Google Git
Sign in
pdfium / pdfium / af79ecc8fd07ee7042931f7b3c6ffe6c47b4a3f1^! / .
commitaf79ecc8fd07ee7042931f7b3c6ffe6c47b4a3f1[log] [tgz]
authorLei Zhang <thestig@chromium.org>Thu Sep 19 19:00:26 2019 +0000
committerChromium commit bot <commit-bot@chromium.org>Thu Sep 19 19:00:26 2019 +0000
treeadc52620ea54582f5e37d8929fa0db3b9af4c9e4
parent22005377e18eda4e72f585b7ed0def43f696f1e9 [diff]
Gracefully handle a failure in FPDF_FileAccessContext.

https://pdfium-review.googlesource.com/47551 added a checked_cast() call
in FPDF_FileAccessContext::ReadBlockAtOffset(), which crashes on
failure. Switch to IsValueInRangeForNumericType() and return false
instead.

CPDFSDK_CustomAccess::ReadBlockAtOffset() has the same pattern, so apply
the same change here.

Change-Id: Ib03e840bb40a7ac9c0dda0cc5f242da64594de52
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/60830
Reviewed-by: Chris Palmer <palmer@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>

diff --git a/fpdfsdk/cpdfsdk_customaccess.cpp b/fpdfsdk/cpdfsdk_customaccess.cpp
index ccb87a9..108ffbc 100644
--- a/fpdfsdk/cpdfsdk_customaccess.cpp
+++ b/fpdfsdk/cpdfsdk_customaccess.cpp

@@ -23,7 +23,10 @@
   if (!buffer || offset < 0 || !size)
     return false;
 
-  FX_SAFE_FILESIZE new_pos = pdfium::base::checked_cast<FX_FILESIZE>(size);
+  if (!pdfium::base::IsValueInRangeForNumericType<FX_FILESIZE>(size))
+    return false;
+
+  FX_SAFE_FILESIZE new_pos = size;
   new_pos += offset;
   return new_pos.IsValid() && new_pos.ValueOrDie() <= GetSize() &&
          m_FileAccess.m_GetBlock(m_FileAccess.m_Param, offset,

diff --git a/fpdfsdk/fpdf_dataavail.cpp b/fpdfsdk/fpdf_dataavail.cpp
index 2384b6e..11abff3 100644
--- a/fpdfsdk/fpdf_dataavail.cpp
+++ b/fpdfsdk/fpdf_dataavail.cpp

@@ -78,7 +78,10 @@
     if (!buffer || offset < 0 || !size)
       return false;
 
-    FX_SAFE_FILESIZE new_pos = pdfium::base::checked_cast<FX_FILESIZE>(size);
+    if (!pdfium::base::IsValueInRangeForNumericType<FX_FILESIZE>(size))
+      return false;
+
+    FX_SAFE_FILESIZE new_pos = size;
     new_pos += offset;
     return new_pos.IsValid() && new_pos.ValueOrDie() <= GetSize() &&
            file_->m_GetBlock(file_->m_Param, offset,