Add a test for FPDFPage_GetAnnotIndex() when there is a bad annot entry.
The specially crafted test PDF has an array where there should be an
annotation dictionary. Then call FPDFPage_GetAnnot() for index 0, and
call FPDFPage_GetAnnotIndex() for the returned FPDF_ANNOTATION.
FPDFPage_GetAnnotIndex() returns -1.
BUG=pdfium:1255
Change-Id: Ia6d5772cc2c045c66b32737e0858fdd5a522aeeb
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/51290
Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
diff --git a/fpdfsdk/fpdf_annot_embeddertest.cpp b/fpdfsdk/fpdf_annot_embeddertest.cpp
index e9ed205..7807684 100644
--- a/fpdfsdk/fpdf_annot_embeddertest.cpp
+++ b/fpdfsdk/fpdf_annot_embeddertest.cpp
@@ -66,6 +66,21 @@
UnloadPage(page);
}
+TEST_F(FPDFAnnotEmbedderTest, BadAnnotsEntry) {
+ ASSERT_TRUE(OpenDocument("bad_annots_entry.pdf"));
+ FPDF_PAGE page = LoadPage(0);
+ ASSERT_TRUE(page);
+
+ EXPECT_EQ(1, FPDFPage_GetAnnotCount(page));
+ {
+ ScopedFPDFAnnotation annot(FPDFPage_GetAnnot(page, 0));
+ ASSERT_TRUE(annot);
+ EXPECT_EQ(-1, FPDFPage_GetAnnotIndex(page, annot.get()));
+ }
+
+ UnloadPage(page);
+}
+
TEST_F(FPDFAnnotEmbedderTest, RenderAnnotWithOnlyRolloverAP) {
// Open a file with one annotation and load its first page.
ASSERT_TRUE(OpenDocument("annotation_highlight_rollover_ap.pdf"));
diff --git a/testing/resources/bad_annots_entry.in b/testing/resources/bad_annots_entry.in
new file mode 100644
index 0000000..7572cb6
--- /dev/null
+++ b/testing/resources/bad_annots_entry.in
@@ -0,0 +1,54 @@
+{{header}}
+{{object 1 0}} <<
+ /Type /Catalog
+ /Pages 2 0 R
+ /AcroForm << /Fields [ 4 0 R ] /DR 5 0 R >>
+>>
+endobj
+{{object 2 0}} <<
+ /Type /Pages
+ /Count 1
+ /Kids [ 3 0 R ]
+>>
+endobj
+{{object 3 0}} <<
+ /Type /Page
+ /Parent 2 0 R
+ /Resources 5 0 R
+ /MediaBox [ 0 0 300 300 ]
+ /Contents 8 0 R
+ /Annots [ 4 0 R ]
+>>
+endobj
+{{object 4 0}} []
+endobj
+{{object 5 0}} <<
+ /Font 6 0 R
+>>
+endobj
+{{object 6 0}} <<
+ /F1 7 0 R
+>>
+endobj
+{{object 7 0}} <<
+ /Type /Font
+ /Subtype /Type1
+ /BaseFont /Helvetica
+>>
+endobj
+{{object 8 0}} <<
+ {{streamlen}}
+>>
+stream
+BT
+0 0 0 rg
+/F1 12 Tf
+100 150 Td
+(Test Form) Tj
+ET
+endstream
+endobj
+{{xref}}
+{{trailer}}
+{{startxref}}
+%%EOF
diff --git a/testing/resources/bad_annots_entry.pdf b/testing/resources/bad_annots_entry.pdf
new file mode 100644
index 0000000..a900a22
--- /dev/null
+++ b/testing/resources/bad_annots_entry.pdf
@@ -0,0 +1,69 @@
+%PDF-1.7
+% ò¤ô
+1 0 obj <<
+ /Type /Catalog
+ /Pages 2 0 R
+ /AcroForm << /Fields [ 4 0 R ] /DR 5 0 R >>
+>>
+endobj
+2 0 obj <<
+ /Type /Pages
+ /Count 1
+ /Kids [ 3 0 R ]
+>>
+endobj
+3 0 obj <<
+ /Type /Page
+ /Parent 2 0 R
+ /Resources 5 0 R
+ /MediaBox [ 0 0 300 300 ]
+ /Contents 8 0 R
+ /Annots [ 4 0 R ]
+>>
+endobj
+4 0 obj []
+endobj
+5 0 obj <<
+ /Font 6 0 R
+>>
+endobj
+6 0 obj <<
+ /F1 7 0 R
+>>
+endobj
+7 0 obj <<
+ /Type /Font
+ /Subtype /Type1
+ /BaseFont /Helvetica
+>>
+endobj
+8 0 obj <<
+ /Length 51
+>>
+stream
+BT
+0 0 0 rg
+/F1 12 Tf
+100 150 Td
+(Test Form) Tj
+ET
+endstream
+endobj
+xref
+0 9
+0000000000 65535 f
+0000000015 00000 n
+0000000114 00000 n
+0000000179 00000 n
+0000000315 00000 n
+0000000333 00000 n
+0000000368 00000 n
+0000000401 00000 n
+0000000477 00000 n
+trailer <<
+ /Root 1 0 R
+ /Size 9
+>>
+startxref
+579
+%%EOF
