Google Git
Sign in
pdfium/pdfium.git/refs/heads/chromium/4934^!/.
commit
626a3abbc9d53135270afbc2f4e9b5de2b5c59ce
[log]
author
Tom Sepez <tsepez@chromium.org>
Tue Mar 08 23:19:04 2022 +0000
committer
Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com>
Tue Mar 08 23:19:04 2022 +0000
tree
fd32d1e32b6c70acf147a9a6cd7ff07942482fbc
parent
7f0e5e146e3c7d413890f4326082b2b9c9ef8f56 [diff]
Use fxcrt::CollectionSize<>() in fpdfapi/page

Catch some out-of-range conversions.

Change-Id: I14f0f4ab802956939f314125083b419a9cc40ed6
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/91371
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>

diff --git a/core/fpdfapi/page/cpdf_colorspace.cpp b/core/fpdfapi/page/cpdf_colorspace.cpp
index d034a95..d463f24 100644
--- a/core/fpdfapi/page/cpdf_colorspace.cpp
+++ b/core/fpdfapi/page/cpdf_colorspace.cpp

@@ -1201,7 +1201,7 @@
   if (m_pFunc->CountOutputs() < m_pBaseCS->CountComponents())
     return 0;
 
-  return pObj->size();
+  return fxcrt::CollectionSize<uint32_t>(*pObj);
 }
 
 bool CPDF_DeviceNCS::GetRGB(pdfium::span<const float> pBuf,

diff --git a/core/fpdfapi/page/cpdf_contentparser.cpp b/core/fpdfapi/page/cpdf_contentparser.cpp
index 85c7c21..bd7c10f 100644
--- a/core/fpdfapi/page/cpdf_contentparser.cpp
+++ b/core/fpdfapi/page/cpdf_contentparser.cpp

@@ -20,6 +20,7 @@
 #include "core/fxcrt/fx_safe_types.h"
 #include "core/fxcrt/pauseindicator_iface.h"
 #include "core/fxcrt/span_util.h"
+#include "core/fxcrt/stl_util.h"
 #include "core/fxge/cfx_fillrenderoptions.h"
 #include "third_party/base/check.h"
 #include "third_party/base/check_op.h"
@@ -239,7 +240,7 @@
 }
 
 bool CPDF_ContentParser::HandlePageContentArray(CPDF_Array* pArray) {
-  m_nStreams = pArray->size();
+  m_nStreams = fxcrt::CollectionSize<uint32_t>(*pArray);
   if (m_nStreams == 0)
     return false;
 

diff --git a/core/fpdfapi/page/cpdf_expintfunc.cpp b/core/fpdfapi/page/cpdf_expintfunc.cpp
index 467f26b..9fa9fb3 100644
--- a/core/fpdfapi/page/cpdf_expintfunc.cpp
+++ b/core/fpdfapi/page/cpdf_expintfunc.cpp

@@ -33,7 +33,7 @@
 
   const CPDF_Array* pArray0 = pDict->GetArrayFor("C0");
   if (pArray0 && m_nOutputs == 0)
-    m_nOutputs = pArray0->size();
+    m_nOutputs = fxcrt::CollectionSize<uint32_t>(*pArray0);
   if (m_nOutputs == 0)
     m_nOutputs = 1;
 

diff --git a/core/fpdfapi/page/cpdf_function.cpp b/core/fpdfapi/page/cpdf_function.cpp
index 9973b04..586ae0d 100644
--- a/core/fpdfapi/page/cpdf_function.cpp
+++ b/core/fpdfapi/page/cpdf_function.cpp

@@ -18,6 +18,7 @@
 #include "core/fpdfapi/parser/fpdf_parser_utility.h"
 #include "core/fxcrt/fx_safe_types.h"
 #include "core/fxcrt/scoped_set_insertion.h"
+#include "core/fxcrt/stl_util.h"
 #include "third_party/base/containers/contains.h"
 #include "third_party/base/cxx17_backports.h"
 
@@ -92,7 +93,7 @@
   if (!pDomains)
     return false;
 
-  m_nInputs = pDomains->size() / 2;
+  m_nInputs = fxcrt::CollectionSize<uint32_t>(*pDomains) / 2;
   if (m_nInputs == 0)
     return false;
 
@@ -100,7 +101,7 @@
   m_Domains = ReadArrayElementsToVector(pDomains, nInputs);
 
   const CPDF_Array* pRanges = pDict->GetArrayFor("Range");
-  m_nOutputs = pRanges ? pRanges->size() / 2 : 0;
+  m_nOutputs = pRanges ? fxcrt::CollectionSize<uint32_t>(*pRanges) / 2 : 0;
 
   // Ranges are required for type 0 and type 4 functions. A non-zero
   // |m_nOutputs| here implied Ranges meets the requirements.

diff --git a/core/fpdfapi/page/cpdf_stitchfunc.cpp b/core/fpdfapi/page/cpdf_stitchfunc.cpp
index 5b922f7..880e91d 100644
--- a/core/fpdfapi/page/cpdf_stitchfunc.cpp
+++ b/core/fpdfapi/page/cpdf_stitchfunc.cpp

@@ -12,6 +12,7 @@
 #include "core/fpdfapi/parser/cpdf_dictionary.h"
 #include "core/fpdfapi/parser/fpdf_parser_utility.h"
 #include "core/fxcrt/fx_safe_types.h"
+#include "core/fxcrt/stl_util.h"
 
 namespace {
 
@@ -44,7 +45,7 @@
   if (!pEncodeArray)
     return false;
 
-  const uint32_t nSubs = pFunctionsArray->size();
+  const uint32_t nSubs = fxcrt::CollectionSize<uint32_t>(*pFunctionsArray);
   if (nSubs == 0)
     return false;
 

diff --git a/core/fpdfapi/page/cpdf_streamcontentparser.cpp b/core/fpdfapi/page/cpdf_streamcontentparser.cpp
index 21214c6..7126777 100644
--- a/core/fpdfapi/page/cpdf_streamcontentparser.cpp
+++ b/core/fpdfapi/page/cpdf_streamcontentparser.cpp

@@ -37,6 +37,7 @@
 #include "core/fxcrt/autonuller.h"
 #include "core/fxcrt/fx_safe_types.h"
 #include "core/fxcrt/scoped_set_insertion.h"
+#include "core/fxcrt/stl_util.h"
 #include "core/fxge/cfx_graphstatedata.h"
 #include "third_party/base/check.h"
 #include "third_party/base/containers/contains.h"
@@ -1503,7 +1504,7 @@
   m_StartParseOffset = start_offset;
   if (m_ParsedSet->size() > kMaxFormLevel ||
       pdfium::Contains(*m_ParsedSet, pDataStart.data())) {
-    return pDataStart.size();
+    return fxcrt::CollectionSize<uint32_t>(pDataStart);
   }
 
   m_StreamStartOffsets = stream_start_offsets;