summaryrefslogtreecommitdiff
path: root/core/include/fxcrt
diff options
context:
space:
mode:
authorJUN FANG <jun_fang@foxitsoftware.com>2014-07-30 13:46:39 -0700
committerJUN FANG <jun_fang@foxitsoftware.com>2014-07-30 13:46:39 -0700
commit8dee6cab8f10a257d3b551ede6ca85466bf0bac7 (patch)
tree418391fde70ddb1e7ee91d2e14e6c3bbf8f29107 /core/include/fxcrt
parent0d3b5cc6028550205b56a80ccdd81aecf67e4508 (diff)
downloadpdfium-8dee6cab8f10a257d3b551ede6ca85466bf0bac7.tar.xz
Fix the potential integer overflow from 'offset+size' in extension.h and fpdfview.cpp
BUG=397258 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/419063002
Diffstat (limited to 'core/include/fxcrt')
-rw-r--r--core/include/fxcrt/fx_stream.h1
-rw-r--r--core/include/fxcrt/fx_system.h4
2 files changed, 5 insertions, 0 deletions
diff --git a/core/include/fxcrt/fx_stream.h b/core/include/fxcrt/fx_stream.h
index ef730bb967..8e298f7727 100644
--- a/core/include/fxcrt/fx_stream.h
+++ b/core/include/fxcrt/fx_stream.h
@@ -30,6 +30,7 @@ FX_DEFINEHANDLE(FX_HFILE)
#endif
#define FX_FILESIZE off_t
#endif
+typedef base::CheckedNumeric<FX_FILESIZE> FX_SAFE_FILESIZE;
#define FX_GETBYTEOFFSET32(a) 0
#define FX_GETBYTEOFFSET40(a) 0
#define FX_GETBYTEOFFSET48(a) 0
diff --git a/core/include/fxcrt/fx_system.h b/core/include/fxcrt/fx_system.h
index 7488e9d2dc..391380304c 100644
--- a/core/include/fxcrt/fx_system.h
+++ b/core/include/fxcrt/fx_system.h
@@ -276,6 +276,10 @@ int FXSYS_round(FX_FLOAT f);
#ifdef __cplusplus
};
+#include "../../../third_party/numerics/safe_math.h"
+typedef base::CheckedNumeric<FX_DWORD> FX_SAFE_DWORD;
+typedef base::CheckedNumeric<FX_INT32> FX_SAFE_INT;
+typedef base::CheckedNumeric<size_t> FX_SAFE_SIZET;
#if defined(__clang__) || _MSC_VER >= 1700
#define FX_FINAL final
#elif defined(__GNUC__) && __cplusplus >= 201103 && \