pExpression->ToJavaScript(javascript);
if (m_pExpression->GetOperatorToken() != TOKassign)
javascript << L";\n";
@@ -192,6 +212,10 @@ bool CXFA_FMExpExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMExpExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
if (m_pExpression->GetOperatorToken() == TOKassign)
return m_pExpression->ToImpliedReturnJS(javascript);
@@ -227,6 +251,10 @@ CXFA_FMBlockExpression::CXFA_FMBlockExpression(
CXFA_FMBlockExpression::~CXFA_FMBlockExpression() {}
bool CXFA_FMBlockExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"{\n";
for (const auto& expr : m_ExpressionList) {
if (!expr->ToJavaScript(javascript) || CFXA_IsTooBig(javascript))
@@ -237,6 +265,10 @@ bool CXFA_FMBlockExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMBlockExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"{\n";
for (const auto& expr : m_ExpressionList) {
bool ret;
@@ -259,10 +291,18 @@ CXFA_FMDoExpression::CXFA_FMDoExpression(
CXFA_FMDoExpression::~CXFA_FMDoExpression() {}
bool CXFA_FMDoExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
return m_pList->ToJavaScript(javascript);
}
bool CXFA_FMDoExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
return m_pList->ToImpliedReturnJS(javascript);
}
@@ -279,6 +319,10 @@ CXFA_FMIfExpression::CXFA_FMIfExpression(
CXFA_FMIfExpression::~CXFA_FMIfExpression() {}
bool CXFA_FMIfExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"if (";
if (m_pExpression) {
javascript << XFA_FM_EXPTypeToString(GETFMVALUE);
@@ -315,6 +359,10 @@ bool CXFA_FMIfExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMIfExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"if (";
@@ -354,11 +402,13 @@ bool CXFA_FMIfExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
CXFA_FMLoopExpression::~CXFA_FMLoopExpression() {}
bool CXFA_FMLoopExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
- return true;
+ CXFA_FMToJavaScriptDepth depthManager;
+ return depthManager.IsWithinMaxDepth();
}
bool CXFA_FMLoopExpression::ToImpliedReturnJS(CFX_WideTextBuf&) {
- return true;
+ CXFA_FMToJavaScriptDepth depthManager;
+ return depthManager.IsWithinMaxDepth();
}
CXFA_FMWhileExpression::CXFA_FMWhileExpression(
@@ -372,6 +422,10 @@ CXFA_FMWhileExpression::CXFA_FMWhileExpression(
CXFA_FMWhileExpression::~CXFA_FMWhileExpression() {}
bool CXFA_FMWhileExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"while (";
if (!m_pCondition->ToJavaScript(javascript))
return false;
@@ -385,6 +439,10 @@ bool CXFA_FMWhileExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMWhileExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"while (";
@@ -405,6 +463,10 @@ CXFA_FMBreakExpression::CXFA_FMBreakExpression(uint32_t line)
CXFA_FMBreakExpression::~CXFA_FMBreakExpression() {}
bool CXFA_FMBreakExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"break;\n";
@@ -412,6 +474,10 @@ bool CXFA_FMBreakExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMBreakExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"break;\n";
@@ -424,6 +490,10 @@ CXFA_FMContinueExpression::CXFA_FMContinueExpression(uint32_t line)
CXFA_FMContinueExpression::~CXFA_FMContinueExpression() {}
bool CXFA_FMContinueExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"continue;\n";
@@ -431,6 +501,10 @@ bool CXFA_FMContinueExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMContinueExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"continue;\n";
@@ -456,6 +530,10 @@ CXFA_FMForExpression::CXFA_FMForExpression(
CXFA_FMForExpression::~CXFA_FMForExpression() {}
bool CXFA_FMForExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"{\nvar ";
WideString tempVariant;
if (m_wsVariant[0] == L'!') {
@@ -509,6 +587,10 @@ bool CXFA_FMForExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMForExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"{\nvar ";
@@ -577,6 +659,10 @@ CXFA_FMForeachExpression::CXFA_FMForeachExpression(
CXFA_FMForeachExpression::~CXFA_FMForeachExpression() {}
bool CXFA_FMForeachExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << L"{\n";
javascript << L"var ";
if (m_wsIdentifier[0] == L'!') {
@@ -632,6 +718,10 @@ bool CXFA_FMForeachExpression::ToJavaScript(CFX_WideTextBuf& javascript) {
}
bool CXFA_FMForeachExpression::ToImpliedReturnJS(CFX_WideTextBuf& javascript) {
+ CXFA_FMToJavaScriptDepth depthManager;
+ if (!depthManager.IsWithinMaxDepth())
+ return false;
+
javascript << RUNTIMEFUNCTIONRETURNVALUE;
javascript << L" = 0;\n";
javascript << L"{\n";