Google Git
Sign in
pdfium / pdfium / refs/heads/chromium/3108^! / .
commited75ee25f40a475f774e1e06c5375feee70b56f5[log] [tgz]
authorTom Sepez <tsepez@chromium.org>Mon May 22 12:26:57 2017 -0700
committerChromium commit bot <commit-bot@chromium.org>Mon May 22 20:25:38 2017 +0000
treecc8ebb92de480789e951047fde87b021f68d2da1
parent671630e52cda1abb5b1da71f366211cc3c95482f [diff]
CFX_ByteStringC: avoid taking unreferenceable vector::data() ptr.

Otherwise, the UnownedPtr destructor will try to probe it.  ASAN
knows about the structure of std::vector and will flag it as such.

Bug: 724960
Change-Id: I2b24501704c3845a4b16edad191d7b8f41f77587
Reviewed-on: https://pdfium-review.googlesource.com/5750
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>

diff --git a/core/fxcrt/cfx_bytestring_unittest.cpp b/core/fxcrt/cfx_bytestring_unittest.cpp
index 14d9393..c53b900 100644
--- a/core/fxcrt/cfx_bytestring_unittest.cpp
+++ b/core/fxcrt/cfx_bytestring_unittest.cpp

@@ -786,6 +786,13 @@
   CFX_ByteStringC lower_a_string(lower_a_vec);
   EXPECT_EQ(10, lower_a_string.GetLength());
   EXPECT_EQ("aaaaaaaaaa", lower_a_string);
+
+  std::vector<uint8_t> cleared_vec;
+  cleared_vec.push_back(42);
+  cleared_vec.pop_back();
+  CFX_ByteStringC cleared_string(cleared_vec);
+  EXPECT_EQ(0, cleared_string.GetLength());
+  EXPECT_EQ(nullptr, cleared_string.raw_str());
 }
 
 TEST(fxcrt, ByteStringCGetID) {

diff --git a/core/fxcrt/cfx_string_c_template.h b/core/fxcrt/cfx_string_c_template.h
index 3a0ad74..89d0727 100644
--- a/core/fxcrt/cfx_string_c_template.h
+++ b/core/fxcrt/cfx_string_c_template.h

@@ -59,8 +59,8 @@
 
   // Any changes to |vec| invalidate the string.
   explicit CFX_StringCTemplate(const std::vector<UnsignedType>& vec) {
-    m_Ptr = vec.data();
     m_Length = pdfium::CollectionSize<FX_STRSIZE>(vec);
+    m_Ptr = m_Length ? vec.data() : nullptr;
   }
 
   CFX_StringCTemplate& operator=(const CharType* src) {

diff --git a/core/fxcrt/cfx_widestring_unittest.cpp b/core/fxcrt/cfx_widestring_unittest.cpp
index a9cb2d3..f5a0e12 100644
--- a/core/fxcrt/cfx_widestring_unittest.cpp
+++ b/core/fxcrt/cfx_widestring_unittest.cpp

@@ -702,6 +702,13 @@
   CFX_WideStringC lower_a_string(lower_a_vec);
   EXPECT_EQ(10, lower_a_string.GetLength());
   EXPECT_EQ(L"aaaaaaaaaa", lower_a_string);
+
+  std::vector<CFX_WideStringC::UnsignedType> cleared_vec;
+  cleared_vec.push_back(42);
+  cleared_vec.pop_back();
+  CFX_WideStringC cleared_string(cleared_vec);
+  EXPECT_EQ(0, cleared_string.GetLength());
+  EXPECT_EQ(nullptr, cleared_string.raw_str());
 }
 
 TEST(fxcrt, WideStringCOperatorSubscript) {