diff options
| -rw-r--r-- | xfa/fxfa/fm2js/cxfa_fmexpression.cpp | 2 | ||||
| -rw-r--r-- | xfa/fxfa/fm2js/cxfa_fmexpression.h | 4 | ||||
| -rw-r--r-- | xfa/fxfa/fm2js/cxfa_fmparser.cpp | 36 | ||||
| -rw-r--r-- | xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp | 8 |
4 files changed, 19 insertions, 31 deletions
diff --git a/xfa/fxfa/fm2js/cxfa_fmexpression.cpp b/xfa/fxfa/fm2js/cxfa_fmexpression.cpp index ae6cdb44d0..a9701f12ce 100644 --- a/xfa/fxfa/fm2js/cxfa_fmexpression.cpp +++ b/xfa/fxfa/fm2js/cxfa_fmexpression.cpp @@ -106,7 +106,7 @@ bool CXFA_FMFunctionDefinition::ToJavaScript(CFX_WideTextBuf& js, CXFA_FMVarExpression::CXFA_FMVarExpression( uint32_t line, const WideStringView& wsName, - std::unique_ptr<CXFA_FMExpression> pInit) + std::unique_ptr<CXFA_FMSimpleExpression> pInit) : CXFA_FMExpression(line, XFA_FM_EXPTYPE_VAR), m_wsName(wsName), m_pInit(std::move(pInit)) {} diff --git a/xfa/fxfa/fm2js/cxfa_fmexpression.h b/xfa/fxfa/fm2js/cxfa_fmexpression.h index 28f82aaedd..af8175a700 100644 --- a/xfa/fxfa/fm2js/cxfa_fmexpression.h +++ b/xfa/fxfa/fm2js/cxfa_fmexpression.h @@ -65,14 +65,14 @@ class CXFA_FMVarExpression : public CXFA_FMExpression { public: CXFA_FMVarExpression(uint32_t line, const WideStringView& wsName, - std::unique_ptr<CXFA_FMExpression> pInit); + std::unique_ptr<CXFA_FMSimpleExpression> pInit); ~CXFA_FMVarExpression() override; bool ToJavaScript(CFX_WideTextBuf& javascript, ReturnType type) override; private: WideStringView m_wsName; - std::unique_ptr<CXFA_FMExpression> m_pInit; + std::unique_ptr<CXFA_FMSimpleExpression> m_pInit; }; class CXFA_FMExpExpression : public CXFA_FMExpression { diff --git a/xfa/fxfa/fm2js/cxfa_fmparser.cpp b/xfa/fxfa/fm2js/cxfa_fmparser.cpp index 8baa59fb25..7add9888f8 100644 --- a/xfa/fxfa/fm2js/cxfa_fmparser.cpp +++ b/xfa/fxfa/fm2js/cxfa_fmparser.cpp @@ -15,7 +15,6 @@ namespace { -constexpr unsigned int kMaxAssignmentChainLength = 12; constexpr unsigned int kMaxParseDepth = 1250; constexpr unsigned int kMaxPostExpressions = 16384; @@ -223,12 +222,12 @@ std::unique_ptr<CXFA_FMExpression> CXFA_FMParser::ParseDeclarationExpression() { if (!NextToken()) return nullptr; - std::unique_ptr<CXFA_FMExpression> expr; + std::unique_ptr<CXFA_FMSimpleExpression> expr; if (m_token.m_type == TOKassign) { if (!NextToken()) return nullptr; - expr = ParseExpExpression(); + expr = ParseSimpleExpression(); if (!expr) return nullptr; } @@ -253,17 +252,15 @@ std::unique_ptr<CXFA_FMExpression> CXFA_FMParser::ParseExpExpression() { std::unique_ptr<CXFA_FMSimpleExpression> pExp1 = ParseSimpleExpression(); if (!pExp1) return nullptr; - int level = 1; - while (m_token.m_type == TOKassign) { + + if (m_token.m_type == TOKassign) { if (!NextToken()) return nullptr; - std::unique_ptr<CXFA_FMSimpleExpression> pExp2 = ParseLogicalOrExpression(); + + std::unique_ptr<CXFA_FMSimpleExpression> pExp2 = ParseSimpleExpression(); if (!pExp2) return nullptr; - if (level++ == kMaxAssignmentChainLength) { - m_error = true; - return nullptr; - } + pExp1 = pdfium::MakeUnique<CXFA_FMAssignExpression>( line, TOKassign, std::move(pExp1), std::move(pExp2)); } @@ -913,27 +910,10 @@ std::unique_ptr<CXFA_FMSimpleExpression> CXFA_FMParser::ParseParenExpression() { return nullptr; } - uint32_t line = m_lexer->GetCurrentLine(); - std::unique_ptr<CXFA_FMSimpleExpression> pExp1 = ParseLogicalOrExpression(); + std::unique_ptr<CXFA_FMSimpleExpression> pExp1 = ParseSimpleExpression(); if (!pExp1) return nullptr; - int level = 1; - while (m_token.m_type == TOKassign) { - if (!NextToken()) - return nullptr; - - std::unique_ptr<CXFA_FMSimpleExpression> pExp2 = ParseLogicalOrExpression(); - if (!pExp2) - return nullptr; - if (level++ == kMaxAssignmentChainLength) { - m_error = true; - return nullptr; - } - - pExp1 = pdfium::MakeUnique<CXFA_FMAssignExpression>( - line, TOKassign, std::move(pExp1), std::move(pExp2)); - } if (!CheckThenNext(TOKrparen)) return nullptr; return pExp1; diff --git a/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp b/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp index 233fb8633b..cff98531bd 100644 --- a/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp +++ b/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp @@ -129,3 +129,11 @@ TEST(CFXA_FMParserTest, chromium752201) { EXPECT_EQ(nullptr, parser->Parse()); EXPECT_TRUE(parser->HasError()); } + +TEST(CXFA_FMParserTest, MultipleAssignmentIsNotAllowed) { + auto parser = pdfium::MakeUnique<CXFA_FMParser>(L"(a=(b=t))=u"); + + std::unique_ptr<CXFA_FMFunctionDefinition> ast = parser->Parse(); + ASSERT(ast == nullptr); + EXPECT_TRUE(parser->HasError()); +} |