From dd019e9e8144636c75111565af5b120cf9c0ef9b Mon Sep 17 00:00:00 2001 From: Dan Sinclair Date: Tue, 20 Feb 2018 15:52:31 +0000 Subject: Tighten up assignment instructions in formcalc. The assignment operator can not be chained. This Cl removes the while loop for assignments and changes it to an if(). We also can not have an assignment inside ()'s so remove that option. Bug: chromium:779349 Change-Id: I6934e18815f843ae8241023df6c03d8bbcd8168d Reviewed-on: https://pdfium-review.googlesource.com/27350 Commit-Queue: Ryan Harrison Reviewed-by: Ryan Harrison --- xfa/fxfa/fm2js/cxfa_fmexpression.cpp | 2 +- xfa/fxfa/fm2js/cxfa_fmexpression.h | 4 ++-- xfa/fxfa/fm2js/cxfa_fmparser.cpp | 36 +++++++------------------------ xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp | 8 +++++++ 4 files changed, 19 insertions(+), 31 deletions(-) diff --git a/xfa/fxfa/fm2js/cxfa_fmexpression.cpp b/xfa/fxfa/fm2js/cxfa_fmexpression.cpp index ae6cdb44d0..a9701f12ce 100644 --- a/xfa/fxfa/fm2js/cxfa_fmexpression.cpp +++ b/xfa/fxfa/fm2js/cxfa_fmexpression.cpp @@ -106,7 +106,7 @@ bool CXFA_FMFunctionDefinition::ToJavaScript(CFX_WideTextBuf& js, CXFA_FMVarExpression::CXFA_FMVarExpression( uint32_t line, const WideStringView& wsName, - std::unique_ptr pInit) + std::unique_ptr pInit) : CXFA_FMExpression(line, XFA_FM_EXPTYPE_VAR), m_wsName(wsName), m_pInit(std::move(pInit)) {} diff --git a/xfa/fxfa/fm2js/cxfa_fmexpression.h b/xfa/fxfa/fm2js/cxfa_fmexpression.h index 28f82aaedd..af8175a700 100644 --- a/xfa/fxfa/fm2js/cxfa_fmexpression.h +++ b/xfa/fxfa/fm2js/cxfa_fmexpression.h @@ -65,14 +65,14 @@ class CXFA_FMVarExpression : public CXFA_FMExpression { public: CXFA_FMVarExpression(uint32_t line, const WideStringView& wsName, - std::unique_ptr pInit); + std::unique_ptr pInit); ~CXFA_FMVarExpression() override; bool ToJavaScript(CFX_WideTextBuf& javascript, ReturnType type) override; private: WideStringView m_wsName; - std::unique_ptr m_pInit; + std::unique_ptr m_pInit; }; class CXFA_FMExpExpression : public CXFA_FMExpression { diff --git a/xfa/fxfa/fm2js/cxfa_fmparser.cpp b/xfa/fxfa/fm2js/cxfa_fmparser.cpp index 8baa59fb25..7add9888f8 100644 --- a/xfa/fxfa/fm2js/cxfa_fmparser.cpp +++ b/xfa/fxfa/fm2js/cxfa_fmparser.cpp @@ -15,7 +15,6 @@ namespace { -constexpr unsigned int kMaxAssignmentChainLength = 12; constexpr unsigned int kMaxParseDepth = 1250; constexpr unsigned int kMaxPostExpressions = 16384; @@ -223,12 +222,12 @@ std::unique_ptr CXFA_FMParser::ParseDeclarationExpression() { if (!NextToken()) return nullptr; - std::unique_ptr expr; + std::unique_ptr expr; if (m_token.m_type == TOKassign) { if (!NextToken()) return nullptr; - expr = ParseExpExpression(); + expr = ParseSimpleExpression(); if (!expr) return nullptr; } @@ -253,17 +252,15 @@ std::unique_ptr CXFA_FMParser::ParseExpExpression() { std::unique_ptr pExp1 = ParseSimpleExpression(); if (!pExp1) return nullptr; - int level = 1; - while (m_token.m_type == TOKassign) { + + if (m_token.m_type == TOKassign) { if (!NextToken()) return nullptr; - std::unique_ptr pExp2 = ParseLogicalOrExpression(); + + std::unique_ptr pExp2 = ParseSimpleExpression(); if (!pExp2) return nullptr; - if (level++ == kMaxAssignmentChainLength) { - m_error = true; - return nullptr; - } + pExp1 = pdfium::MakeUnique( line, TOKassign, std::move(pExp1), std::move(pExp2)); } @@ -913,27 +910,10 @@ std::unique_ptr CXFA_FMParser::ParseParenExpression() { return nullptr; } - uint32_t line = m_lexer->GetCurrentLine(); - std::unique_ptr pExp1 = ParseLogicalOrExpression(); + std::unique_ptr pExp1 = ParseSimpleExpression(); if (!pExp1) return nullptr; - int level = 1; - while (m_token.m_type == TOKassign) { - if (!NextToken()) - return nullptr; - - std::unique_ptr pExp2 = ParseLogicalOrExpression(); - if (!pExp2) - return nullptr; - if (level++ == kMaxAssignmentChainLength) { - m_error = true; - return nullptr; - } - - pExp1 = pdfium::MakeUnique( - line, TOKassign, std::move(pExp1), std::move(pExp2)); - } if (!CheckThenNext(TOKrparen)) return nullptr; return pExp1; diff --git a/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp b/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp index 233fb8633b..cff98531bd 100644 --- a/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp +++ b/xfa/fxfa/fm2js/cxfa_fmparser_unittest.cpp @@ -129,3 +129,11 @@ TEST(CFXA_FMParserTest, chromium752201) { EXPECT_EQ(nullptr, parser->Parse()); EXPECT_TRUE(parser->HasError()); } + +TEST(CXFA_FMParserTest, MultipleAssignmentIsNotAllowed) { + auto parser = pdfium::MakeUnique(L"(a=(b=t))=u"); + + std::unique_ptr ast = parser->Parse(); + ASSERT(ast == nullptr); + EXPECT_TRUE(parser->HasError()); +} -- cgit v1.2.3