From 91f443f4f3b9682959435a5417b48975729b9338 Mon Sep 17 00:00:00 2001 From: Lei Zhang Date: Wed, 23 Aug 2017 22:59:11 -0700 Subject: Move replaced indirect objects to the orphans list. ReplaceIndirectObjectIfHigherGeneration() deletes replaced objects, but those objects may be in use. So move them to the orphans list instead to avoid potential dangling pointers. BUG=chromium:757705 Change-Id: Ide83a1b85b754166d298fd50e655ca331ba4f942 Reviewed-on: https://pdfium-review.googlesource.com/11670 Reviewed-by: Art Snake Reviewed-by: dsinclair Commit-Queue: Lei Zhang --- core/fpdfapi/parser/cpdf_indirect_object_holder.cpp | 1 + core/fpdfapi/parser/cpdf_parser_embeddertest.cpp | 4 ++++ testing/resources/bug_757705.pdf | Bin 0 -> 1564 bytes 3 files changed, 5 insertions(+) create mode 100644 testing/resources/bug_757705.pdf diff --git a/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp b/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp index 3037d0b9b5..93795b62be 100644 --- a/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp +++ b/core/fpdfapi/parser/cpdf_indirect_object_holder.cpp @@ -75,6 +75,7 @@ bool CPDF_IndirectObjectHolder::ReplaceIndirectObjectIfHigherGeneration( return false; pObj->m_ObjNum = objnum; + m_OrphanObjs.push_back(std::move(m_IndirectObjs[objnum])); m_IndirectObjs[objnum] = std::move(pObj); m_LastObjNum = std::max(m_LastObjNum, objnum); return true; diff --git a/core/fpdfapi/parser/cpdf_parser_embeddertest.cpp b/core/fpdfapi/parser/cpdf_parser_embeddertest.cpp index fa3a76a4c4..99bc2c2d42 100644 --- a/core/fpdfapi/parser/cpdf_parser_embeddertest.cpp +++ b/core/fpdfapi/parser/cpdf_parser_embeddertest.cpp @@ -53,3 +53,7 @@ TEST_F(CPDFParserEmbeddertest, Bug_602650) { FPDFText_ClosePage(text_page); UnloadPage(page); } + +TEST_F(CPDFParserEmbeddertest, Bug_757705) { + EXPECT_TRUE(OpenDocument("bug_757705.pdf")); +} diff --git a/testing/resources/bug_757705.pdf b/testing/resources/bug_757705.pdf new file mode 100644 index 0000000000..ef7d96e678 Binary files /dev/null and b/testing/resources/bug_757705.pdf differ -- cgit v1.2.3