From 8cfcb7da37352b22517892e6eabcedb77676cdf7 Mon Sep 17 00:00:00 2001 From: Lei Zhang Date: Tue, 17 Apr 2018 16:16:39 +0000 Subject: Fix nits in CPDF_Function and derived classes. - Switch away from FX_Alloc2D() when it is safe to do so. - Use FX_SAFE_SIZE_T to avoid a potential underflow with FX_Realloc(). - Mark the v_Call() input as const. - Check Call() and v_Call() return results. Change-Id: I6ec3122b23e0f137f88aa8d85a9675154a1b1706 Reviewed-on: https://pdfium-review.googlesource.com/30802 Reviewed-by: Henrique Nakashima Commit-Queue: Lei Zhang --- core/fpdfapi/page/cpdf_colorspace.cpp | 8 ++++---- core/fpdfapi/page/cpdf_expintfunc.cpp | 2 +- core/fpdfapi/page/cpdf_expintfunc.h | 2 +- core/fpdfapi/page/cpdf_function.cpp | 26 +++++++++++++++++--------- core/fpdfapi/page/cpdf_function.h | 4 +++- core/fpdfapi/page/cpdf_psfunc.cpp | 2 +- core/fpdfapi/page/cpdf_psfunc.h | 2 +- core/fpdfapi/page/cpdf_sampledfunc.cpp | 2 +- core/fpdfapi/page/cpdf_sampledfunc.h | 2 +- core/fpdfapi/page/cpdf_stitchfunc.cpp | 6 +++--- core/fpdfapi/page/cpdf_stitchfunc.h | 2 +- 11 files changed, 34 insertions(+), 24 deletions(-) diff --git a/core/fpdfapi/page/cpdf_colorspace.cpp b/core/fpdfapi/page/cpdf_colorspace.cpp index 7fdee86dc5..8ba2d8b4d5 100644 --- a/core/fpdfapi/page/cpdf_colorspace.cpp +++ b/core/fpdfapi/page/cpdf_colorspace.cpp @@ -1214,8 +1214,7 @@ bool CPDF_SeparationCS::GetRGB(const float* pBuf, CFX_FixedBufGrow results(m_pFunc->CountOutputs()); int nresults = 0; - m_pFunc->Call(pBuf, 1, results, &nresults); - if (nresults == 0) + if (!m_pFunc->Call(pBuf, 1, results, &nresults) || nresults == 0) return false; if (m_pAltCS) @@ -1281,9 +1280,10 @@ bool CPDF_DeviceNCS::GetRGB(const float* pBuf, CFX_FixedBufGrow results(m_pFunc->CountOutputs()); int nresults = 0; - m_pFunc->Call(pBuf, CountComponents(), results, &nresults); - if (nresults == 0) + if (!m_pFunc->Call(pBuf, CountComponents(), results, &nresults) || + nresults == 0) { return false; + } return m_pAltCS->GetRGB(results, R, G, B); } diff --git a/core/fpdfapi/page/cpdf_expintfunc.cpp b/core/fpdfapi/page/cpdf_expintfunc.cpp index f26df1b01e..020fe1fb81 100644 --- a/core/fpdfapi/page/cpdf_expintfunc.cpp +++ b/core/fpdfapi/page/cpdf_expintfunc.cpp @@ -50,7 +50,7 @@ bool CPDF_ExpIntFunc::v_Init(CPDF_Object* pObj, return true; } -bool CPDF_ExpIntFunc::v_Call(float* inputs, float* results) const { +bool CPDF_ExpIntFunc::v_Call(const float* inputs, float* results) const { for (uint32_t i = 0; i < m_nInputs; i++) for (uint32_t j = 0; j < m_nOrigOutputs; j++) { results[i * m_nOrigOutputs + j] = diff --git a/core/fpdfapi/page/cpdf_expintfunc.h b/core/fpdfapi/page/cpdf_expintfunc.h index f46d6c2f0a..7950c3dfd0 100644 --- a/core/fpdfapi/page/cpdf_expintfunc.h +++ b/core/fpdfapi/page/cpdf_expintfunc.h @@ -18,7 +18,7 @@ class CPDF_ExpIntFunc : public CPDF_Function { // CPDF_Function bool v_Init(CPDF_Object* pObj, std::set* pVisited) override; - bool v_Call(float* inputs, float* results) const override; + bool v_Call(const float* inputs, float* results) const override; uint32_t m_nOrigOutputs; float m_Exponent; diff --git a/core/fpdfapi/page/cpdf_function.cpp b/core/fpdfapi/page/cpdf_function.cpp index d4fad9c1ba..ce119ca487 100644 --- a/core/fpdfapi/page/cpdf_function.cpp +++ b/core/fpdfapi/page/cpdf_function.cpp @@ -27,9 +27,8 @@ std::unique_ptr CPDF_Function::Load(CPDF_Object* pFuncObj) { std::unique_ptr CPDF_Function::Load( CPDF_Object* pFuncObj, std::set* pVisited) { - std::unique_ptr pFunc; if (!pFuncObj) - return pFunc; + return nullptr; if (pdfium::ContainsKey(*pVisited, pFuncObj)) return nullptr; @@ -41,6 +40,7 @@ std::unique_ptr CPDF_Function::Load( else if (CPDF_Dictionary* pDict = pFuncObj->AsDictionary()) iType = pDict->GetIntegerFor("FunctionType"); + std::unique_ptr pFunc; Type type = IntegerToFunctionType(iType); if (type == Type::kType0Sampled) pFunc = pdfium::MakeUnique(); @@ -90,16 +90,20 @@ bool CPDF_Function::Init(CPDF_Object* pObj, std::set* pVisited) { if (m_nInputs == 0) return false; - m_pDomains = FX_Alloc2D(float, m_nInputs, 2); - for (uint32_t i = 0; i < m_nInputs * 2; i++) { - m_pDomains[i] = pDomains->GetFloatAt(i); + { + size_t nInputs = m_nInputs * 2; + m_pDomains = FX_Alloc(float, nInputs); + for (size_t i = 0; i < nInputs; ++i) + m_pDomains[i] = pDomains->GetFloatAt(i); } + CPDF_Array* pRanges = pDict->GetArrayFor("Range"); m_nOutputs = 0; if (pRanges) { m_nOutputs = pRanges->GetCount() / 2; - m_pRanges = FX_Alloc2D(float, m_nOutputs, 2); - for (uint32_t i = 0; i < m_nOutputs * 2; i++) + size_t nOutputs = m_nOutputs * 2; + m_pRanges = FX_Alloc(float, nOutputs); + for (size_t i = 0; i < nOutputs; ++i) m_pRanges[i] = pRanges->GetFloatAt(i); } uint32_t old_outputs = m_nOutputs; @@ -107,7 +111,9 @@ bool CPDF_Function::Init(CPDF_Object* pObj, std::set* pVisited) { return false; if (m_pRanges && m_nOutputs > old_outputs) { - m_pRanges = FX_Realloc(float, m_pRanges, m_nOutputs * 2); + FX_SAFE_SIZE_T nOutputs = m_nOutputs; + nOutputs *= 2; + m_pRanges = FX_Realloc(float, m_pRanges, nOutputs.ValueOrDie()); memset(m_pRanges + (old_outputs * 2), 0, sizeof(float) * (m_nOutputs - old_outputs) * 2); } @@ -127,7 +133,9 @@ bool CPDF_Function::Call(const float* inputs, clamped_inputs[i] = pdfium::clamp(inputs[i], m_pDomains[i * 2], m_pDomains[i * 2 + 1]); } - v_Call(clamped_inputs.data(), results); + if (!v_Call(clamped_inputs.data(), results)) + return false; + if (!m_pRanges) return true; diff --git a/core/fpdfapi/page/cpdf_function.h b/core/fpdfapi/page/cpdf_function.h index 615c6a68d4..82a3a54327 100644 --- a/core/fpdfapi/page/cpdf_function.h +++ b/core/fpdfapi/page/cpdf_function.h @@ -55,12 +55,14 @@ class CPDF_Function { std::set* pVisited); bool Init(CPDF_Object* pObj, std::set* pVisited); virtual bool v_Init(CPDF_Object* pObj, std::set* pVisited) = 0; - virtual bool v_Call(float* inputs, float* results) const = 0; + virtual bool v_Call(const float* inputs, float* results) const = 0; uint32_t m_nInputs; uint32_t m_nOutputs; float* m_pDomains; float* m_pRanges; + + private: const Type m_Type; }; diff --git a/core/fpdfapi/page/cpdf_psfunc.cpp b/core/fpdfapi/page/cpdf_psfunc.cpp index 6df7dff20c..2230d4e241 100644 --- a/core/fpdfapi/page/cpdf_psfunc.cpp +++ b/core/fpdfapi/page/cpdf_psfunc.cpp @@ -19,7 +19,7 @@ bool CPDF_PSFunc::v_Init(CPDF_Object* pObj, std::set* pVisited) { return m_PS.Parse(pAcc->GetSpan()); } -bool CPDF_PSFunc::v_Call(float* inputs, float* results) const { +bool CPDF_PSFunc::v_Call(const float* inputs, float* results) const { CPDF_PSEngine& PS = const_cast(m_PS); PS.Reset(); for (uint32_t i = 0; i < m_nInputs; i++) diff --git a/core/fpdfapi/page/cpdf_psfunc.h b/core/fpdfapi/page/cpdf_psfunc.h index 7212fea392..b4bc5bd2ef 100644 --- a/core/fpdfapi/page/cpdf_psfunc.h +++ b/core/fpdfapi/page/cpdf_psfunc.h @@ -21,7 +21,7 @@ class CPDF_PSFunc : public CPDF_Function { // CPDF_Function bool v_Init(CPDF_Object* pObj, std::set* pVisited) override; - bool v_Call(float* inputs, float* results) const override; + bool v_Call(const float* inputs, float* results) const override; private: CPDF_PSEngine m_PS; diff --git a/core/fpdfapi/page/cpdf_sampledfunc.cpp b/core/fpdfapi/page/cpdf_sampledfunc.cpp index 78c4f2c755..205ce91eaa 100644 --- a/core/fpdfapi/page/cpdf_sampledfunc.cpp +++ b/core/fpdfapi/page/cpdf_sampledfunc.cpp @@ -91,7 +91,7 @@ bool CPDF_SampledFunc::v_Init(CPDF_Object* pObj, return true; } -bool CPDF_SampledFunc::v_Call(float* inputs, float* results) const { +bool CPDF_SampledFunc::v_Call(const float* inputs, float* results) const { int pos = 0; CFX_FixedBufGrow encoded_input_buf(m_nInputs); float* encoded_input = encoded_input_buf; diff --git a/core/fpdfapi/page/cpdf_sampledfunc.h b/core/fpdfapi/page/cpdf_sampledfunc.h index b06b14bac1..cbf2dd3648 100644 --- a/core/fpdfapi/page/cpdf_sampledfunc.h +++ b/core/fpdfapi/page/cpdf_sampledfunc.h @@ -32,7 +32,7 @@ class CPDF_SampledFunc : public CPDF_Function { // CPDF_Function bool v_Init(CPDF_Object* pObj, std::set* pVisited) override; - bool v_Call(float* inputs, float* results) const override; + bool v_Call(const float* inputs, float* results) const override; const std::vector& GetEncodeInfo() const { return m_EncodeInfo; diff --git a/core/fpdfapi/page/cpdf_stitchfunc.cpp b/core/fpdfapi/page/cpdf_stitchfunc.cpp index fd83fd651a..1d0250bfad 100644 --- a/core/fpdfapi/page/cpdf_stitchfunc.cpp +++ b/core/fpdfapi/page/cpdf_stitchfunc.cpp @@ -77,7 +77,7 @@ bool CPDF_StitchFunc::v_Init(CPDF_Object* pObj, return true; } -bool CPDF_StitchFunc::v_Call(float* inputs, float* outputs) const { +bool CPDF_StitchFunc::v_Call(const float* inputs, float* results) const { float input = inputs[0]; size_t i; for (i = 0; i < m_pSubFunctions.size() - 1; i++) { @@ -87,6 +87,6 @@ bool CPDF_StitchFunc::v_Call(float* inputs, float* outputs) const { input = Interpolate(input, m_pBounds[i], m_pBounds[i + 1], m_pEncode[i * 2], m_pEncode[i * 2 + 1]); int nresults; - m_pSubFunctions[i]->Call(&input, kRequiredNumInputs, outputs, &nresults); - return true; + return m_pSubFunctions[i]->Call(&input, kRequiredNumInputs, results, + &nresults); } diff --git a/core/fpdfapi/page/cpdf_stitchfunc.h b/core/fpdfapi/page/cpdf_stitchfunc.h index 11396f12d7..1d11cb072b 100644 --- a/core/fpdfapi/page/cpdf_stitchfunc.h +++ b/core/fpdfapi/page/cpdf_stitchfunc.h @@ -20,7 +20,7 @@ class CPDF_StitchFunc : public CPDF_Function { // CPDF_Function bool v_Init(CPDF_Object* pObj, std::set* pVisited) override; - bool v_Call(float* inputs, float* results) const override; + bool v_Call(const float* inputs, float* results) const override; const std::vector>& GetSubFunctions() const { return m_pSubFunctions; -- cgit v1.2.3