From 1ed2ceb70476b135a3dedbb45549d6b3bc6ecdea Mon Sep 17 00:00:00 2001 From: Jun Fang Date: Thu, 9 Apr 2015 09:59:41 -0700 Subject: Fix a global buffer overflow in GCPDF_CIDFont::_CharCodeFromUnicode There is not a code page (CP) used for converting unicode to mutli-bytes if the coding scheme is CID coding. Only return 0 if CID can't be retrieved. The difference on Windows and other platforms should be the function used for converting rather than others. BUG=466790 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1074653002 --- core/src/fpdfapi/fpdf_font/fpdf_font_cid.cpp | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'core') diff --git a/core/src/fpdfapi/fpdf_font/fpdf_font_cid.cpp b/core/src/fpdfapi/fpdf_font/fpdf_font_cid.cpp index cbfa19d084..1ce91f9ed6 100644 --- a/core/src/fpdfapi/fpdf_font/fpdf_font_cid.cpp +++ b/core/src/fpdfapi/fpdf_font/fpdf_font_cid.cpp @@ -830,6 +830,12 @@ FX_DWORD CPDF_CIDFont::_CharCodeFromUnicode(FX_WCHAR unicode) const break; } } + + if (unicode < 0x80) { + return static_cast(unicode); + } else if (m_pCMap->m_Coding == CIDCODING_CID) { + return 0; + } #if _FXM_PLATFORM_ == _FXM_PLATFORM_WINDOWS_ FX_BYTE buffer[32]; int ret = FXSYS_WideCharToMultiByte(g_CharsetCPs[m_pCMap->m_Coding], 0, &unicode, 1, (char*)buffer, 4, NULL, NULL); @@ -840,15 +846,10 @@ FX_DWORD CPDF_CIDFont::_CharCodeFromUnicode(FX_WCHAR unicode) const } return 0; #endif - if (unicode < 0x80) { - return (FX_DWORD)unicode; - } else { - if (m_pCMap->m_pEmbedMap) { - return _EmbeddedCharcodeFromUnicode(m_pCMap->m_pEmbedMap, m_pCMap->m_Charset, unicode); - } else { - return 0; - } + if (m_pCMap->m_pEmbedMap) { + return _EmbeddedCharcodeFromUnicode(m_pCMap->m_pEmbedMap, m_pCMap->m_Charset, unicode); } + return 0; } static void FT_UseCIDCharmap(FXFT_Face face, int coding) { -- cgit v1.2.3