Avoid UNSAFE_TODO when making strings from C-style binary arrays.
ByteString doesn't have a constructor from span due to ambiguity
constraints, so the conversion must go:
c-style array -> span -> ByteStringView -> Bytestring.
It is a little verbose but avoids any confusion about whether there
is a trailing NUL (there isn't).
Change-Id: Ibaa721132039f7939af126c087a399f977af2586
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/121890
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Tom Sepez <tsepez@google.com>
diff --git a/core/fpdfapi/parser/cpdf_security_handler.cpp b/core/fpdfapi/parser/cpdf_security_handler.cpp
index 414692c..b96ccd8 100644
--- a/core/fpdfapi/parser/cpdf_security_handler.cpp
+++ b/core/fpdfapi/parser/cpdf_security_handler.cpp
@@ -521,7 +521,7 @@
len--;
}
});
- return UNSAFE_TODO(ByteString(okeybuf, len));
+ return ByteString(ByteStringView(pdfium::make_span(okeybuf).first(len)));
}
bool CPDF_SecurityHandler::CheckOwnerPassword(const ByteString& password) {
@@ -585,8 +585,8 @@
FXSYS_memcpy(tempbuf, kDefaultPasscode, sizeof(kDefaultPasscode)));
CRYPT_ArcFourCryptBlock(tempbuf,
pdfium::make_span(m_EncryptKey).first(key_len));
- pEncryptDict->SetNewFor<CPDF_String>("U",
- UNSAFE_TODO(ByteString(tempbuf, 32)));
+ pEncryptDict->SetNewFor<CPDF_String>(
+ "U", ByteString(ByteStringView(pdfium::make_span(tempbuf))));
} else {
CRYPT_md5_context md5 = CRYPT_MD5Start();
CRYPT_MD5Update(&md5, kDefaultPasscode);
@@ -608,8 +608,8 @@
pdfium::make_span(tempkey).first(key_len));
}
CRYPT_MD5Generate(partial_digest_span, remaining_digest_span);
- pEncryptDict->SetNewFor<CPDF_String>("U",
- UNSAFE_TODO(ByteString(digest, 32)));
+ pEncryptDict->SetNewFor<CPDF_String>(
+ "U", ByteString(ByteStringView(pdfium::make_span(digest))));
}
InitCryptoHandler();
@@ -636,8 +636,8 @@
CRYPT_SHA256Finish(&sha2, pdfium::make_span(digest1).first<32u>());
}
UNSAFE_TODO(FXSYS_memcpy(digest1 + 32, digest, 16));
- pEncryptDict->SetNewFor<CPDF_String>("U",
- UNSAFE_TODO(ByteString(digest1, 48)));
+ pEncryptDict->SetNewFor<CPDF_String>(
+ "U", ByteString(ByteStringView(pdfium::make_span(digest1))));
if (m_Revision >= 6) {
Revision6_Hash(password, UNSAFE_TODO(digest + 8), nullptr, digest1);
} else {
@@ -651,8 +651,8 @@
uint8_t iv[16] = {};
CRYPT_AESSetIV(&aes, iv);
CRYPT_AESEncrypt(&aes, digest1, m_EncryptKey);
- pEncryptDict->SetNewFor<CPDF_String>("UE",
- UNSAFE_TODO(ByteString(digest1, 32)));
+ pEncryptDict->SetNewFor<CPDF_String>(
+ "UE", ByteString(ByteStringView(pdfium::make_span(digest1).first<32>())));
}
void CPDF_SecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict) {
@@ -685,8 +685,8 @@
uint8_t dest[16];
CRYPT_AESEncrypt(&aes, dest, buf);
- pEncryptDict->SetNewFor<CPDF_String>("Perms",
- UNSAFE_TODO(ByteString(dest, 16)));
+ pEncryptDict->SetNewFor<CPDF_String>(
+ "Perms", ByteString(ByteStringView(pdfium::make_span(dest))));
}
void CPDF_SecurityHandler::InitCryptoHandler() {
diff --git a/fxjs/xfa/cfxjse_formcalc_context_embeddertest.cpp b/fxjs/xfa/cfxjse_formcalc_context_embeddertest.cpp
index 9bc5b92..00881bf 100644
--- a/fxjs/xfa/cfxjse_formcalc_context_embeddertest.cpp
+++ b/fxjs/xfa/cfxjse_formcalc_context_embeddertest.cpp
@@ -762,8 +762,7 @@
const uint8_t test_string[] = {
0x4c, 0x6f, 0x77, 0x65, 0x72, 0x28, 0x22, 0xc3,
0x85, 0xc3, 0x85, 0xc3, 0x85, 0x22, 0x29}; // Lower("ÅÅÅ")
- Execute(
- UNSAFE_TODO(ByteString(test_string, sizeof(test_string))).AsStringView());
+ Execute(ByteStringView(pdfium::make_span(test_string)));
}
TEST_F(CFXJSE_FormCalcContextEmbedderTest, Ltrim) {
