From 59790cef1a09565e8b6799141cf45455ef2dc752 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Thu, 1 Feb 2018 22:06:21 +0000 Subject: Make CFXJSE-created contexts refer to their CFXJS counteparts. Bug: 773229 Change-Id: Ic3774c7f6abe3a195bbe09b91d91c549d4d7ac46 Reviewed-on: https://pdfium-review.googlesource.com/25110 Reviewed-by: dsinclair Commit-Queue: Tom Sepez --- fpdfsdk/fpdfview_embeddertest.cpp | 4 ++ fxjs/cfxjse_context.cpp | 10 ++++- fxjs/cfxjse_context.h | 2 + fxjs/cfxjse_engine.cpp | 3 +- fxjs/cfxjse_formcalc_context.cpp | 2 +- testing/resources/bug_773229.pdf | 78 +++++++++++++++++++++++++++++++++++++++ 6 files changed, 96 insertions(+), 3 deletions(-) create mode 100644 testing/resources/bug_773229.pdf diff --git a/fpdfsdk/fpdfview_embeddertest.cpp b/fpdfsdk/fpdfview_embeddertest.cpp index cca77c9031..47d02235ef 100644 --- a/fpdfsdk/fpdfview_embeddertest.cpp +++ b/fpdfsdk/fpdfview_embeddertest.cpp @@ -347,6 +347,10 @@ TEST_F(FPDFViewEmbeddertest, Hang_298) { EXPECT_FALSE(OpenDocument("bug_298.pdf")); } +TEST_F(FPDFViewEmbeddertest, Crasher_773229) { + EXPECT_TRUE(OpenDocument("bug_773229.pdf")); +} + // Test if the document opens without infinite looping. // Previously this test will hang in a loop inside LoadAllCrossRefV4. After // the fix, LoadAllCrossRefV4 will return false after detecting a cross diff --git a/fxjs/cfxjse_context.cpp b/fxjs/cfxjse_context.cpp index 3ec3b47c14..e2a0540252 100644 --- a/fxjs/cfxjse_context.cpp +++ b/fxjs/cfxjse_context.cpp @@ -10,6 +10,7 @@ #include "fxjs/cfxjse_class.h" #include "fxjs/cfxjse_value.h" +#include "fxjs/fxjs_v8.h" #include "third_party/base/ptr_util.h" namespace { @@ -159,10 +160,12 @@ CFXJSE_HostObject* FXJSE_RetrieveObjectBinding(v8::Local hJSObject, // static std::unique_ptr CFXJSE_Context::Create( v8::Isolate* pIsolate, + CFXJS_Engine* pOptionalEngineToSet, const FXJSE_CLASS_DESCRIPTOR* pGlobalClass, CFXJSE_HostObject* pGlobalObject) { CFXJSE_ScopeUtil_IsolateHandle scope(pIsolate); auto pContext = pdfium::MakeUnique(pIsolate); + v8::Local hObjectTemplate; if (pGlobalClass) { CFXJSE_Class* pGlobalClassObj = @@ -176,18 +179,23 @@ std::unique_ptr CFXJSE_Context::Create( hObjectTemplate = v8::ObjectTemplate::New(pIsolate); hObjectTemplate->SetInternalFieldCount(2); } - hObjectTemplate->Set( v8::Symbol::GetToStringTag(pIsolate), v8::String::NewFromUtf8(pIsolate, "global", v8::NewStringType::kNormal) .ToLocalChecked()); + v8::Local hNewContext = v8::Context::New(pIsolate, nullptr, hObjectTemplate); + v8::Local hRootContext = v8::Local::New( pIsolate, CFXJSE_RuntimeData::Get(pIsolate)->m_hRootContext); hNewContext->SetSecurityToken(hRootContext->GetSecurityToken()); + v8::Local hGlobalObject = GetGlobalObjectFromContext(hNewContext); FXJSE_UpdateObjectBinding(hGlobalObject, pGlobalObject); + if (pOptionalEngineToSet) + CFXJS_Engine::SetEngineInContext(pOptionalEngineToSet, hNewContext); + pContext->m_hContext.Reset(pIsolate, hNewContext); return pContext; } diff --git a/fxjs/cfxjse_context.h b/fxjs/cfxjse_context.h index c6949fc850..0f4c97a0ae 100644 --- a/fxjs/cfxjse_context.h +++ b/fxjs/cfxjse_context.h @@ -13,6 +13,7 @@ #include "fxjs/fxjse.h" #include "v8/include/v8.h" +class CFXJS_Engine; class CFXJSE_Class; class CFXJSE_Value; struct FXJSE_CLASS_DESCRIPTOR; @@ -21,6 +22,7 @@ class CFXJSE_Context { public: static std::unique_ptr Create( v8::Isolate* pIsolate, + CFXJS_Engine* pOptionalEngineToSet, const FXJSE_CLASS_DESCRIPTOR* pGlobalClass, CFXJSE_HostObject* pGlobalObject); diff --git a/fxjs/cfxjse_engine.cpp b/fxjs/cfxjse_engine.cpp index 6b3ea1014d..198e1d5fa8 100644 --- a/fxjs/cfxjse_engine.cpp +++ b/fxjs/cfxjse_engine.cpp @@ -97,6 +97,7 @@ CFXJSE_Engine::CFXJSE_Engine(CXFA_Document* pDocument, : CJS_V8(fxjs_engine->GetIsolate()), m_pDocument(pDocument), m_JsContext(CFXJSE_Context::Create(fxjs_engine->GetIsolate(), + fxjs_engine, &GlobalClassDescriptor, pDocument->GetRoot())), m_pJsClass(nullptr), @@ -431,7 +432,7 @@ CFXJSE_Context* CFXJSE_Engine::CreateVariablesContext(CXFA_Node* pScriptNode, return nullptr; auto pNewContext = - CFXJSE_Context::Create(GetIsolate(), &VariablesClassDescriptor, + CFXJSE_Context::Create(GetIsolate(), nullptr, &VariablesClassDescriptor, new CXFA_ThisProxy(pSubform, pScriptNode)); RemoveBuiltInObjs(pNewContext.get()); pNewContext->EnableCompatibleMode(); diff --git a/fxjs/cfxjse_formcalc_context.cpp b/fxjs/cfxjse_formcalc_context.cpp index c46b9a68dc..3306cd9042 100644 --- a/fxjs/cfxjse_formcalc_context.cpp +++ b/fxjs/cfxjse_formcalc_context.cpp @@ -2834,7 +2834,7 @@ void CFXJSE_FormCalcContext::Eval(CFXJSE_Value* pThis, } std::unique_ptr pNewContext( - CFXJSE_Context::Create(pIsolate, nullptr, nullptr)); + CFXJSE_Context::Create(pIsolate, nullptr, nullptr, nullptr)); auto returnValue = pdfium::MakeUnique(pIsolate); pNewContext->ExecuteScript( diff --git a/testing/resources/bug_773229.pdf b/testing/resources/bug_773229.pdf new file mode 100644 index 0000000000..5f34a1a173 --- /dev/null +++ b/testing/resources/bug_773229.pdf @@ -0,0 +1,78 @@ +%PDF-1.7 +1 0 obj +<< + /Type /Catalog + /Pages 2 0 R + /AcroForm 4 0 R +>> +endobj +2 0 obj +<< + /Type /Pages + /Count 1 + /Kids [3 0 R] +>> +endobj +3 0 obj +<< + /Type /Page + /Parent 2 0 R +>> +endobj +4 0 obj +<< + /XFA [ + (xdp:xdp) 5 0 R + (form) 6 0 R + () 7 0 R + ] +>> +endobj +5 0 obj +<< >> +stream + + +endstream +endobj +6 0 obj +<< >> +stream + + + +endstream +endobj +7 0 obj +<< >> +stream + +endstream +endobj +xref +0 8 +0000000000 65535 f +0000000010 00000 n +0000000094 00000 n +0000000170 00000 n +0000000231 00000 n +0000000350 00000 n +0000000481 00000 n +0000002637 00000 n +trailer +<< + /Root 1 0 R +>> +startxref +2692 +%%EOF \ No newline at end of file -- cgit v1.2.3