Fix a leak in CPDF_SyntaxParser::GetObject().
authorLei Zhang <thestig@chromium.org>
Mon, 26 Oct 2015 20:54:28 +0000 (13:54 -0700)
committerLei Zhang <thestig@chromium.org>
Mon, 26 Oct 2015 20:54:28 +0000 (13:54 -0700)
As seen in FPDFViewEmbeddertest.Crasher_451830.

R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1385803002 .

core/src/fpdfapi/fpdf_parser/fpdf_parser_parser.cpp

index d486cfe..27cc868 100644 (file)
@@ -2139,6 +2139,13 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList,
 
       ++nKeys;
       key = PDF_NameDecode(key);
+      if (key.IsEmpty())
+        continue;
+
+      CFX_ByteStringC keyNoSlash(key.c_str() + 1, key.GetLength() - 1);
+      if (keyNoSlash.IsEmpty())
+        continue;
+
       if (key == FX_BSTRC("/Contents"))
         dwSignValuePos = m_Pos;
 
@@ -2146,14 +2153,12 @@ CPDF_Object* CPDF_SyntaxParser::GetObject(CPDF_IndirectObjects* pObjList,
       if (!pObj)
         continue;
 
-      if (key.GetLength() >= 1) {
-        if (nKeys < 32) {
-          pDict->SetAt(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1),
-                       pObj);
-        } else {
-          pDict->AddValue(CFX_ByteStringC(key.c_str() + 1, key.GetLength() - 1),
-                          pObj);
-        }
+      // TODO(thestig): Remove this conditional once CPDF_Dictionary has a
+      // better underlying map implementation.
+      if (nKeys < 32) {
+        pDict->SetAt(keyNoSlash, pObj);
+      } else {
+        pDict->AddValue(keyNoSlash, pObj);
       }
     }