Fix some nits in parser crypto code. - Initialize arrays with braces instead of memset(). - Use more size_t types. - Use std::min() more. Change-Id: I6132744f48f8744a9b8182836ee42d450263f610 Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/63190 Commit-Queue: Lei Zhang <thestig@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>

commit: 5cedaeb2f170d893019e25e77fe5b6f5b5f36bd5 [log] [tgz]
author: Lei Zhang <thestig@chromium.org> Thu Dec 05 00:23:13 2019 +0000
committer: Chromium commit bot <commit-bot@chromium.org> Thu Dec 05 00:23:13 2019 +0000
tree: a5d52706af0e0c752ee2b201f156f05bcae6f9ab
parent: b5e3fd7a729ab3ef25b3ddf3add81a434551b8dc [diff]
diff --git a/core/fpdfapi/parser/cpdf_crypto_handler.cpp b/core/fpdfapi/parser/cpdf_crypto_handler.cpp
index 6ecc262..f551318 100644
--- a/core/fpdfapi/parser/cpdf_crypto_handler.cpp
+++ b/core/fpdfapi/parser/cpdf_crypto_handler.cpp

@@ -53,7 +53,7 @@
     return;
   }
   uint8_t realkey[16];
-  int realkeylen = 16;
+  size_t realkeylen = sizeof(realkey);
   if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) {
     uint8_t key1[32];
     PopulateKey(objnum, gennum, key1);
@@ -63,10 +63,7 @@
     }
     CRYPT_MD5Generate(
         key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey);
-    realkeylen = m_KeyLen + 5;
-    if (realkeylen > 16) {
-      realkeylen = 16;
-    }
+    realkeylen = std::min<size_t>(m_KeyLen + 5, sizeof(realkey));
   }
   if (m_Cipher == FXCIPHER_AES) {
     CRYPT_AESSetKey(m_pAESContext.get(),
@@ -98,9 +95,8 @@
     }
   } else {
     ASSERT(dest_size == source.size());
-    if (dest_buf != source.data()) {
+    if (dest_buf != source.data())
       memcpy(dest_buf, source.data(), source.size());
-    }
     CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen);
   }
 }

diff --git a/core/fpdfapi/parser/cpdf_security_handler.cpp b/core/fpdfapi/parser/cpdf_security_handler.cpp
index 1c3ac75..e709181 100644
--- a/core/fpdfapi/parser/cpdf_security_handler.cpp
+++ b/core/fpdfapi/parser/cpdf_security_handler.cpp

@@ -365,8 +365,7 @@
   CRYPT_aes_context aes;
   memset(&aes, 0, sizeof(aes));
   CRYPT_AESSetKey(&aes, digest, 32, false);
-  uint8_t iv[16];
-  memset(iv, 0, 16);
+  uint8_t iv[16] = {};
   CRYPT_AESSetIV(&aes, iv);
   CRYPT_AESDecrypt(&aes, m_EncryptKey, ekey.raw_str(), 32);
   CRYPT_AESSetKey(&aes, m_EncryptKey, 32, false);
@@ -375,8 +374,7 @@
   if (perms.IsEmpty())
     return false;
 
-  uint8_t perms_buf[16];
-  memset(perms_buf, 0, sizeof(perms_buf));
+  uint8_t perms_buf[16] = {};
   size_t copy_len =
       std::min(sizeof(perms_buf), static_cast<size_t>(perms.GetLength()));
   memcpy(perms_buf, perms.raw_str(), copy_len);
@@ -442,14 +440,10 @@
     return memcmp(ukey.c_str(), ukeybuf, 16) == 0;
   }
 
-  uint8_t test[32];
-  uint8_t tmpkey[32];
-  uint32_t copy_len = sizeof(test);
-  if (copy_len > (uint32_t)ukey.GetLength())
-    copy_len = ukey.GetLength();
+  uint8_t test[32] = {};
+  uint8_t tmpkey[32] = {};
+  uint32_t copy_len = std::min(sizeof(test), ukey.GetLength());
 
-  memset(test, 0, sizeof(test));
-  memset(tmpkey, 0, sizeof(tmpkey));
   memcpy(test, ukey.c_str(), copy_len);
   for (int32_t i = 19; i >= 0; i--) {
     for (int j = 0; j < m_KeyLen; j++)
@@ -482,8 +476,7 @@
       CRYPT_MD5Generate(digest, 16, digest);
     }
   }
-  uint8_t enckey[32];
-  memset(enckey, 0, sizeof(enckey));
+  uint8_t enckey[32] = {};
   uint32_t copy_len = m_KeyLen;
   if (copy_len > sizeof(digest))
     copy_len = sizeof(digest);
@@ -496,17 +489,16 @@
     CRYPT_ArcFourCryptBlock(okeybuf, okeylen, enckey, m_KeyLen);
   } else {
     for (int32_t i = 19; i >= 0; i--) {
-      uint8_t tempkey[32];
-      memset(tempkey, 0, sizeof(tempkey));
+      uint8_t tempkey[32] = {};
       for (int j = 0; j < m_KeyLen; j++)
         tempkey[j] = enckey[j] ^ static_cast<uint8_t>(i);
       CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, m_KeyLen);
     }
   }
-  int len = 32;
-  while (len && defpasscode[len - 1] == okeybuf[len - 1]) {
+  size_t len = 32;
+  while (len && defpasscode[len - 1] == okeybuf[len - 1])
     len--;
-  }
+
   return ByteString(okeybuf, len);
 }
 
@@ -586,9 +578,8 @@
   }
 
   ByteString fileId;
-  if (pIdArray) {
+  if (pIdArray)
     fileId = pIdArray->GetStringAt(0);
-  }
 
   CalcEncryptKey(m_pEncryptDict.Get(), user_password, m_EncryptKey, key_len,
                  false, fileId);
@@ -601,17 +592,16 @@
     CRYPT_md5_context md5;
     CRYPT_MD5Start(&md5);
     CRYPT_MD5Update(&md5, defpasscode, 32);
-    if (!fileId.IsEmpty()) {
+    if (!fileId.IsEmpty())
       CRYPT_MD5Update(&md5, (uint8_t*)fileId.c_str(), fileId.GetLength());
-    }
+
     uint8_t digest[32];
     CRYPT_MD5Finish(&md5, digest);
     CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len);
     uint8_t tempkey[32];
     for (uint8_t i = 1; i <= 19; i++) {
-      for (int j = 0; j < key_len; j++) {
+      for (int j = 0; j < key_len; j++)
         tempkey[j] = m_EncryptKey[j] ^ i;
-      }
       CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len);
     }
     CRYPT_MD5Generate(digest, 16, digest + 16);
@@ -679,8 +669,7 @@
   CRYPT_aes_context aes;
   memset(&aes, 0, sizeof(aes));
   CRYPT_AESSetKey(&aes, digest1, 32, true);
-  uint8_t iv[16];
-  memset(iv, 0, 16);
+  uint8_t iv[16] = {};
   CRYPT_AESSetIV(&aes, iv);
   CRYPT_AESEncrypt(&aes, digest1, key, 32);
   pEncryptDict->SetNewFor<CPDF_String>(bOwner ? "OE" : "UE",
@@ -709,8 +698,7 @@
   memset(&aes, 0, sizeof(aes));
   CRYPT_AESSetKey(&aes, key, 32, true);
 
-  uint8_t iv[16];
-  memset(iv, 0, 16);
+  uint8_t iv[16] = {};
   CRYPT_AESSetIV(&aes, iv);
 
   uint8_t buf1[16];
commit	5cedaeb2f170d893019e25e77fe5b6f5b5f36bd5	[log] [tgz]
author	Lei Zhang <thestig@chromium.org>	Thu Dec 05 00:23:13 2019 +0000
committer	Chromium commit bot <commit-bot@chromium.org>	Thu Dec 05 00:23:13 2019 +0000
tree	a5d52706af0e0c752ee2b201f156f05bcae6f9ab
parent	b5e3fd7a729ab3ef25b3ddf3add81a434551b8dc [diff]