From 802eaea7696e2e1aa8d6d76d1fee39fbe1c7794b Mon Sep 17 00:00:00 2001 From: Ryan Harrison Date: Tue, 30 Jan 2018 20:24:50 +0000 Subject: Clean up CSS Data Table entries and access This cleans up the entries in the table to no longer have a marker for size, and also removes a hand rolled search. This prevents an out of bounds issue that had been reported and addresses another potential out of bounds issue. BUG=chromium:807214 Change-Id: I3d3ab5a3a174dd4dcec56fa7ee7a0e6c2805bfaa Reviewed-on: https://pdfium-review.googlesource.com/24690 Reviewed-by: Ryan Harrison Reviewed-by: dsinclair Commit-Queue: dsinclair Commit-Queue: Ryan Harrison --- core/fxcrt/css/cfx_css.h | 3 ++- core/fxcrt/css/cfx_cssdatatable.cpp | 40 +++++++++++++++---------------------- core/fxcrt/css/cfx_cssdatatable.h | 3 +-- 3 files changed, 19 insertions(+), 27 deletions(-) diff --git a/core/fxcrt/css/cfx_css.h b/core/fxcrt/css/cfx_css.h index 7b1d7d3f99..3703394d4f 100644 --- a/core/fxcrt/css/cfx_css.h +++ b/core/fxcrt/css/cfx_css.h @@ -79,6 +79,8 @@ enum class CFX_CSSPropertyValue : uint8_t { LAST_MARKER }; +// Any entries added/removed here, will need to be mirrored in +// g_CFX_CSSProperties. enum class CFX_CSSProperty : uint8_t { BorderLeft = 0, Top, @@ -120,7 +122,6 @@ enum class CFX_CSSProperty : uint8_t { Padding, MarginBottom, MarginTop, - LAST_MARKER }; enum class CFX_CSSSelectorType : uint8_t { Element = 0, Descendant }; diff --git a/core/fxcrt/css/cfx_cssdatatable.cpp b/core/fxcrt/css/cfx_cssdatatable.cpp index 53617b6a48..8b2100aaa2 100644 --- a/core/fxcrt/css/cfx_cssdatatable.cpp +++ b/core/fxcrt/css/cfx_cssdatatable.cpp @@ -6,6 +6,7 @@ #include "core/fxcrt/css/cfx_cssdatatable.h" +#include #include #include "core/fxcrt/css/cfx_cssstyleselector.h" @@ -115,33 +116,24 @@ static const CFX_CSSPropertyTable g_CFX_CSSProperties[] = { CFX_CSSVALUETYPE_Primitive | CFX_CSSVALUETYPE_MaybeNumber | CFX_CSSVALUETYPE_MaybeEnum}, }; -const int32_t g_iCSSPropertyCount = - sizeof(g_CFX_CSSProperties) / sizeof(CFX_CSSPropertyTable); -static_assert(g_iCSSPropertyCount == - static_cast(CFX_CSSProperty::LAST_MARKER), - "Property table differs in size from property enum"); -const CFX_CSSPropertyTable* CFX_GetCSSPropertyByName( - const WideStringView& wsName) { - ASSERT(!wsName.IsEmpty()); - uint32_t dwHash = FX_HashCode_GetW(wsName, true); - int32_t iEnd = g_iCSSPropertyCount; - int32_t iMid, iStart = 0; - uint32_t dwMid; - do { - iMid = (iStart + iEnd) / 2; - dwMid = g_CFX_CSSProperties[iMid].dwHash; - if (dwHash == dwMid) { - return g_CFX_CSSProperties + iMid; - } else if (dwHash > dwMid) { - iStart = iMid + 1; - } else { - iEnd = iMid - 1; - } - } while (iStart <= iEnd); +const CFX_CSSPropertyTable* CFX_GetCSSPropertyByName(WideStringView name) { + if (name.IsEmpty()) + return nullptr; + + uint32_t hash = FX_HashCode_GetW(name, true); + + auto cmpFunc = [](const CFX_CSSPropertyTable& iter, const uint32_t& hash) { + return iter.dwHash < hash; + }; + + auto* result = std::lower_bound(std::begin(g_CFX_CSSProperties), + std::end(g_CFX_CSSProperties), hash, cmpFunc); + if (result != std::end(g_CFX_CSSProperties) && result->dwHash == hash) + return result; return nullptr; } const CFX_CSSPropertyTable* CFX_GetCSSPropertyByEnum(CFX_CSSProperty eName) { - return g_CFX_CSSProperties + static_cast(eName); + return &g_CFX_CSSProperties[static_cast(eName)]; } diff --git a/core/fxcrt/css/cfx_cssdatatable.h b/core/fxcrt/css/cfx_cssdatatable.h index 63c303488e..b8476175f6 100644 --- a/core/fxcrt/css/cfx_cssdatatable.h +++ b/core/fxcrt/css/cfx_cssdatatable.h @@ -22,8 +22,7 @@ struct CFX_CSSPropertyTable { uint32_t dwType; }; -const CFX_CSSPropertyTable* CFX_GetCSSPropertyByName( - const WideStringView& wsName); +const CFX_CSSPropertyTable* CFX_GetCSSPropertyByName(WideStringView wsName); const CFX_CSSPropertyTable* CFX_GetCSSPropertyByEnum(CFX_CSSProperty eName); #endif // CORE_FXCRT_CSS_CFX_CSSDATATABLE_H_ -- cgit v1.2.3