From 9d784c291714b703b16185e69860a3797de85b6c Mon Sep 17 00:00:00 2001
From: Henrique Nakashima <hnakashima@chromium.org>
Date: Thu, 20 Sep 2018 21:32:36 +0000
Subject: Make potentially dangerous Actions require a user click.

URI and SubmitForm actions are only handled if the event was
ButtonUp or ButtonDown.

Bug: 851821
Change-Id: If6eb0ff44f6d62ac6df50b552c0bdc582885ab5d
Reviewed-on: https://pdfium-review.googlesource.com/42731
Commit-Queue: Henrique Nakashima <hnakashima@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
---
 core/fpdfdoc/cpdf_aaction.cpp | 16 ++++++++++++++--
 core/fpdfdoc/cpdf_aaction.h   |  3 +++
 2 files changed, 17 insertions(+), 2 deletions(-)

(limited to 'core')

diff --git a/core/fpdfdoc/cpdf_aaction.cpp b/core/fpdfdoc/cpdf_aaction.cpp
index 9a95340114..8d954697b4 100644
--- a/core/fpdfdoc/cpdf_aaction.cpp
+++ b/core/fpdfdoc/cpdf_aaction.cpp
@@ -32,8 +32,9 @@ constexpr const char* g_sAATypes[] = {
     "DP",  // DocumentPrinted
 };
 
-// |g_sAATypes| should have as many elements as enum AActionType.
-static_assert(FX_ArraySize(g_sAATypes) == CPDF_AAction::NumberOfActions,
+// |g_sAATypes| should have one less element than enum AActionType due to
+// DocumentOpen, which is an artificial type.
+static_assert(FX_ArraySize(g_sAATypes) == CPDF_AAction::NumberOfActions - 1,
               "g_sAATypes count mismatch");
 
 }  // namespace
@@ -52,3 +53,14 @@ CPDF_Action CPDF_AAction::GetAction(AActionType eType) const {
   return CPDF_Action(m_pDict ? m_pDict->GetDictFor(g_sAATypes[eType])
                              : nullptr);
 }
+
+// static
+bool CPDF_AAction::IsUserClick(AActionType eType) {
+  switch (eType) {
+    case ButtonUp:
+    case ButtonDown:
+      return true;
+    default:
+      return false;
+  }
+}
diff --git a/core/fpdfdoc/cpdf_aaction.h b/core/fpdfdoc/cpdf_aaction.h
index 11eca01f8f..90049f5ac4 100644
--- a/core/fpdfdoc/cpdf_aaction.h
+++ b/core/fpdfdoc/cpdf_aaction.h
@@ -35,6 +35,7 @@ class CPDF_AAction {
     DocumentSaved,
     PrintDocument,
     DocumentPrinted,
+    DocumentOpen,
     NumberOfActions  // Must be last.
   };
 
@@ -46,6 +47,8 @@ class CPDF_AAction {
   CPDF_Action GetAction(AActionType eType) const;
   const CPDF_Dictionary* GetDict() const { return m_pDict.Get(); }
 
+  static bool IsUserClick(AActionType eType);
+
  private:
   UnownedPtr<const CPDF_Dictionary> const m_pDict;
 };
-- 
cgit v1.2.3