From e420d9c1d2ef35c862bf149ae37e6e59287c30b5 Mon Sep 17 00:00:00 2001 From: Ryan Harrison Date: Mon, 11 Sep 2017 15:59:02 -0400 Subject: Add guard against reading more then expected from the page This really shouldn't ever happen, but there used to be this guard in this code and I am getting reports of crashes after it was removed. I have added an assert, so hopefully if it is actually occuring, then we might get a reproduction case based on a debug build crash. BUG=chromium:763369 Change-Id: Ifaebfbcb0413a1d7777222ba838aaee234f94ae3 Reviewed-on: https://pdfium-review.googlesource.com/13691 Reviewed-by: Tom Sepez Commit-Queue: Ryan Harrison --- fpdfsdk/fpdftext.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fpdfsdk/fpdftext.cpp b/fpdfsdk/fpdftext.cpp index 6a030b8ebd..ee4354735e 100644 --- a/fpdfsdk/fpdftext.cpp +++ b/fpdfsdk/fpdftext.cpp @@ -175,6 +175,10 @@ FPDF_EXPORT int FPDF_CALLCONV FPDFText_GetText(FPDF_TEXTPAGE text_page, if (str.GetLength() <= 0) return 0; + ASSERT(str.GetLength() <= static_cast(count)); + if (str.GetLength() > static_cast(count)) + str = str.Left(static_cast(count)); + // UFT16LE_Encode doesn't handle surrogate pairs properly, so it is expected // the number of items to stay the same. CFX_ByteString cbUTF16str = str.UTF16LE_Encode(); -- cgit v1.2.3