From 2896cfaff519136d7d770ca048b448e6b3ad9324 Mon Sep 17 00:00:00 2001 From: Dan Sinclair Date: Mon, 5 Feb 2018 17:59:49 +0000 Subject: [XFA] dot_accessor may not provide a valid object. If the object being accessed through the dot_accessor does not exist it's possible to receive a nullptr in ResolveObject. Instead of ASSERTing just return false and let the caller handle the failure. Bug: chromium::778904 Change-Id: I918c1c5dcb23b86082793c5037d58e0ab043559e Reviewed-on: https://pdfium-review.googlesource.com/25350 Reviewed-by: Henrique Nakashima Reviewed-by: Ryan Harrison Commit-Queue: Ryan Harrison --- fxjs/cfxjse_formcalc_context.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fxjs/cfxjse_formcalc_context.cpp b/fxjs/cfxjse_formcalc_context.cpp index 3306cd9042..9f0664cacc 100644 --- a/fxjs/cfxjse_formcalc_context.cpp +++ b/fxjs/cfxjse_formcalc_context.cpp @@ -5944,7 +5944,9 @@ bool CFXJSE_FormCalcContext::ResolveObjects(CFXJSE_Value* pThis, dFlags = XFA_RESOLVENODE_Siblings | XFA_RESOLVENODE_Parent; } else { pNode = CFXJSE_Engine::ToObject(pRefValue, nullptr); - ASSERT(pNode); + if (!pNode) + return false; + if (bHasNoResolveName) { WideString wsName; if (CXFA_Node* pXFANode = pNode->AsNode()) { -- cgit v1.2.3