From 682118834b3cf2b5510ee676088fdd8f11869e84 Mon Sep 17 00:00:00 2001
From: Lei Zhang <thestig@chromium.org>
Date: Sat, 16 Dec 2017 06:52:48 +0000
Subject: Fix null-dereference in CPDF_ShadingPattern::Load().

BUG=chromium:795490
TBR=hnakashima@chromium.org

Change-Id: Ic9f12c1c709c148f7294ab2aaf65fcc695960835
Reviewed-on: https://pdfium-review.googlesource.com/21530
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
---
 core/fpdfapi/page/cpdf_shadingpattern.cpp | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'core')

diff --git a/core/fpdfapi/page/cpdf_shadingpattern.cpp b/core/fpdfapi/page/cpdf_shadingpattern.cpp
index 585a925ba7..ef40f54182 100644
--- a/core/fpdfapi/page/cpdf_shadingpattern.cpp
+++ b/core/fpdfapi/page/cpdf_shadingpattern.cpp
@@ -89,13 +89,14 @@ bool CPDF_ShadingPattern::Load() {
 
   CPDF_DocPageData* pDocPageData = document()->GetPageData();
   m_pCS = pDocPageData->GetColorSpace(pCSObj, nullptr);
-  // The color space cannot be a Pattern space, according to the PDF 1.7 spec,
-  // page 305.
-  if (m_pCS->GetFamily() == PDFCS_PATTERN)
-    return false;
+  if (m_pCS) {
+    // The color space cannot be a Pattern space, according to the PDF 1.7 spec,
+    // page 305.
+    if (m_pCS->GetFamily() == PDFCS_PATTERN)
+      return false;
 
-  if (m_pCS)
     m_pCountedCS = pDocPageData->FindColorSpacePtr(m_pCS->GetArray());
+  }
 
   m_ShadingType = ToShadingType(pShadingDict->GetIntegerFor("ShadingType"));
 
-- 
cgit v1.2.3