diff options
author | Tom Sepez <tsepez@chromium.org> | 2016-02-19 14:22:56 -0800 |
---|---|---|
committer | Tom Sepez <tsepez@chromium.org> | 2016-02-19 14:22:56 -0800 |
commit | 78353d5dbc0b0c9b2d6946005439a51efa7d108c (patch) | |
tree | 2d0048714b8630cd22b2f8e3129318ed93ee945d /core/src/fxcrt | |
parent | 711046ac7043ebeec2b0c9a5eb168418cd07a876 (diff) | |
download | pdfium-78353d5dbc0b0c9b2d6946005439a51efa7d108c.tar.xz |
Use safe arithmentic in CFX_BinaryBuf::ExpandBuf.
Always call ExpandBuf(), and if it returns, we know the
subsequent calculations won't overflow.
Also use std::unique_ptr, and fix unintentional copies thus
detected by its suppressed copy ctor in fsdk_baseform.cpp
Also Remove unused CFX_BinaryBuf::TakeOver(), AppendFill(), CopyData().
Also remove operator= in favor of using <<, for similarity
with std::ostream and friends.
Also move ByteStringC methods to CFX_ByteTextBuf sub-class.
Also re-order members, may pack tighter on 64-bits.
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1710403002 .
Diffstat (limited to 'core/src/fxcrt')
-rw-r--r-- | core/src/fxcrt/fx_basic_buffer.cpp | 174 |
1 files changed, 76 insertions, 98 deletions
diff --git a/core/src/fxcrt/fx_basic_buffer.cpp b/core/src/fxcrt/fx_basic_buffer.cpp index 4ef86bbf41..0551ef04de 100644 --- a/core/src/fxcrt/fx_basic_buffer.cpp +++ b/core/src/fxcrt/fx_basic_buffer.cpp @@ -5,208 +5,186 @@ // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com #include <algorithm> +#include <limits> #include "core/include/fxcrt/fx_basic.h" +#include "core/include/fxcrt/fx_safe_types.h" -FX_STRSIZE FX_ftoa(FX_FLOAT f, FX_CHAR* buf); CFX_BinaryBuf::CFX_BinaryBuf() - : m_AllocStep(0), m_pBuffer(NULL), m_DataSize(0), m_AllocSize(0) {} + : m_AllocStep(0), m_AllocSize(0), m_DataSize(0) {} + CFX_BinaryBuf::CFX_BinaryBuf(FX_STRSIZE size) - : m_AllocStep(0), m_DataSize(size), m_AllocSize(size) { - m_pBuffer = FX_Alloc(uint8_t, size); -} -CFX_BinaryBuf::~CFX_BinaryBuf() { - FX_Free(m_pBuffer); + : m_AllocStep(0), m_AllocSize(size), m_DataSize(size) { + m_pBuffer.reset(FX_Alloc(uint8_t, size)); } + void CFX_BinaryBuf::Delete(int start_index, int count) { - if (!m_pBuffer || start_index < 0 || start_index + count > m_DataSize) { + if (!m_pBuffer || start_index < 0 || count < 0 || count > m_DataSize || + start_index > m_DataSize - count) { return; } - FXSYS_memmove(m_pBuffer + start_index, m_pBuffer + start_index + count, + FXSYS_memmove(m_pBuffer.get() + start_index, + m_pBuffer.get() + start_index + count, m_DataSize - start_index - count); m_DataSize -= count; } + void CFX_BinaryBuf::Clear() { m_DataSize = 0; } -void CFX_BinaryBuf::DetachBuffer() { + +uint8_t* CFX_BinaryBuf::DetachBuffer() { m_DataSize = 0; - m_pBuffer = NULL; m_AllocSize = 0; + return m_pBuffer.release(); } -void CFX_BinaryBuf::AttachData(void* buffer, FX_STRSIZE size) { - FX_Free(m_pBuffer); + +void CFX_BinaryBuf::AttachData(uint8_t* buffer, FX_STRSIZE size) { + m_pBuffer.reset(buffer); m_DataSize = size; - m_pBuffer = (uint8_t*)buffer; m_AllocSize = size; } -void CFX_BinaryBuf::TakeOver(CFX_BinaryBuf& other) { - AttachData(other.GetBuffer(), other.GetSize()); - other.DetachBuffer(); -} + void CFX_BinaryBuf::EstimateSize(FX_STRSIZE size, FX_STRSIZE step) { m_AllocStep = step; - if (m_AllocSize >= size) { - return; - } - ExpandBuf(size - m_DataSize); + if (m_AllocSize < size) + ExpandBuf(size - m_DataSize); } + void CFX_BinaryBuf::ExpandBuf(FX_STRSIZE add_size) { - FX_STRSIZE new_size = add_size + m_DataSize; - if (m_AllocSize >= new_size) { + FX_SAFE_STRSIZE new_size = m_DataSize; + new_size += add_size; + if (m_AllocSize >= new_size.ValueOrDie()) return; - } - int alloc_step; - if (m_AllocStep == 0) { - alloc_step = m_AllocSize / 4; - if (alloc_step < 128) { - alloc_step = 128; - } - } else { - alloc_step = m_AllocStep; - } - new_size = (new_size + alloc_step - 1) / alloc_step * alloc_step; - uint8_t* pNewBuffer = m_pBuffer; - if (pNewBuffer) { - pNewBuffer = FX_Realloc(uint8_t, m_pBuffer, new_size); - } else { - pNewBuffer = FX_Alloc(uint8_t, new_size); - } - m_pBuffer = pNewBuffer; - m_AllocSize = new_size; -} -void CFX_BinaryBuf::CopyData(const void* pStr, FX_STRSIZE size) { - if (size == 0) { - m_DataSize = 0; - return; - } - if (m_AllocSize < size) { - ExpandBuf(size - m_DataSize); - } - if (!m_pBuffer) { - return; - } - FXSYS_memcpy(m_pBuffer, pStr, size); - m_DataSize = size; + + int alloc_step = std::min(128, m_AllocStep ? m_AllocStep : m_AllocSize / 4); + new_size += alloc_step - 1; // Quantize, don't combine these lines. + new_size /= alloc_step; + new_size *= alloc_step; + m_AllocSize = new_size.ValueOrDie(); + m_pBuffer.reset(m_pBuffer + ? FX_Realloc(uint8_t, m_pBuffer.release(), m_AllocSize) + : FX_Alloc(uint8_t, m_AllocSize)); } + void CFX_BinaryBuf::AppendBlock(const void* pBuf, FX_STRSIZE size) { + if (size <= 0) + return; + ExpandBuf(size); - if (pBuf && m_pBuffer) { - FXSYS_memcpy(m_pBuffer + m_DataSize, pBuf, size); + if (pBuf) { + FXSYS_memcpy(m_pBuffer.get() + m_DataSize, pBuf, size); + } else { + FXSYS_memset(m_pBuffer.get() + m_DataSize, 0, size); } m_DataSize += size; } + void CFX_BinaryBuf::InsertBlock(FX_STRSIZE pos, const void* pBuf, FX_STRSIZE size) { - ExpandBuf(size); - if (!m_pBuffer) { + if (size <= 0) return; - } - FXSYS_memmove(m_pBuffer + pos + size, m_pBuffer + pos, m_DataSize - pos); + + ExpandBuf(size); + FXSYS_memmove(m_pBuffer.get() + pos + size, m_pBuffer.get() + pos, + m_DataSize - pos); if (pBuf) { - FXSYS_memcpy(m_pBuffer + pos, pBuf, size); + FXSYS_memcpy(m_pBuffer.get() + pos, pBuf, size); + } else { + FXSYS_memset(m_pBuffer.get() + pos, 0, size); } m_DataSize += size; } -void CFX_BinaryBuf::AppendFill(uint8_t byte, FX_STRSIZE count) { - ExpandBuf(count); - if (!m_pBuffer) { - return; - } - FXSYS_memset(m_pBuffer + m_DataSize, byte, count); - m_DataSize += count; -} -CFX_ByteStringC CFX_BinaryBuf::GetByteString() const { - return CFX_ByteStringC(m_pBuffer, m_DataSize); + +CFX_ByteStringC CFX_ByteTextBuf::GetByteString() const { + return CFX_ByteStringC(m_pBuffer.get(), m_DataSize); } + CFX_ByteTextBuf& CFX_ByteTextBuf::operator<<(const CFX_ByteStringC& lpsz) { AppendBlock(lpsz.GetPtr(), lpsz.GetLength()); return *this; } + CFX_ByteTextBuf& CFX_ByteTextBuf::operator<<(int i) { char buf[32]; FXSYS_itoa(i, buf, 10); AppendBlock(buf, FXSYS_strlen(buf)); return *this; } + CFX_ByteTextBuf& CFX_ByteTextBuf::operator<<(FX_DWORD i) { char buf[32]; FXSYS_itoa(i, buf, 10); AppendBlock(buf, FXSYS_strlen(buf)); return *this; } + CFX_ByteTextBuf& CFX_ByteTextBuf::operator<<(double f) { char buf[32]; FX_STRSIZE len = FX_ftoa((FX_FLOAT)f, buf); AppendBlock(buf, len); return *this; } + CFX_ByteTextBuf& CFX_ByteTextBuf::operator<<(const CFX_ByteTextBuf& buf) { - AppendBlock(buf.m_pBuffer, buf.m_DataSize); + AppendBlock(buf.m_pBuffer.get(), buf.m_DataSize); return *this; } -void CFX_ByteTextBuf::operator=(const CFX_ByteStringC& str) { - CopyData(str.GetPtr(), str.GetLength()); -} + void CFX_WideTextBuf::AppendChar(FX_WCHAR ch) { - if (m_AllocSize < m_DataSize + (FX_STRSIZE)sizeof(FX_WCHAR)) { - ExpandBuf(sizeof(FX_WCHAR)); - } - ASSERT(m_pBuffer); - *(FX_WCHAR*)(m_pBuffer + m_DataSize) = ch; + ExpandBuf(sizeof(FX_WCHAR)); + *(FX_WCHAR*)(m_pBuffer.get() + m_DataSize) = ch; m_DataSize += sizeof(FX_WCHAR); } + CFX_WideTextBuf& CFX_WideTextBuf::operator<<(const CFX_WideStringC& str) { AppendBlock(str.GetPtr(), str.GetLength() * sizeof(FX_WCHAR)); return *this; } + CFX_WideTextBuf& CFX_WideTextBuf::operator<<(const CFX_WideString& str) { AppendBlock(str.c_str(), str.GetLength() * sizeof(FX_WCHAR)); return *this; } + CFX_WideTextBuf& CFX_WideTextBuf::operator<<(int i) { char buf[32]; FXSYS_itoa(i, buf, 10); FX_STRSIZE len = FXSYS_strlen(buf); - if (m_AllocSize < m_DataSize + (FX_STRSIZE)(len * sizeof(FX_WCHAR))) { - ExpandBuf(len * sizeof(FX_WCHAR)); - } - ASSERT(m_pBuffer); - FX_WCHAR* str = (FX_WCHAR*)(m_pBuffer + m_DataSize); + ExpandBuf(len * sizeof(FX_WCHAR)); + FX_WCHAR* str = (FX_WCHAR*)(m_pBuffer.get() + m_DataSize); for (FX_STRSIZE j = 0; j < len; j++) { *str++ = buf[j]; } m_DataSize += len * sizeof(FX_WCHAR); return *this; } + CFX_WideTextBuf& CFX_WideTextBuf::operator<<(double f) { char buf[32]; FX_STRSIZE len = FX_ftoa((FX_FLOAT)f, buf); - if (m_AllocSize < m_DataSize + (FX_STRSIZE)(len * sizeof(FX_WCHAR))) { - ExpandBuf(len * sizeof(FX_WCHAR)); - } - ASSERT(m_pBuffer); - FX_WCHAR* str = (FX_WCHAR*)(m_pBuffer + m_DataSize); + ExpandBuf(len * sizeof(FX_WCHAR)); + FX_WCHAR* str = (FX_WCHAR*)(m_pBuffer.get() + m_DataSize); for (FX_STRSIZE i = 0; i < len; i++) { *str++ = buf[i]; } m_DataSize += len * sizeof(FX_WCHAR); return *this; } + CFX_WideTextBuf& CFX_WideTextBuf::operator<<(const FX_WCHAR* lpsz) { AppendBlock(lpsz, FXSYS_wcslen(lpsz) * sizeof(FX_WCHAR)); return *this; } + CFX_WideTextBuf& CFX_WideTextBuf::operator<<(const CFX_WideTextBuf& buf) { - AppendBlock(buf.m_pBuffer, buf.m_DataSize); + AppendBlock(buf.m_pBuffer.get(), buf.m_DataSize); return *this; } -void CFX_WideTextBuf::operator=(const CFX_WideStringC& str) { - CopyData(str.GetPtr(), str.GetLength() * sizeof(FX_WCHAR)); -} + CFX_WideStringC CFX_WideTextBuf::GetWideString() const { - return CFX_WideStringC((const FX_WCHAR*)m_pBuffer, + return CFX_WideStringC((const FX_WCHAR*)m_pBuffer.get(), m_DataSize / sizeof(FX_WCHAR)); } |