summaryrefslogtreecommitdiff
path: root/core/include/fxcrt
diff options
context:
space:
mode:
authorTom Sepez <tsepez@chromium.org>2016-02-19 14:22:56 -0800
committerTom Sepez <tsepez@chromium.org>2016-02-19 14:22:56 -0800
commit78353d5dbc0b0c9b2d6946005439a51efa7d108c (patch)
tree2d0048714b8630cd22b2f8e3129318ed93ee945d /core/include/fxcrt
parent711046ac7043ebeec2b0c9a5eb168418cd07a876 (diff)
downloadpdfium-78353d5dbc0b0c9b2d6946005439a51efa7d108c.tar.xz
Use safe arithmentic in CFX_BinaryBuf::ExpandBuf.
Always call ExpandBuf(), and if it returns, we know the subsequent calculations won't overflow. Also use std::unique_ptr, and fix unintentional copies thus detected by its suppressed copy ctor in fsdk_baseform.cpp Also Remove unused CFX_BinaryBuf::TakeOver(), AppendFill(), CopyData(). Also remove operator= in favor of using <<, for similarity with std::ostream and friends. Also move ByteStringC methods to CFX_ByteTextBuf sub-class. Also re-order members, may pack tighter on 64-bits. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1710403002 .
Diffstat (limited to 'core/include/fxcrt')
-rw-r--r--core/include/fxcrt/fx_basic.h110
-rw-r--r--core/include/fxcrt/fx_safe_types.h1
2 files changed, 42 insertions, 69 deletions
diff --git a/core/include/fxcrt/fx_basic.h b/core/include/fxcrt/fx_basic.h
index 7f47122dea..4402856996 100644
--- a/core/include/fxcrt/fx_basic.h
+++ b/core/include/fxcrt/fx_basic.h
@@ -8,6 +8,7 @@
#define CORE_INCLUDE_FXCRT_FX_BASIC_H_
#include <algorithm>
+#include <memory>
#include "core/include/fxcrt/fx_memory.h"
#include "core/include/fxcrt/fx_stream.h"
@@ -29,109 +30,90 @@
template <typename T, size_t N>
char(&ArraySizeHelper(T(&array)[N]))[N];
+// Used with std::unique_ptr to FX_Free raw memory.
+struct FxFreeDeleter {
+ inline void operator()(void* ptr) const { FX_Free(ptr); }
+};
+
+// Used with std::unique_ptr to Release() objects that can't be deleted.
+template <class T>
+struct ReleaseDeleter {
+ inline void operator()(T* ptr) const { ptr->Release(); }
+};
+
class CFX_BinaryBuf {
public:
CFX_BinaryBuf();
- CFX_BinaryBuf(FX_STRSIZE size);
+ explicit CFX_BinaryBuf(FX_STRSIZE size);
- ~CFX_BinaryBuf();
+ uint8_t* GetBuffer() const { return m_pBuffer.get(); }
+ FX_STRSIZE GetSize() const { return m_DataSize; }
void Clear();
-
void EstimateSize(FX_STRSIZE size, FX_STRSIZE alloc_step = 0);
-
void AppendBlock(const void* pBuf, FX_STRSIZE size);
-
- void AppendFill(uint8_t byte, FX_STRSIZE count);
-
void AppendString(const CFX_ByteStringC& str) {
AppendBlock(str.GetPtr(), str.GetLength());
}
- inline void AppendByte(uint8_t byte) {
- if (m_AllocSize <= m_DataSize) {
- ExpandBuf(1);
- }
- m_pBuffer[m_DataSize++] = byte;
+ void AppendByte(uint8_t byte) {
+ ExpandBuf(1);
+ m_pBuffer.get()[m_DataSize++] = byte;
}
void InsertBlock(FX_STRSIZE pos, const void* pBuf, FX_STRSIZE size);
-
- void AttachData(void* pBuf, FX_STRSIZE size);
-
- void CopyData(const void* pBuf, FX_STRSIZE size);
-
- void TakeOver(CFX_BinaryBuf& other);
-
void Delete(int start_index, int count);
- uint8_t* GetBuffer() const { return m_pBuffer; }
+ // Takes ownership of |pBuf|.
+ void AttachData(uint8_t* pBuf, FX_STRSIZE size);
- FX_STRSIZE GetSize() const { return m_DataSize; }
-
- CFX_ByteStringC GetByteString() const;
-
- void DetachBuffer();
+ // Releases ownership of |m_pBuffer| and returns it.
+ uint8_t* DetachBuffer();
protected:
- FX_STRSIZE m_AllocStep;
-
- uint8_t* m_pBuffer;
-
- FX_STRSIZE m_DataSize;
+ void ExpandBuf(FX_STRSIZE size);
+ FX_STRSIZE m_AllocStep;
FX_STRSIZE m_AllocSize;
-
- void ExpandBuf(FX_STRSIZE size);
+ FX_STRSIZE m_DataSize;
+ std::unique_ptr<uint8_t, FxFreeDeleter> m_pBuffer;
};
+
class CFX_ByteTextBuf : public CFX_BinaryBuf {
public:
- void operator=(const CFX_ByteStringC& str);
-
void AppendChar(int ch) { AppendByte((uint8_t)ch); }
+ FX_STRSIZE GetLength() const { return m_DataSize; }
+ CFX_ByteStringC GetByteString() const;
CFX_ByteTextBuf& operator<<(int i);
-
CFX_ByteTextBuf& operator<<(FX_DWORD i);
-
CFX_ByteTextBuf& operator<<(double f);
-
CFX_ByteTextBuf& operator<<(const CFX_ByteStringC& lpsz);
-
CFX_ByteTextBuf& operator<<(const CFX_ByteTextBuf& buf);
-
- FX_STRSIZE GetLength() const { return m_DataSize; }
};
+
class CFX_WideTextBuf : public CFX_BinaryBuf {
public:
- void operator=(const FX_WCHAR* lpsz);
-
- void operator=(const CFX_WideStringC& str);
-
void AppendChar(FX_WCHAR wch);
-
- CFX_WideTextBuf& operator<<(int i);
-
- CFX_WideTextBuf& operator<<(double f);
-
- CFX_WideTextBuf& operator<<(const FX_WCHAR* lpsz);
-
- CFX_WideTextBuf& operator<<(const CFX_WideStringC& str);
- CFX_WideTextBuf& operator<<(const CFX_WideString& str);
-
- CFX_WideTextBuf& operator<<(const CFX_WideTextBuf& buf);
-
FX_STRSIZE GetLength() const { return m_DataSize / sizeof(FX_WCHAR); }
-
- FX_WCHAR* GetBuffer() const { return (FX_WCHAR*)m_pBuffer; }
+ FX_WCHAR* GetBuffer() const {
+ return reinterpret_cast<FX_WCHAR*>(m_pBuffer.get());
+ }
+ CFX_WideStringC GetWideString() const;
void Delete(int start_index, int count) {
CFX_BinaryBuf::Delete(start_index * sizeof(FX_WCHAR),
count * sizeof(FX_WCHAR));
}
- CFX_WideStringC GetWideString() const;
+ CFX_WideTextBuf& operator<<(int i);
+ CFX_WideTextBuf& operator<<(double f);
+ CFX_WideTextBuf& operator<<(const FX_WCHAR* lpsz);
+ CFX_WideTextBuf& operator<<(const CFX_WideStringC& str);
+ CFX_WideTextBuf& operator<<(const CFX_WideString& str);
+ CFX_WideTextBuf& operator<<(const CFX_WideTextBuf& buf);
};
+
#ifdef PDF_ENABLE_XFA
class CFX_ArchiveSaver {
public:
@@ -1031,16 +1013,6 @@ class CFX_AutoRestorer {
const T m_OldValue;
};
-struct FxFreeDeleter {
- inline void operator()(void* ptr) const { FX_Free(ptr); }
-};
-
-// Used with std::unique_ptr to Release() objects that can't be deleted.
-template <class T>
-struct ReleaseDeleter {
- inline void operator()(T* ptr) const { ptr->Release(); }
-};
-
#define FX_DATALIST_LENGTH 1024
template <size_t unit>
class CFX_SortListArray {
diff --git a/core/include/fxcrt/fx_safe_types.h b/core/include/fxcrt/fx_safe_types.h
index aec1ca7e96..6ae3ee1054 100644
--- a/core/include/fxcrt/fx_safe_types.h
+++ b/core/include/fxcrt/fx_safe_types.h
@@ -15,5 +15,6 @@ typedef pdfium::base::CheckedNumeric<FX_DWORD> FX_SAFE_DWORD;
typedef pdfium::base::CheckedNumeric<int32_t> FX_SAFE_INT32;
typedef pdfium::base::CheckedNumeric<size_t> FX_SAFE_SIZE_T;
typedef pdfium::base::CheckedNumeric<FX_FILESIZE> FX_SAFE_FILESIZE;
+typedef pdfium::base::CheckedNumeric<FX_STRSIZE> FX_SAFE_STRSIZE;
#endif // CORE_INCLUDE_FXCRT_FX_SAFE_TYPES_H_