Check for invalid URIs in FPDFAction_GetURIPath().
Per spec, URIs should be encoded as 7-bit ASCII. Make sure this is the
case, and return an error if it is not.
Bug: chromium:1323491
Change-Id: I685e3a97cfa10144ddaf2e60175270e0a11ad2ce
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/94532
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
diff --git a/fpdfsdk/fpdf_doc.cpp b/fpdfsdk/fpdf_doc.cpp
index ab8fc03..8bbb761 100644
--- a/fpdfsdk/fpdf_doc.cpp
+++ b/fpdfsdk/fpdf_doc.cpp
@@ -228,6 +228,12 @@
CPDF_Action cAction(CPDFDictionaryFromFPDFAction(action));
ByteString path = cAction.GetURI(pDoc);
+
+ // Table 206 in the ISO 32000-1:2008 spec states the type for the URI field is
+ // ASCII string. If the data is not 7-bit ASCII, consider that a failure.
+ if (!path.AsStringView().IsASCII())
+ return 0;
+
const unsigned long len =
pdfium::base::checked_cast<unsigned long>(path.GetLength() + 1);
if (buffer && len <= buflen)
diff --git a/fpdfsdk/fpdf_doc_embeddertest.cpp b/fpdfsdk/fpdf_doc_embeddertest.cpp
index d934684..843f65b 100644
--- a/fpdfsdk/fpdf_doc_embeddertest.cpp
+++ b/fpdfsdk/fpdf_doc_embeddertest.cpp
@@ -355,18 +355,8 @@
EXPECT_EQ(static_cast<unsigned long>(PDFACTION_URI),
FPDFAction_GetType(action));
- // TODO(crbug.com/1323491): FPDFAction_GetURIPath() claims it only returns
- // 7-bit ASCII values.
- const char kExpectedResult[] =
- "https://example.com/\xA5octal\xC7"
- "chars";
- const unsigned long kExpectedLength = sizeof(kExpectedResult);
- unsigned long bufsize = FPDFAction_GetURIPath(document(), action, nullptr, 0);
- ASSERT_EQ(kExpectedLength, bufsize);
-
- char buf[1024];
- EXPECT_EQ(bufsize, FPDFAction_GetURIPath(document(), action, buf, bufsize));
- EXPECT_STREQ(kExpectedResult, buf);
+ // Call fails because the URI embedded in the PDF is invalid.
+ EXPECT_EQ(0u, FPDFAction_GetURIPath(document(), action, nullptr, 0));
UnloadPage(page);
}