From dd002931a16a99b0c6e6ae7b6cba9d4dafb27e18 Mon Sep 17 00:00:00 2001 From: Henrique Nakashima Date: Tue, 10 Oct 2017 10:46:15 -0400 Subject: Fix crash when offset > file_size_ in cpdf_read_validator.cpp. Reinstating a check that was lost in https://pdfium-review.googlesource.com/c/pdfium/+/15270 Change-Id: Ic0a7fee71aff605127d7e3789cc54b7ddfb9e399 Reviewed-on: https://pdfium-review.googlesource.com/15631 Commit-Queue: Henrique Nakashima Reviewed-by: Tom Sepez --- core/fpdfapi/parser/cpdf_read_validator.cpp | 3 +++ core/fpdfapi/parser/cpdf_read_validator_unittest.cpp | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/core/fpdfapi/parser/cpdf_read_validator.cpp b/core/fpdfapi/parser/cpdf_read_validator.cpp index 2363f851ec..d850561bd3 100644 --- a/core/fpdfapi/parser/cpdf_read_validator.cpp +++ b/core/fpdfapi/parser/cpdf_read_validator.cpp @@ -125,6 +125,9 @@ bool CPDF_ReadValidator::IsWholeFileAvailable() { bool CPDF_ReadValidator::CheckDataRangeAndRequestIfUnavailable( FX_FILESIZE offset, size_t size) { + if (offset > file_size_) + return true; + FX_SAFE_FILESIZE end_segment_offset = offset; end_segment_offset += size; // Increase checked range to allow CPDF_SyntaxParser read whole buffer. diff --git a/core/fpdfapi/parser/cpdf_read_validator_unittest.cpp b/core/fpdfapi/parser/cpdf_read_validator_unittest.cpp index 89b7e6b4de..247abaa9f4 100644 --- a/core/fpdfapi/parser/cpdf_read_validator_unittest.cpp +++ b/core/fpdfapi/parser/cpdf_read_validator_unittest.cpp @@ -289,5 +289,13 @@ TEST(CPDF_ReadValidatorTest, CheckDataRangeAndRequestIfUnavailable) { EXPECT_FALSE(validator->read_error()); EXPECT_TRUE(validator->has_unavailable_data()); + validator->ResetErrors(); + // Offset > file size should yield |true| and not cause a fetch. + EXPECT_TRUE( + validator->CheckDataRangeAndRequestIfUnavailable(kTestDataSize + 1, 1)); + // No new request on already available data. + EXPECT_FALSE(validator->read_error()); + EXPECT_FALSE(validator->has_unavailable_data()); + validator->SetDownloadHints(nullptr); } -- cgit v1.2.3