summaryrefslogtreecommitdiff
path: root/core/fxcrt/fx_number.cpp
blob: 68d5bd9b32cf54b91d90bc7a69396614c2f98063 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
// Copyright 2018 PDFium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

// Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com

#include "core/fxcrt/fx_number.h"

#include <limits>

#include "core/fxcrt/fx_extension.h"
#include "core/fxcrt/fx_string.h"

FX_Number::FX_Number()
    : m_bInteger(true), m_bSigned(false), m_UnsignedValue(0) {}

FX_Number::FX_Number(uint32_t value)
    : m_bInteger(true), m_bSigned(false), m_UnsignedValue(value) {}

FX_Number::FX_Number(int32_t value)
    : m_bInteger(true), m_bSigned(true), m_SignedValue(value) {}

FX_Number::FX_Number(float value)
    : m_bInteger(false), m_bSigned(true), m_FloatValue(value) {}

FX_Number::FX_Number(const ByteStringView& strc)
    : m_bInteger(true), m_bSigned(false), m_UnsignedValue(0) {
  if (strc.IsEmpty())
    return;

  if (strc.Contains('.')) {
    m_bInteger = false;
    m_bSigned = true;
    m_FloatValue = FX_atof(strc);
    return;
  }

  // Note, numbers in PDF are typically of the form 123, -123, etc. But,
  // for things like the Permissions on the encryption hash the number is
  // actually an unsigned value. We use a uint32_t so we can deal with the
  // unsigned and then check for overflow if the user actually signed the value.
  // The Permissions flag is listed in Table 3.20 PDF 1.7 spec.
  pdfium::base::CheckedNumeric<uint32_t> unsigned_val = 0;
  bool bNegative = false;
  size_t cc = 0;
  if (strc[0] == '+') {
    cc++;
    m_bSigned = true;
  } else if (strc[0] == '-') {
    bNegative = true;
    m_bSigned = true;
    cc++;
  }

  while (cc < strc.GetLength() && std::isdigit(strc[cc])) {
    unsigned_val = unsigned_val * 10 + FXSYS_DecimalCharToInt(strc.CharAt(cc));
    if (!unsigned_val.IsValid())
      break;
    cc++;
  }

  uint32_t uValue = unsigned_val.ValueOrDefault(0);
  if (!m_bSigned) {
    m_UnsignedValue = uValue;
    return;
  }

  // We have a sign, so if the value was greater then the signed integer
  // limits, then we've overflowed and must reset to the default value.
  constexpr uint32_t uLimit =
      static_cast<uint32_t>(std::numeric_limits<int>::max());

  if (uValue > (bNegative ? uLimit + 1 : uLimit))
    uValue = 0;

  // Switch back to the int space so we can flip to a negative if we need.
  int32_t value = static_cast<int32_t>(uValue);
  if (bNegative) {
    // |value| is usually positive, except in the corner case of "-2147483648",
    // where |uValue| is 2147483648. When it gets casted to an int, |value|
    // becomes -2147483648. For this case, avoid undefined behavior, because
    // an int32_t cannot represent 2147483648.
    static constexpr int kMinInt = std::numeric_limits<int>::min();
    m_SignedValue = LIKELY(value != kMinInt) ? -value : kMinInt;
  } else {
    m_SignedValue = value;
  }
}

uint32_t FX_Number::GetUnsigned() const {
  return m_bInteger ? m_UnsignedValue : static_cast<uint32_t>(m_FloatValue);
}

int32_t FX_Number::GetSigned() const {
  return m_bInteger ? m_SignedValue : static_cast<int32_t>(m_FloatValue);
}

float FX_Number::GetFloat() const {
  if (!m_bInteger)
    return m_FloatValue;

  return m_bSigned ? static_cast<float>(m_SignedValue)
                   : static_cast<float>(m_UnsignedValue);
}