Fix a security issue in FPDF_GetMetaText
authorBo Xu <bo_xu@foxitsoftware.com>
Wed, 28 May 2014 17:21:47 +0000 (10:21 -0700)
committerBo Xu <bo_xu@foxitsoftware.com>
Wed, 28 May 2014 17:21:47 +0000 (10:21 -0700)
BUG=security

Review URL: https://codereview.chromium.org/307653002

fpdfsdk/src/fpdfdoc.cpp

index 4fa6ba2..edd61f9 100644 (file)
@@ -249,7 +249,7 @@ DLLEXPORT unsigned long STDCALL FPDF_GetMetaText(FPDF_DOCUMENT doc, FPDF_BYTESTR
        // Use UTF-16LE encoding
        CFX_ByteString bstr = text.UTF16LE_Encode();
        unsigned long len = bstr.GetLength();
-       if (buffer != NULL || buflen >= len+2) {
+       if (buffer != NULL && buflen >= len+2) {
                FXSYS_memcpy(buffer, (FX_LPCSTR)bstr, len);
                // use double zero as trailer
                ((FX_BYTE*)buffer)[len] = ((FX_BYTE*)buffer)[len+1] = 0;