Use FX_SAFE_FILESIZE and FX_SAFE_UINT32 in more places.
Easier to write than pdfium::base::CheckedNumeric<T>.
Change-Id: Ie699526214c723f32f5c72d809fa074a8a230e5d
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/65731
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
diff --git a/core/fpdfapi/edit/cpdf_creator.cpp b/core/fpdfapi/edit/cpdf_creator.cpp
index 44eb089..65ddc45 100644
--- a/core/fpdfapi/edit/cpdf_creator.cpp
+++ b/core/fpdfapi/edit/cpdf_creator.cpp
@@ -23,6 +23,7 @@
#include "core/fxcrt/fx_extension.h"
#include "core/fxcrt/fx_memory_wrappers.h"
#include "core/fxcrt/fx_random.h"
+#include "core/fxcrt/fx_safe_types.h"
#include "third_party/base/ptr_util.h"
#include "third_party/base/stl_util.h"
@@ -93,7 +94,7 @@
buffer += buf_size;
}
- pdfium::base::CheckedNumeric<FX_FILESIZE> safe_offset = offset_;
+ FX_SAFE_FILESIZE safe_offset = offset_;
safe_offset += size;
if (!safe_offset.IsValid())
return false;
diff --git a/core/fpdfapi/font/cpdf_cmapparser.cpp b/core/fpdfapi/font/cpdf_cmapparser.cpp
index 7407a42..d1fe51c 100644
--- a/core/fpdfapi/font/cpdf_cmapparser.cpp
+++ b/core/fpdfapi/font/cpdf_cmapparser.cpp
@@ -13,6 +13,7 @@
#include "core/fpdfapi/parser/cpdf_dictionary.h"
#include "core/fpdfapi/parser/cpdf_simple_parser.h"
#include "core/fxcrt/fx_extension.h"
+#include "core/fxcrt/fx_safe_types.h"
#include "core/fxge/fx_freetype.h"
#include "third_party/base/logging.h"
@@ -143,7 +144,7 @@
if (word.IsEmpty())
return 0;
- pdfium::base::CheckedNumeric<uint32_t> num = 0;
+ FX_SAFE_UINT32 num = 0;
if (word[0] == '<') {
for (size_t i = 1; i < word.GetLength() && std::isxdigit(word[i]); ++i) {
num = num * 16 + FXSYS_HexCharToInt(word[i]);
diff --git a/core/fpdfapi/page/cpdf_shadingpattern.cpp b/core/fpdfapi/page/cpdf_shadingpattern.cpp
index 86f5106..69696ac 100644
--- a/core/fpdfapi/page/cpdf_shadingpattern.cpp
+++ b/core/fpdfapi/page/cpdf_shadingpattern.cpp
@@ -15,6 +15,7 @@
#include "core/fpdfapi/parser/cpdf_document.h"
#include "core/fpdfapi/parser/cpdf_object.h"
#include "core/fpdfapi/parser/cpdf_stream.h"
+#include "core/fxcrt/fx_safe_types.h"
namespace {
@@ -151,7 +152,7 @@
if (m_pFunctions.size() != nExpectedNumFunctions)
return false;
- pdfium::base::CheckedNumeric<uint32_t> nTotalOutputs = 0;
+ FX_SAFE_UINT32 nTotalOutputs = 0;
for (const auto& function : m_pFunctions) {
if (!function)
return false;
diff --git a/core/fxcodec/gif/cfx_lzwdecompressor.cpp b/core/fxcodec/gif/cfx_lzwdecompressor.cpp
index 14e34f5..12e0d89 100644
--- a/core/fxcodec/gif/cfx_lzwdecompressor.cpp
+++ b/core/fxcodec/gif/cfx_lzwdecompressor.cpp
@@ -11,6 +11,7 @@
#include <memory>
#include <utility>
+#include "core/fxcrt/fx_safe_types.h"
#include "third_party/base/numerics/safe_math.h"
std::unique_ptr<CFX_LZWDecompressor> CFX_LZWDecompressor::Create(
@@ -73,7 +74,7 @@
if (bits_left_ > 31)
return CFX_GifDecodeStatus::Error;
- pdfium::base::CheckedNumeric<uint32_t> safe_code = *next_in_++;
+ FX_SAFE_UINT32 safe_code = *next_in_++;
safe_code <<= bits_left_;
safe_code |= code_store_;
if (!safe_code.IsValid())
diff --git a/core/fxcrt/cfx_seekablestreamproxy.cpp b/core/fxcrt/cfx_seekablestreamproxy.cpp
index 3b65c14..67b304f 100644
--- a/core/fxcrt/cfx_seekablestreamproxy.cpp
+++ b/core/fxcrt/cfx_seekablestreamproxy.cpp
@@ -20,6 +20,7 @@
#include "core/fxcrt/fx_codepage.h"
#include "core/fxcrt/fx_extension.h"
#include "core/fxcrt/fx_memory_wrappers.h"
+#include "core/fxcrt/fx_safe_types.h"
#include "third_party/base/stl_util.h"
namespace {
@@ -163,7 +164,7 @@
m_iPosition = iOffset;
break;
case From::Current: {
- pdfium::base::CheckedNumeric<FX_FILESIZE> new_pos = m_iPosition;
+ FX_SAFE_FILESIZE new_pos = m_iPosition;
new_pos += iOffset;
m_iPosition =
new_pos.ValueOrDefault(std::numeric_limits<FX_FILESIZE>::max());
@@ -191,7 +192,7 @@
if (!m_pStream->ReadBlockAtOffset(pBuffer, m_iPosition, iBufferSize))
return 0;
- pdfium::base::CheckedNumeric<FX_FILESIZE> new_pos = m_iPosition;
+ FX_SAFE_FILESIZE new_pos = m_iPosition;
new_pos += iBufferSize;
m_iPosition = new_pos.ValueOrDefault(m_iPosition);
return new_pos.IsValid() ? iBufferSize : 0;
diff --git a/core/fxcrt/fx_number.cpp b/core/fxcrt/fx_number.cpp
index 0a565be..9935451 100644
--- a/core/fxcrt/fx_number.cpp
+++ b/core/fxcrt/fx_number.cpp
@@ -9,6 +9,7 @@
#include <limits>
#include "core/fxcrt/fx_extension.h"
+#include "core/fxcrt/fx_safe_types.h"
#include "core/fxcrt/fx_string.h"
FX_Number::FX_Number()
@@ -37,7 +38,7 @@
// actually an unsigned value. We use a uint32_t so we can deal with the
// unsigned and then check for overflow if the user actually signed the value.
// The Permissions flag is listed in Table 3.20 PDF 1.7 spec.
- pdfium::base::CheckedNumeric<uint32_t> unsigned_val = 0;
+ FX_SAFE_UINT32 unsigned_val = 0;
bool bNegative = false;
size_t cc = 0;
if (strc[0] == '+') {
