Optimize FindSubWordLength().
Avoid bounds checking on every element access. This can be very slow
when fuzzing.
BUG=chromium:935241
Change-Id: I9dd331a30dcc1210b6fb43f316dc753c092cbc57
Reviewed-on: https://pdfium-review.googlesource.com/c/51210
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña Moreno <npm@chromium.org>
diff --git a/fxjs/fx_date_helpers.cpp b/fxjs/fx_date_helpers.cpp
index 15f762d..df553b6 100644
--- a/fxjs/fx_date_helpers.cpp
+++ b/fxjs/fx_date_helpers.cpp
@@ -165,8 +165,14 @@
}
size_t FindSubWordLength(const WideString& str, size_t nStart) {
+ // It is safer, but slower to use WideString::operator[]. Although this code
+ // is normally not performance critical, fuzzers will exercise this code with
+ // very long values for |str|. To keep the fuzzers from timing out, get the
+ // raw string here, and be very careful while accessing it.
+ const wchar_t* data = str.c_str();
+ size_t length = str.GetLength();
size_t i = nStart;
- while (i < str.GetLength() && std::iswalnum(str[i]))
+ while (i < length && std::iswalnum(data[i]))
++i;
return i - nStart;
}