Gracefully handle a failure in FPDF_FileAccessContext.
https://pdfium-review.googlesource.com/47551 added a checked_cast() call
in FPDF_FileAccessContext::ReadBlockAtOffset(), which crashes on
failure. Switch to IsValueInRangeForNumericType() and return false
instead.
CPDFSDK_CustomAccess::ReadBlockAtOffset() has the same pattern, so apply
the same change here.
Change-Id: Ib03e840bb40a7ac9c0dda0cc5f242da64594de52
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/60830
Reviewed-by: Chris Palmer <palmer@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
diff --git a/fpdfsdk/cpdfsdk_customaccess.cpp b/fpdfsdk/cpdfsdk_customaccess.cpp
index ccb87a9..108ffbc 100644
--- a/fpdfsdk/cpdfsdk_customaccess.cpp
+++ b/fpdfsdk/cpdfsdk_customaccess.cpp
@@ -23,7 +23,10 @@
if (!buffer || offset < 0 || !size)
return false;
- FX_SAFE_FILESIZE new_pos = pdfium::base::checked_cast<FX_FILESIZE>(size);
+ if (!pdfium::base::IsValueInRangeForNumericType<FX_FILESIZE>(size))
+ return false;
+
+ FX_SAFE_FILESIZE new_pos = size;
new_pos += offset;
return new_pos.IsValid() && new_pos.ValueOrDie() <= GetSize() &&
m_FileAccess.m_GetBlock(m_FileAccess.m_Param, offset,
diff --git a/fpdfsdk/fpdf_dataavail.cpp b/fpdfsdk/fpdf_dataavail.cpp
index 2384b6e..11abff3 100644
--- a/fpdfsdk/fpdf_dataavail.cpp
+++ b/fpdfsdk/fpdf_dataavail.cpp
@@ -78,7 +78,10 @@
if (!buffer || offset < 0 || !size)
return false;
- FX_SAFE_FILESIZE new_pos = pdfium::base::checked_cast<FX_FILESIZE>(size);
+ if (!pdfium::base::IsValueInRangeForNumericType<FX_FILESIZE>(size))
+ return false;
+
+ FX_SAFE_FILESIZE new_pos = size;
new_pos += offset;
return new_pos.IsValid() && new_pos.ValueOrDie() <= GetSize() &&
file_->m_GetBlock(file_->m_Param, offset,