diff options
author | Ryan Harrison <rharrison@chromium.org> | 2017-08-11 16:20:32 -0400 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2017-08-11 21:03:14 +0000 |
commit | ddb9b7cdd19b63a81c4a094239e85f84acefaa17 (patch) | |
tree | 8657940fb10d76a96ffe996cf17d70a1c65ca6de /core/fxcrt | |
parent | d27998f6526272a5b8732106aa9b75f724434aca (diff) | |
download | pdfium-ddb9b7cdd19b63a81c4a094239e85f84acefaa17.tar.xz |
Add checks of index operations on string classes
Specifically the index parameter passed in to GetAt(), SetAt() and
operator[] are now being tested to be in bounds.
BUG=chromium:752480, pdfium:828
Change-Id: I9e94d58c98a8eaaaae53cd0e3ffe2123ea17d8c4
Reviewed-on: https://pdfium-review.googlesource.com/10651
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Diffstat (limited to 'core/fxcrt')
-rw-r--r-- | core/fxcrt/cfx_bytestring.cpp | 10 | ||||
-rw-r--r-- | core/fxcrt/cfx_bytestring.h | 11 | ||||
-rw-r--r-- | core/fxcrt/cfx_bytestring_unittest.cpp | 80 | ||||
-rw-r--r-- | core/fxcrt/cfx_string_c_template.h | 11 | ||||
-rw-r--r-- | core/fxcrt/cfx_widestring.cpp | 10 | ||||
-rw-r--r-- | core/fxcrt/cfx_widestring.h | 11 | ||||
-rw-r--r-- | core/fxcrt/cfx_widestring_unittest.cpp | 74 |
7 files changed, 155 insertions, 52 deletions
diff --git a/core/fxcrt/cfx_bytestring.cpp b/core/fxcrt/cfx_bytestring.cpp index c29d24affd..0aba3be12a 100644 --- a/core/fxcrt/cfx_bytestring.cpp +++ b/core/fxcrt/cfx_bytestring.cpp @@ -694,14 +694,10 @@ FX_STRSIZE CFX_ByteString::Replace(const CFX_ByteStringC& pOld, return nCount; } -void CFX_ByteString::SetAt(FX_STRSIZE nIndex, char ch) { - if (!m_pData) { - return; - } - ASSERT(nIndex >= 0); - ASSERT(nIndex < m_pData->m_nDataLength); +void CFX_ByteString::SetAt(FX_STRSIZE index, char c) { + ASSERT(index >= 0 && index < GetLength()); ReallocBeforeWrite(m_pData->m_nDataLength); - m_pData->m_String[nIndex] = ch; + m_pData->m_String[index] = c; } CFX_WideString CFX_ByteString::UTF8Decode() const { diff --git a/core/fxcrt/cfx_bytestring.h b/core/fxcrt/cfx_bytestring.h index cf688b4c88..df31751273 100644 --- a/core/fxcrt/cfx_bytestring.h +++ b/core/fxcrt/cfx_bytestring.h @@ -107,15 +107,14 @@ class CFX_ByteString { const CFX_ByteString& operator+=(const CFX_ByteString& str); const CFX_ByteString& operator+=(const CFX_ByteStringC& bstrc); - uint8_t GetAt(FX_STRSIZE nIndex) const { - return m_pData ? m_pData->m_String[nIndex] : 0; + uint8_t GetAt(FX_STRSIZE index) const { + ASSERT(index >= 0 && index < GetLength()); + return m_pData->m_String[index]; } - uint8_t operator[](FX_STRSIZE nIndex) const { - return m_pData ? m_pData->m_String[nIndex] : 0; - } + uint8_t operator[](FX_STRSIZE index) const { return GetAt(index); } - void SetAt(FX_STRSIZE nIndex, char ch); + void SetAt(FX_STRSIZE index, char c); FX_STRSIZE Insert(FX_STRSIZE index, char ch); FX_STRSIZE InsertAtFront(char ch) { return Insert(0, ch); } FX_STRSIZE InsertAtBack(char ch) { return Insert(GetLength(), ch); } diff --git a/core/fxcrt/cfx_bytestring_unittest.cpp b/core/fxcrt/cfx_bytestring_unittest.cpp index b79a765e20..680a37e342 100644 --- a/core/fxcrt/cfx_bytestring_unittest.cpp +++ b/core/fxcrt/cfx_bytestring_unittest.cpp @@ -11,13 +11,52 @@ #include "testing/gtest/include/gtest/gtest.h" #include "third_party/base/stl_util.h" +TEST(fxcrt, ByteStringGetAt) { + CFX_ByteString short_string("a"); + CFX_ByteString longer_string("abc"); + CFX_ByteString embedded_nul_string("ab\0c", 4); + +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(-1); }, ".*"); +#endif + EXPECT_EQ('a', short_string.GetAt(0)); +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(1); }, ".*"); +#endif + EXPECT_EQ('c', longer_string.GetAt(2)); + EXPECT_EQ('b', embedded_nul_string.GetAt(1)); + EXPECT_EQ('\0', embedded_nul_string.GetAt(2)); + EXPECT_EQ('c', embedded_nul_string.GetAt(3)); +} + TEST(fxcrt, ByteStringOperatorSubscript) { - // CFX_ByteString includes the NUL terminator for non-empty strings. CFX_ByteString abc("abc"); +#ifndef NDEBUG + EXPECT_DEATH({ abc[-1]; }, ".*"); +#endif EXPECT_EQ('a', abc[0]); EXPECT_EQ('b', abc[1]); EXPECT_EQ('c', abc[2]); - EXPECT_EQ(0, abc[3]); +#ifndef NDEBUG + EXPECT_DEATH({ abc[3]; }, ".*"); +#endif +} + +TEST(fxcrt, ByteStringSetAt) { + // CFX_ByteString includes the NUL terminator for non-empty strings. + CFX_ByteString abc("abc"); +#ifndef NDEBUG + EXPECT_DEATH({ abc.SetAt(-1, 'd'); }, ".*"); +#endif + abc.SetAt(0, 'd'); + EXPECT_EQ("dbc", abc); + abc.SetAt(1, 'e'); + EXPECT_EQ("dec", abc); + abc.SetAt(2, 'f'); + EXPECT_EQ("def", abc); +#ifndef NDEBUG + EXPECT_DEATH({ abc.SetAt(3, 'g'); }, ".*"); +#endif } TEST(fxcrt, ByteStringOperatorLT) { @@ -905,24 +944,35 @@ TEST(fxcrt, ByteStringCMid) { } TEST(fxcrt, ByteStringCGetAt) { - CFX_ByteString short_string("a"); - CFX_ByteString longer_string("abc"); - CFX_ByteString embedded_nul_string("ab\0c", 4); - - EXPECT_EQ('a', short_string.GetAt(0)); - EXPECT_EQ('c', longer_string.GetAt(2)); - EXPECT_EQ('b', embedded_nul_string.GetAt(1)); - EXPECT_EQ('\0', embedded_nul_string.GetAt(2)); - EXPECT_EQ('c', embedded_nul_string.GetAt(3)); + CFX_ByteStringC short_string("a"); + CFX_ByteStringC longer_string("abc"); + CFX_ByteStringC embedded_nul_string("ab\0c", 4); + +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(-1); }, ".*"); +#endif + EXPECT_EQ('a', static_cast<char>(short_string.GetAt(0))); +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(1); }, ".*"); +#endif + EXPECT_EQ('c', static_cast<char>(longer_string.GetAt(2))); + EXPECT_EQ('b', static_cast<char>(embedded_nul_string.GetAt(1))); + EXPECT_EQ('\0', static_cast<char>(embedded_nul_string.GetAt(2))); + EXPECT_EQ('c', static_cast<char>(embedded_nul_string.GetAt(3))); } TEST(fxcrt, ByteStringCOperatorSubscript) { // CFX_ByteStringC includes the NUL terminator for non-empty strings. CFX_ByteStringC abc("abc"); - EXPECT_EQ('a', abc[0]); - EXPECT_EQ('b', abc[1]); - EXPECT_EQ('c', abc[2]); - EXPECT_EQ(0, abc[3]); +#ifndef NDEBUG + EXPECT_DEATH({ abc[-1]; }, ".*"); +#endif + EXPECT_EQ('a', static_cast<char>(abc[0])); + EXPECT_EQ('b', static_cast<char>(abc[1])); + EXPECT_EQ('c', static_cast<char>(abc[2])); +#ifndef NDEBUG + EXPECT_DEATH({ abc[3]; }, ".*"); +#endif } TEST(fxcrt, ByteStringCOperatorLT) { diff --git a/core/fxcrt/cfx_string_c_template.h b/core/fxcrt/cfx_string_c_template.h index 6a95a05d45..bc0fe1e0a0 100644 --- a/core/fxcrt/cfx_string_c_template.h +++ b/core/fxcrt/cfx_string_c_template.h @@ -119,8 +119,13 @@ class CFX_StringCTemplate { FX_STRSIZE GetLength() const { return m_Length; } bool IsEmpty() const { return m_Length == 0; } - UnsignedType GetAt(FX_STRSIZE index) const { return m_Ptr.Get()[index]; } + UnsignedType GetAt(FX_STRSIZE index) const { + ASSERT(index >= 0 && index < GetLength()); + return m_Ptr.Get()[index]; + } + CharType CharAt(FX_STRSIZE index) const { + ASSERT(index >= 0 && index < GetLength()); return static_cast<CharType>(m_Ptr.Get()[index]); } @@ -159,9 +164,7 @@ class CFX_StringCTemplate { return CFX_StringCTemplate(m_Ptr.Get() + m_Length - count, count); } - const UnsignedType& operator[](size_t index) const { - return m_Ptr.Get()[index]; - } + UnsignedType operator[](FX_STRSIZE index) const { return GetAt(index); } bool operator<(const CFX_StringCTemplate& that) const { int result = FXSYS_cmp(reinterpret_cast<const CharType*>(m_Ptr.Get()), diff --git a/core/fxcrt/cfx_widestring.cpp b/core/fxcrt/cfx_widestring.cpp index a1fa7ec096..c2e1e4877d 100644 --- a/core/fxcrt/cfx_widestring.cpp +++ b/core/fxcrt/cfx_widestring.cpp @@ -841,14 +841,10 @@ FX_STRSIZE CFX_WideString::Replace(const CFX_WideStringC& pOld, return nCount; } -void CFX_WideString::SetAt(FX_STRSIZE nIndex, wchar_t ch) { - if (!m_pData) { - return; - } - ASSERT(nIndex >= 0); - ASSERT(nIndex < m_pData->m_nDataLength); +void CFX_WideString::SetAt(FX_STRSIZE index, wchar_t c) { + ASSERT(index >= 0 && index < GetLength()); ReallocBeforeWrite(m_pData->m_nDataLength); - m_pData->m_String[nIndex] = ch; + m_pData->m_String[index] = c; } // static diff --git a/core/fxcrt/cfx_widestring.h b/core/fxcrt/cfx_widestring.h index ccb1e752f7..b49e898f32 100644 --- a/core/fxcrt/cfx_widestring.h +++ b/core/fxcrt/cfx_widestring.h @@ -101,15 +101,14 @@ class CFX_WideString { bool operator<(const CFX_WideString& str) const; - wchar_t GetAt(FX_STRSIZE nIndex) const { - return m_pData ? m_pData->m_String[nIndex] : 0; + wchar_t GetAt(FX_STRSIZE index) const { + ASSERT(index >= 0 && index < GetLength()); + return m_pData->m_String[index]; } - wchar_t operator[](FX_STRSIZE nIndex) const { - return m_pData ? m_pData->m_String[nIndex] : 0; - } + wchar_t operator[](FX_STRSIZE index) const { return GetAt(index); } - void SetAt(FX_STRSIZE nIndex, wchar_t ch); + void SetAt(FX_STRSIZE index, wchar_t c); int Compare(const wchar_t* str) const; int Compare(const CFX_WideString& str) const; diff --git a/core/fxcrt/cfx_widestring_unittest.cpp b/core/fxcrt/cfx_widestring_unittest.cpp index 6e7b63c5fa..a23763218d 100644 --- a/core/fxcrt/cfx_widestring_unittest.cpp +++ b/core/fxcrt/cfx_widestring_unittest.cpp @@ -10,13 +10,51 @@ #include "testing/gtest/include/gtest/gtest.h" +TEST(fxcrt, WideStringGetAt) { + CFX_WideString short_string(L"a"); + CFX_WideString longer_string(L"abc"); + CFX_WideString embedded_nul_string(L"ab\0c", 4); + +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(-1); }, ".*"); +#endif + EXPECT_EQ(L'a', short_string.GetAt(0)); +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(1); }, ".*"); +#endif + EXPECT_EQ(L'c', longer_string.GetAt(2)); + EXPECT_EQ(L'b', embedded_nul_string.GetAt(1)); + EXPECT_EQ(L'\0', embedded_nul_string.GetAt(2)); + EXPECT_EQ(L'c', embedded_nul_string.GetAt(3)); +} + TEST(fxcrt, WideStringOperatorSubscript) { - // CFX_WideString includes the NUL terminator for non-empty strings. CFX_WideString abc(L"abc"); +#ifndef NDEBUG + EXPECT_DEATH({ abc[-1]; }, ".*"); +#endif EXPECT_EQ(L'a', abc[0]); EXPECT_EQ(L'b', abc[1]); EXPECT_EQ(L'c', abc[2]); - EXPECT_EQ(L'\0', abc[3]); +#ifndef NDEBUG + EXPECT_DEATH({ abc[4]; }, ".*"); +#endif +} + +TEST(fxcrt, WideStringSetAt) { + CFX_WideString abc(L"abc"); +#ifndef NDEBUG + EXPECT_DEATH({ abc.SetAt(-1, L'd'); }, ".*"); +#endif + abc.SetAt(0, L'd'); + EXPECT_EQ(L"dbc", abc); + abc.SetAt(1, L'e'); + EXPECT_EQ(L"dec", abc); + abc.SetAt(2, L'f'); + EXPECT_EQ(L"def", abc); +#ifndef NDEBUG + EXPECT_DEATH({ abc.SetAt(3, L'g'); }, ".*"); +#endif } TEST(fxcrt, WideStringOperatorLT) { @@ -742,13 +780,35 @@ TEST(fxcrt, WideStringCFromVector) { EXPECT_EQ(nullptr, cleared_string.raw_str()); } +TEST(fxcrt, WideStringCGetAt) { + CFX_WideStringC short_string(L"a"); + CFX_WideStringC longer_string(L"abc"); + CFX_WideStringC embedded_nul_string(L"ab\0c", 4); + +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(-1); }, ".*"); +#endif + EXPECT_EQ(L'a', static_cast<wchar_t>(short_string.GetAt(0))); +#ifndef NDEBUG + EXPECT_DEATH({ short_string.GetAt(1); }, ".*"); +#endif + EXPECT_EQ(L'c', static_cast<wchar_t>(longer_string.GetAt(2))); + EXPECT_EQ(L'b', static_cast<wchar_t>(embedded_nul_string.GetAt(1))); + EXPECT_EQ(L'\0', static_cast<wchar_t>(embedded_nul_string.GetAt(2))); + EXPECT_EQ(L'c', static_cast<wchar_t>(embedded_nul_string.GetAt(3))); +} + TEST(fxcrt, WideStringCOperatorSubscript) { - // CFX_WideStringC includes the NUL terminator for non-empty strings. CFX_WideStringC abc(L"abc"); - EXPECT_EQ(L'a', abc.CharAt(0)); - EXPECT_EQ(L'b', abc.CharAt(1)); - EXPECT_EQ(L'c', abc.CharAt(2)); - EXPECT_EQ(L'\0', abc.CharAt(3)); +#ifndef NDEBUG + EXPECT_DEATH({ abc[-1]; }, ".*"); +#endif + EXPECT_EQ(L'a', static_cast<wchar_t>(abc[0])); + EXPECT_EQ(L'b', static_cast<wchar_t>(abc[1])); + EXPECT_EQ(L'c', static_cast<wchar_t>(abc[2])); +#ifndef NDEBUG + EXPECT_DEATH({ abc[4]; }, ".*"); +#endif } TEST(fxcrt, WideStringCOperatorLT) { |