Google Git
Sign in
pdfium / pdfium / 31136552bc0ca1848addede014d518a5ef6be646^! / .
commit31136552bc0ca1848addede014d518a5ef6be646[log] [tgz]
authorLei Zhang <thestig@chromium.org>Thu May 16 16:22:24 2019 +0000
committerChromium commit bot <commit-bot@chromium.org>Thu May 16 16:22:24 2019 +0000
tree7a893e29ad1743b2328ceab01d53c61c98b16aca
parent24349dc4a3c4c9f1c31f68322897183f270bf850 [diff]
Fix an assert failure in CreateDataBinding().

Which is a null pointer dereference in release mode.
It is obvious from the line above the ASSERT() that the assertion is
not going to hold. So just handle the nullptr case.

BUG=pdfium:1282

Change-Id: I2be8b02deb9eec55aac995bf758205a441f38dcc
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/54450
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>

diff --git a/testing/resources/pixel/xfa_specific/bug_1282.in b/testing/resources/pixel/xfa_specific/bug_1282.in
new file mode 100644
index 0000000..61d8a0d
--- /dev/null
+++ b/testing/resources/pixel/xfa_specific/bug_1282.in

@@ -0,0 +1,65 @@
+{{header}}
+{{include ../../xfa_catalog_1_0.fragment}}
+{{object 2 0}} <<
+  /XFA [
+    (preamble)
+    3 0 R
+    (config)
+    4 0 R
+    (template)
+    5 0 R
+    (datasets)
+    10 0 R
+    (localeSet)
+    6 0 R
+    (postamble)
+    7 0 R
+  ]
+>>
+endobj
+{{include ../../xfa_preamble_3_0.fragment}}
+{{include ../../xfa_config_4_0.fragment}}
+{{object 5 0}} <<
+  {{streamlen}}
+>>
+stream
+<template xmlns="http://www.xfa.org/schema/xfa-template/2.8/">
+  <subform name="topmostSubform" layout="tb" locale="en_US">
+    <pageSet>
+      <pageArea id="PageArea1" name="PageArea1">
+        <contentArea name="ContentArea1" x="0pt" y="0pt" w="612pt" h="792pt" />
+        <medium stock="default" short="612pt" long="792pt"/>
+      </pageArea>
+    </pageSet>
+    <subform name="Page1" x="0pt" y="0pt" w="612pt" h="792pt">
+      <field name="foo.bar" x="100pt" y="100pt" w="60pt" h="16pt">
+        <ui><choiceList open="multiSelect" /></ui>
+        <value><text>Select one</text></value>
+      </field>
+    </subform>
+  </subform>
+</template>
+endstream
+endobj
+{{include ../../xfa_locale_6_0.fragment}}
+{{include ../../xfa_postamble_7_0.fragment}}
+{{include ../../xfa_pages_8_0.fragment}}
+{{object 10 0}} <<
+  {{streamlen}}
+>>
+stream
+<xfa:datasets xmlns:xfa="http://www.xfa.org/schema/xfa-data/1.0/">
+  <xfa:data>
+    <topmostSubform>
+      <foo.bar>
+        <value>Select one</value>
+      </foo.bar>
+    </topmostSubform>
+  </xfa:data>
+</xfa:datasets>
+endstream
+endobj
+{{xref}}
+{{trailer}}
+{{startxref}}
+%%EOF

diff --git a/testing/resources/pixel/xfa_specific/bug_1282_expected.pdf.0.png b/testing/resources/pixel/xfa_specific/bug_1282_expected.pdf.0.png
new file mode 100644
index 0000000..6b03382
--- /dev/null
+++ b/testing/resources/pixel/xfa_specific/bug_1282_expected.pdf.0.png
Binary files differ

diff --git a/xfa/fxfa/parser/cxfa_document.cpp b/xfa/fxfa/parser/cxfa_document.cpp
index ab03c9f..6224050 100644
--- a/xfa/fxfa/parser/cxfa_document.cpp
+++ b/xfa/fxfa/parser/cxfa_document.cpp

@@ -688,9 +688,8 @@
           }
           CXFA_ExData* exData =
               defValue ? defValue->GetExDataIfExists() : nullptr;
-          ASSERT(exData);
-
-          exData->SetContentType(single ? L"text/plain" : L"text/xml");
+          if (exData)
+            exData->SetContentType(single ? L"text/plain" : L"text/xml");
         }
         FormValueNode_SetChildContent(defValue, wsNormalizeValue,
                                       XFA_Element::ExData);