Fix Null-dereference READ in CPDF_Dictionary::GetIntegerFor. Bug: chromium:771858 Change-Id: Ief40de384921f943a40e8154b67d83ae6e7ed915 Reviewed-on: https://pdfium-review.googlesource.com/15490 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Art Snake <art-snake@yandex-team.ru>

commit: 38d0449a02f4d16dd513c08c558e57891ec252dd [log] [tgz]
author: Artem Strygin <art-snake@yandex-team.ru> Thu Oct 05 16:48:21 2017 +0300
committer: Chromium commit bot <commit-bot@chromium.org> Thu Oct 05 14:09:45 2017 +0000
tree: 79dc803aa538f10a54f0ef618609f0aa934266c4
parent: 985e86f297e8319dbf3fd37247613f66e9f11216 [diff]
diff --git a/core/fpdfapi/parser/cpdf_data_avail.cpp b/core/fpdfapi/parser/cpdf_data_avail.cpp
index f066117..aac233e 100644
--- a/core/fpdfapi/parser/cpdf_data_avail.cpp
+++ b/core/fpdfapi/parser/cpdf_data_avail.cpp

@@ -1168,11 +1168,12 @@
   if (m_bLinearedDataOK)
     return DataAvailable;
   ASSERT(m_pLinearized);
-  if (!m_pLinearized->GetMainXRefTableFirstEntryOffset())
+  if (!m_pLinearized->GetMainXRefTableFirstEntryOffset() || !m_pDocument ||
+      !m_pDocument->GetParser() || !m_pDocument->GetParser()->GetTrailer()) {
     return DataError;
+  }
 
   if (!m_bMainXRefLoadTried) {
-    ASSERT(m_pDocument->GetParser()->GetTrailer());
     const FX_SAFE_FILESIZE main_xref_offset =
         m_pDocument->GetParser()->GetTrailer()->GetIntegerFor("Prev");
     if (!main_xref_offset.IsValid())
commit	38d0449a02f4d16dd513c08c558e57891ec252dd	[log] [tgz]
author	Artem Strygin <art-snake@yandex-team.ru>	Thu Oct 05 16:48:21 2017 +0300
committer	Chromium commit bot <commit-bot@chromium.org>	Thu Oct 05 14:09:45 2017 +0000
tree	79dc803aa538f10a54f0ef618609f0aa934266c4
parent	985e86f297e8319dbf3fd37247613f66e9f11216 [diff]