Crash issue when using FPDFBookmark_GetDest and FPDFDest_GetDestPageIndex on Linux-musl-arm64 with version 144.0.7543.0

[tan zhiyuan]

When using the PDFium library built for Linux-musl-arm64 in a HarmonyOS mobile application, the following code snippet:
FPDF_DEST dest = FPDFBookmark_GetDest(doc, bookmark);
if (dest) {
int destPageIdx = FPDFDest_GetDestPageIndex(doc, dest);
if (destPageIdx >= 0) {
return static_cast(destPageIdx);
}
}
causes the application to crash. Specifically, after recursively invoking FPDFBookmark_GetDest and FPDFDest_GetDestPageIndex more than eight times, a crash occurs due to null pointer dereference or invalid (wild) pointer access.

[geisserml]

Can you reproduce this issue also on desktop, or is this just Linux-musl-arm64 / HarmonyOS ?
Does this only happen with a specific PDF, or with any PDF that has a TOC?
FWIW, FPDFBookmark_GetDest() and FPDFDest_GetDestPageIndex() seem to work just fine in pypdfium2.

[tan zhiyuan]

Yes, it's currently only used on HarmonyOS devices. The API FPDF_BOOKMARK sibling = FPDFBookmark_GetNextSibling(doc, bookmark); also causes crashes.

[Lei Zhang]

What is the maximum stack size in this environment? My wild guess is
that the recursion exceeded the stack limit.

> --
> You received this message because you are subscribed to the Google Groups "pdfium" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to pdfium+un...@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/pdfium/c1569e83-0928-4d05-baf4-def2ced0dfbcn%40googlegroups.com.

[tan zhiyuan]

The default stack size in HarmonyOS is 8 MB, which is far larger than the memory consumed by eight invocations of this function.