Funnel all CFX_DIBitmap::Create() allocations through FX_TryAlloc().
Do not have different behavior for large and small allocations, for some
arbitrary chosen boundary value between large and small.
Change-Id: I4bc6d8a9e6030d6127f10b5a40954175fd45782d
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/73530
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
diff --git a/core/fxge/dib/cfx_dibitmap.cpp b/core/fxge/dib/cfx_dibitmap.cpp
index eeeb68c..8a9c56e 100644
--- a/core/fxge/dib/cfx_dibitmap.cpp
+++ b/core/fxge/dib/cfx_dibitmap.cpp
@@ -20,7 +20,6 @@
namespace {
-constexpr size_t kMaxOOMLimit = 12000000;
constexpr int8_t kChannelOffset[] = {0, 2, 1, 0, 0, 1, 2, 3, 3};
} // namespace
@@ -61,16 +60,10 @@
if (!safe_buffer_size.IsValid())
return false;
- size_t buffer_size = safe_buffer_size.ValueOrDie();
- if (buffer_size >= kMaxOOMLimit) {
- m_pBuffer = std::unique_ptr<uint8_t, FxFreeDeleter>(
- FX_TryAlloc(uint8_t, buffer_size));
- if (!m_pBuffer)
- return false;
- } else {
- m_pBuffer = std::unique_ptr<uint8_t, FxFreeDeleter>(
- FX_Alloc(uint8_t, buffer_size));
- }
+ m_pBuffer = std::unique_ptr<uint8_t, FxFreeDeleter>(
+ FX_TryAlloc(uint8_t, safe_buffer_size.ValueOrDie()));
+ if (!m_pBuffer)
+ return false;
}
m_Width = width;
m_Height = height;
