Fix more size_t truncations in fxjs
-- use checked_cast<> where it can't be avoided.
-- re-write two loops for simplicity.
-- use npos to avoid signed/unsigned comparisons.
Change-Id: I1f7b6a62745bc35d0234d77424b0ae2ad05da6d8
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/87030
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
diff --git a/fxjs/cfx_globaldata.cpp b/fxjs/cfx_globaldata.cpp
index cc1084f..736c9de 100644
--- a/fxjs/cfx_globaldata.cpp
+++ b/fxjs/cfx_globaldata.cpp
@@ -10,6 +10,7 @@
#include "core/fdrm/fx_crypt.h"
#include "core/fxcrt/stl_util.h"
+#include "third_party/base/numerics/safe_conversions.h"
namespace {
@@ -384,7 +385,7 @@
sFile.AppendBlock(&wVersion, sizeof(uint16_t));
sFile.AppendBlock(&nCount, sizeof(uint32_t));
- uint32_t dwSize = sData.GetSize();
+ uint32_t dwSize = pdfium::base::checked_cast<uint32_t>(sData.GetSize());
sFile.AppendBlock(&dwSize, sizeof(uint32_t));
sFile.AppendSpan(sData.GetSpan());
diff --git a/fxjs/cfx_v8.cpp b/fxjs/cfx_v8.cpp
index 46d18e4..eee501e 100644
--- a/fxjs/cfx_v8.cpp
+++ b/fxjs/cfx_v8.cpp
@@ -46,17 +46,17 @@
}
void CFX_V8::PutArrayElement(v8::Local<v8::Array> pArray,
- unsigned index,
+ size_t index,
v8::Local<v8::Value> pValue) {
fxv8::ReentrantPutArrayElementHelper(GetIsolate(), pArray, index, pValue);
}
v8::Local<v8::Value> CFX_V8::GetArrayElement(v8::Local<v8::Array> pArray,
- unsigned index) {
+ size_t index) {
return fxv8::ReentrantGetArrayElementHelper(GetIsolate(), pArray, index);
}
-unsigned CFX_V8::GetArrayLength(v8::Local<v8::Array> pArray) {
+size_t CFX_V8::GetArrayLength(v8::Local<v8::Array> pArray) {
return fxv8::GetArrayLengthHelper(pArray);
}
diff --git a/fxjs/cfx_v8.h b/fxjs/cfx_v8.h
index 1eb9632..86ae3d7 100644
--- a/fxjs/cfx_v8.h
+++ b/fxjs/cfx_v8.h
@@ -7,6 +7,8 @@
#ifndef FXJS_CFX_V8_H_
#define FXJS_CFX_V8_H_
+#include <stddef.h>
+
#include <vector>
#include "core/fxcrt/fx_string.h"
@@ -41,11 +43,11 @@
v8::Local<v8::Array> ToArray(v8::Local<v8::Value> pValue);
// Arrays.
- unsigned GetArrayLength(v8::Local<v8::Array> pArray);
+ size_t GetArrayLength(v8::Local<v8::Array> pArray);
v8::Local<v8::Value> GetArrayElement(v8::Local<v8::Array> pArray,
- unsigned index);
+ size_t index);
void PutArrayElement(v8::Local<v8::Array> pArray,
- unsigned index,
+ size_t index,
v8::Local<v8::Value> pValue);
// Objects.
diff --git a/fxjs/cjs_color.cpp b/fxjs/cjs_color.cpp
index 4b35e78..94fe688 100644
--- a/fxjs/cjs_color.cpp
+++ b/fxjs/cjs_color.cpp
@@ -86,8 +86,8 @@
// static
CFX_Color CJS_Color::ConvertArrayToPWLColor(CJS_Runtime* pRuntime,
v8::Local<v8::Array> array) {
- int nArrayLen = pRuntime->GetArrayLength(array);
- if (nArrayLen < 1)
+ size_t nArrayLen = pRuntime->GetArrayLength(array);
+ if (nArrayLen == 0)
return CFX_Color();
WideString sSpace =
diff --git a/fxjs/cjs_document.cpp b/fxjs/cjs_document.cpp
index fb072e6..983116c 100644
--- a/fxjs/cjs_document.cpp
+++ b/fxjs/cjs_document.cpp
@@ -541,7 +541,8 @@
for (size_t i = 0; i < pRuntime->GetArrayLength(array); ++i) {
WideString swVal =
pRuntime->ToWideString(pRuntime->GetArrayElement(array, i));
- for (int j = 0, jsz = pPDFForm->CountFields(swVal); j < jsz; ++j)
+ const size_t jsz = pPDFForm->CountFields(swVal);
+ for (size_t j = 0; j < jsz; ++j)
aFields.push_back(pPDFForm->GetField(j, swVal));
}
@@ -616,7 +617,8 @@
for (size_t i = 0; i < pRuntime->GetArrayLength(aFields); ++i) {
WideString sName =
pRuntime->ToWideString(pRuntime->GetArrayElement(aFields, i));
- for (int j = 0, jsz = pPDFForm->CountFields(sName); j < jsz; ++j) {
+ const size_t jsz = pPDFForm->CountFields(sName);
+ for (size_t j = 0; j < jsz; ++j) {
CPDF_FormField* pField = pPDFForm->GetField(j, sName);
if (!bEmpty && pField->GetValue().IsEmpty())
continue;
diff --git a/fxjs/cjs_field.cpp b/fxjs/cjs_field.cpp
index ed369ac..bf23543 100644
--- a/fxjs/cjs_field.cpp
+++ b/fxjs/cjs_field.cpp
@@ -179,8 +179,10 @@
std::vector<CPDF_FormField*> fields;
CPDFSDK_InteractiveForm* pReaderForm = pFormFillEnv->GetInteractiveForm();
CPDF_InteractiveForm* pForm = pReaderForm->GetInteractiveForm();
- for (int i = 0, sz = pForm->CountFields(csFieldName); i < sz; ++i) {
- if (CPDF_FormField* pFormField = pForm->GetField(i, csFieldName))
+ const size_t sz = pForm->CountFields(csFieldName);
+ for (size_t i = 0; i < sz; ++i) {
+ CPDF_FormField* pFormField = pForm->GetField(i, csFieldName);
+ if (pFormField)
fields.push_back(pFormField);
}
return fields;
@@ -2209,8 +2211,7 @@
CJS_Runtime* pRuntime,
const std::vector<v8::Local<v8::Value>>& params) {
int nface = 0;
- int iSize = params.size();
- if (iSize >= 1)
+ if (params.size() >= 1)
nface = pRuntime->ToInt32(params[0]);
CPDF_FormField* pFormField = GetFirstFormField();
@@ -2291,8 +2292,8 @@
CJS_Result CJS_Field::checkThisBox(
CJS_Runtime* pRuntime,
const std::vector<v8::Local<v8::Value>>& params) {
- int iSize = params.size();
- if (iSize < 1)
+ const size_t nSize = params.size();
+ if (nSize == 0)
return CJS_Result::Failure(JSMessage::kParamError);
if (!m_bCanSet)
@@ -2300,7 +2301,7 @@
int nWidget = pRuntime->ToInt32(params[0]);
bool bCheckit = true;
- if (iSize >= 2)
+ if (nSize >= 2)
bCheckit = pRuntime->ToBoolean(params[1]);
CPDF_FormField* pFormField = GetFirstFormField();
@@ -2332,8 +2333,7 @@
if (!m_bCanSet)
return CJS_Result::Failure(JSMessage::kReadOnlyError);
- int iSize = params.size();
- if (iSize < 1)
+ if (params.empty())
return CJS_Result::Failure(JSMessage::kParamError);
CPDF_FormField* pFormField = GetFirstFormField();
@@ -2392,13 +2392,13 @@
CJS_Result CJS_Field::getItemAt(
CJS_Runtime* pRuntime,
const std::vector<v8::Local<v8::Value>>& params) {
- int iSize = params.size();
+ const size_t nSize = params.size();
int nIdx = -1;
- if (iSize >= 1)
+ if (nSize >= 1)
nIdx = pRuntime->ToInt32(params[0]);
bool bExport = true;
- if (iSize >= 2)
+ if (nSize >= 2)
bExport = pRuntime->ToBoolean(params[1]);
CPDF_FormField* pFormField = GetFirstFormField();
diff --git a/fxjs/cjs_globalarrays.cpp b/fxjs/cjs_globalarrays.cpp
index 89b2b68..e7fef52 100644
--- a/fxjs/cjs_globalarrays.cpp
+++ b/fxjs/cjs_globalarrays.cpp
@@ -7,6 +7,7 @@
#include "fxjs/cjs_globalarrays.h"
#include "third_party/base/cxx17_backports.h"
+#include "third_party/base/numerics/safe_conversions.h"
#include "v8/include/v8-container.h"
#include "v8/include/v8-isolate.h"
@@ -15,8 +16,12 @@
static const wchar_t* const values[] = {__VA_ARGS__}; \
v8::Local<v8::Array> array = (rt)->NewArray(); \
v8::Local<v8::Context> ctx = (rt)->GetIsolate()->GetCurrentContext(); \
- for (size_t i = 0; i < pdfium::size(values); ++i) \
- array->Set(ctx, i, (rt)->NewString(values[i])).FromJust(); \
+ for (size_t i = 0; i < pdfium::size(values); ++i) { \
+ array \
+ ->Set(ctx, pdfium::base::checked_cast<uint32_t>(i), \
+ (rt)->NewString(values[i])) \
+ .FromJust(); \
+ } \
(rt)->SetConstArray((name), array); \
(rt)->DefineGlobalConst( \
(name), [](const v8::FunctionCallbackInfo<v8::Value>& info) { \
diff --git a/fxjs/cjs_util.cpp b/fxjs/cjs_util.cpp
index b938854..11820a6 100644
--- a/fxjs/cjs_util.cpp
+++ b/fxjs/cjs_util.cpp
@@ -218,12 +218,14 @@
cFormat.end());
for (size_t i = 0; i < pdfium::size(TbConvertTable); ++i) {
- int iStart = 0;
- int iEnd;
- while ((iEnd = cFormat.find(TbConvertTable[i].lpszJSMark, iStart)) != -1) {
- cFormat.replace(iEnd, wcslen(TbConvertTable[i].lpszJSMark),
+ size_t nFound = 0;
+ while (1) {
+ nFound = cFormat.find(TbConvertTable[i].lpszJSMark, nFound);
+ if (nFound == std::wstring::npos)
+ break;
+
+ cFormat.replace(nFound, wcslen(TbConvertTable[i].lpszJSMark),
TbConvertTable[i].lpszCppMark);
- iStart = iEnd;
}
}
@@ -237,18 +239,18 @@
};
for (size_t i = 0; i < pdfium::size(cTableAd); ++i) {
- int iStart = 0;
- int iEnd;
- while ((iEnd = cFormat.find(cTableAd[i].js_mark, iStart)) != -1) {
- if (iEnd > 0) {
- if (cFormat[iEnd - 1] == L'%') {
- iStart = iEnd + 1;
- continue;
- }
+ size_t nFound = 0;
+ while (1) {
+ nFound = cFormat.find(cTableAd[i].js_mark, nFound);
+ if (nFound == std::wstring::npos)
+ break;
+
+ if (nFound != 0 && cFormat[nFound - 1] == L'%') {
+ ++nFound;
+ continue;
}
- cFormat.replace(iEnd, 1,
+ cFormat.replace(nFound, 1,
WideString::Format(L"%d", cTableAd[i].value).c_str());
- iStart = iEnd;
}
}
diff --git a/fxjs/fxv8.cpp b/fxjs/fxv8.cpp
index f066b3b..f39cfba 100644
--- a/fxjs/fxv8.cpp
+++ b/fxjs/fxv8.cpp
@@ -82,8 +82,9 @@
v8::Local<v8::String> NewStringHelper(v8::Isolate* pIsolate,
ByteStringView str) {
- return v8::String::NewFromUtf8(pIsolate, str.unterminated_c_str(),
- v8::NewStringType::kNormal, str.GetLength())
+ return v8::String::NewFromUtf8(
+ pIsolate, str.unterminated_c_str(), v8::NewStringType::kNormal,
+ pdfium::base::checked_cast<int>(str.GetLength()))
.ToLocalChecked();
}
