diff options
| author | Tom Sepez <tsepez@chromium.org> | 2018-10-10 17:53:50 +0000 |
|---|---|---|
| committer | Chromium commit bot <commit-bot@chromium.org> | 2018-10-10 17:53:50 +0000 |
| commit | 8d8d3bc54593d2d86054d59669b86a959ec0b602 (patch) | |
| tree | 0d36d5bd9594d8cf85fb45e25dce9f189be91a0e /core/fxcodec/codec/cfx_codec_memory.cpp | |
| parent | 65b8db9a76b4b303d97836037b24b19e797fcd86 (diff) | |
| download | pdfium-8d8d3bc54593d2d86054d59669b86a959ec0b602.tar.xz | |
Fix dangling reference in CFX_CodecMemory.
Do this by making CFX_CodecMemory actually own the memory that
it is ref-counting. Remove some test cases that are now prohibited,
and relax one lifetime restriction in the test because we are now
doing one additional copy (in the test, but not in real life).
Bug:879512
Change-Id: If030dfcf97fe40155c46a42288fc73192437ce9c
Reviewed-on: https://pdfium-review.googlesource.com/c/43670
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Diffstat (limited to 'core/fxcodec/codec/cfx_codec_memory.cpp')
| -rw-r--r-- | core/fxcodec/codec/cfx_codec_memory.cpp | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/core/fxcodec/codec/cfx_codec_memory.cpp b/core/fxcodec/codec/cfx_codec_memory.cpp index b8cf97b098..640db12415 100644 --- a/core/fxcodec/codec/cfx_codec_memory.cpp +++ b/core/fxcodec/codec/cfx_codec_memory.cpp @@ -6,13 +6,13 @@ #include <algorithm> -CFX_CodecMemory::CFX_CodecMemory(pdfium::span<uint8_t> buffer) - : buffer_(buffer) {} +CFX_CodecMemory::CFX_CodecMemory(size_t buffer_size) + : buffer_(FX_Alloc(uint8_t, buffer_size)), size_(buffer_size) {} CFX_CodecMemory::~CFX_CodecMemory() = default; bool CFX_CodecMemory::Seek(size_t pos) { - if (pos > buffer_.size()) + if (pos > size_) return false; pos_ = pos; @@ -23,8 +23,25 @@ size_t CFX_CodecMemory::ReadBlock(void* buffer, size_t size) { if (!buffer || !size || IsEOF()) return 0; - size_t bytes_to_read = std::min(size, buffer_.size() - pos_); - memcpy(buffer, &buffer_[pos_], bytes_to_read); + size_t bytes_to_read = std::min(size, size_ - pos_); + memcpy(buffer, buffer_.get() + pos_, bytes_to_read); pos_ += bytes_to_read; return bytes_to_read; } + +bool CFX_CodecMemory::TryResize(size_t new_buffer_size) { + uint8_t* pOldBuf = buffer_.release(); + uint8_t* pNewBuf = FX_TryRealloc(uint8_t, pOldBuf, new_buffer_size); + if (!pNewBuf) { + buffer_.reset(pOldBuf); + return false; + } + buffer_.reset(pNewBuf); + size_ = new_buffer_size; + return true; +} + +void CFX_CodecMemory::Consume(size_t consumed) { + size_t unconsumed = size_ - consumed; + memmove(buffer_.get(), buffer_.get() + consumed, unconsumed); +} |