From 761eed284e1248f851fbb23beaa45835b644ecee Mon Sep 17 00:00:00 2001
From: tsepez <tsepez@chromium.org>
Date: Fri, 4 Nov 2016 11:02:59 -0700
Subject: Assert objnum non-zero in ReplaceIndirectObjectIfHigherGeneration()

Removes a path where it might not have taken ownership of an object,
at the expense of making callers check first.  This eases making
the second argument an unique_ptr someday.

Review-Url: https://codereview.chromium.org/2475823002
---
 core/fpdfapi/parser/cfdf_document.cpp               | 3 +++
 core/fpdfapi/parser/cpdf_indirect_object_holder.cpp | 3 ++-
 core/fpdfapi/parser/cpdf_parser.cpp                 | 8 +++++---
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/core/fpdfapi/parser/cfdf_document.cpp b/core/fpdfapi/parser/cfdf_document.cpp
index d39ec31d3c..bcaa9daec3 100644
--- a/core/fpdfapi/parser/cfdf_document.cpp
+++ b/core/fpdfapi/parser/cfdf_document.cpp
@@ -58,6 +58,9 @@ void CFDF_Document::ParseStream(IFX_SeekableReadStream* pFile, bool bOwnFile) {
     CFX_ByteString word = parser.GetNextWord(&bNumber);
     if (bNumber) {
       uint32_t objnum = FXSYS_atoui(word.c_str());
+      if (!objnum)
+        break;
+
       word = parser.GetNextWord(&bNumber);
       if (!bNumber)
         break;
diff --git a/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp b/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp
index 6e549de5a7..9427543396 100644
--- a/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp
+++ b/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp
@@ -56,7 +56,8 @@ uint32_t CPDF_IndirectObjectHolder::AddIndirectObject(CPDF_Object* pObj) {
 bool CPDF_IndirectObjectHolder::ReplaceIndirectObjectIfHigherGeneration(
     uint32_t objnum,
     CPDF_Object* pObj) {
-  if (!objnum || !pObj)
+  ASSERT(objnum);
+  if (!pObj)
     return false;
 
   CPDF_Object* pOldObj = GetIndirectObject(objnum);
diff --git a/core/fpdfapi/parser/cpdf_parser.cpp b/core/fpdfapi/parser/cpdf_parser.cpp
index cff0f77b32..96e59fb62f 100644
--- a/core/fpdfapi/parser/cpdf_parser.cpp
+++ b/core/fpdfapi/parser/cpdf_parser.cpp
@@ -960,14 +960,16 @@ bool CPDF_Parser::LoadCrossRefV5(FX_FILESIZE* pos, bool bMainXRef) {
   if (!pObject)
     return false;
 
-  CPDF_Object* pUnownedObject = pObject.get();
+  uint32_t objnum = pObject->m_ObjNum;
+  if (!objnum)
+    return false;
 
+  CPDF_Object* pUnownedObject = pObject.get();
   if (m_pDocument) {
     CPDF_Dictionary* pRootDict = m_pDocument->GetRoot();
-    if (pRootDict && pRootDict->GetObjNum() == pObject->m_ObjNum)
+    if (pRootDict && pRootDict->GetObjNum() == objnum)
       return false;
     // Takes ownership of object (std::move someday).
-    uint32_t objnum = pObject->m_ObjNum;
     if (!m_pDocument->ReplaceIndirectObjectIfHigherGeneration(
             objnum, pObject.release())) {
       return false;
-- 
cgit v1.2.3