commit 630703378a9ef3d477859d825b140eb970101c1f
author Tom Sepez <tsepez@chromium.org> Thu Dec 07 04:08:50 2023 +0000
committer Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com> Thu Dec 07 04:08:50 2023 +0000
tree 7aac0bc86730d91248b896171197331c62d07b9b
parent 5c8b497cd15c4e9bd0445680e0b13511fbeee2ff

Avoid some comparisons against data.size() - 1.

These rely on earlier checks that data is not empty, otherwise
underflow would occur in these cases.

-- invert one test in Windows while at it.

Change-Id: Ic3f99f31e6cfedfcee59dfafe3b0974266e0a098
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/114058
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>

core/fpdfapi/page/cpdf_stitchfunc.cpp

diff --git a/core/fpdfapi/page/cpdf_stitchfunc.cpp b/core/fpdfapi/page/cpdf_stitchfunc.cpp
index 0c3ebd6..21d7340 100644
--- a/core/fpdfapi/page/cpdf_stitchfunc.cpp
+++ b/core/fpdfapi/page/cpdf_stitchfunc.cpp
@@ -110,7 +110,7 @@
                              pdfium::span<float> results) const {
   float input = inputs[0];
   size_t i;
-  for (i = 0; i < m_pSubFunctions.size() - 1; i++) {
+  for (i = 0; i + 1 < m_pSubFunctions.size(); i++) {
     if (input < m_bounds[i + 1])
       break;
   }

core/fpdfapi/parser/fpdf_parser_decode.cpp

diff --git a/core/fpdfapi/parser/fpdf_parser_decode.cpp b/core/fpdfapi/parser/fpdf_parser_decode.cpp
index 3f7d08c..79fcb1f 100644
--- a/core/fpdfapi/parser/fpdf_parser_decode.cpp
+++ b/core/fpdfapi/parser/fpdf_parser_decode.cpp
@@ -276,7 +276,7 @@
       dest_count += src_span[i] + 1;
       i += src_span[i] + 2;
     } else {
-      const uint8_t fill = i < src_span.size() - 1 ? src_span[i + 1] : 0;
+      const uint8_t fill = i + 1 < src_span.size() ? src_span[i + 1] : 0;
       const size_t fill_size = 257 - src_span[i];
       fxcrt::spanset(dest_span.subspan(dest_count, fill_size), fill);
       dest_count += fill_size;

core/fxcodec/basic/basicmodule.cpp

diff --git a/core/fxcodec/basic/basicmodule.cpp b/core/fxcodec/basic/basicmodule.cpp
index 452e464..07fc896 100644
--- a/core/fxcodec/basic/basicmodule.cpp
+++ b/core/fxcodec/basic/basicmodule.cpp
@@ -152,7 +152,7 @@
       UpdateOperator((uint8_t)copy_len);
     } else if (m_Operator > 128) {
       int fill = 0;
-      if (m_SrcOffset - 1 < m_SrcBuf.size() - 1) {
+      if (m_SrcOffset < m_SrcBuf.size()) {
         fill = m_SrcBuf[m_SrcOffset];
       }
       uint32_t duplicate_len = 257 - m_Operator;

core/fxcodec/flate/flatemodule.cpp

diff --git a/core/fxcodec/flate/flatemodule.cpp b/core/fxcodec/flate/flatemodule.cpp
index a3e28cc..a023bb1 100644
--- a/core/fxcodec/flate/flatemodule.cpp
+++ b/core/fxcodec/flate/flatemodule.cpp
@@ -605,9 +605,9 @@
     std::unique_ptr<uint8_t, FxFreeDeleter> tmp_buf =
         std::move(result_tmp_bufs[i]);
     uint32_t tmp_buf_size = buf_size;
-    if (i == result_tmp_bufs.size() - 1)
+    if (i + 1 == result_tmp_bufs.size()) {
       tmp_buf_size = last_buf_size;
-
+    }
     uint32_t cp_size = std::min(tmp_buf_size, remaining);
     memcpy(result_buf.get() + result_pos, tmp_buf.get(), cp_size);
     result_pos += cp_size;

core/fxcodec/jpeg/jpegmodule.cpp

diff --git a/core/fxcodec/jpeg/jpegmodule.cpp b/core/fxcodec/jpeg/jpegmodule.cpp
index ad80c7e..83f3e0b 100644
--- a/core/fxcodec/jpeg/jpegmodule.cpp
+++ b/core/fxcodec/jpeg/jpegmodule.cpp
@@ -29,7 +29,7 @@
     pdfium::span<const uint8_t> src_span) {
   DCHECK(!src_span.empty());
 
-  for (size_t offset = 0; offset < src_span.size() - 1; ++offset) {
+  for (size_t offset = 0; offset + 1 < src_span.size(); ++offset) {
     if (src_span[offset] == 0xff && src_span[offset + 1] == 0xd8)
       return src_span.subspan(offset);
   }

core/fxcrt/widestring.cpp

diff --git a/core/fxcrt/widestring.cpp b/core/fxcrt/widestring.cpp
index aa01fc3..db20c48 100644
--- a/core/fxcrt/widestring.cpp
+++ b/core/fxcrt/widestring.cpp
@@ -1064,7 +1064,7 @@
   {
     // Span's lifetime must end before ReleaseBuffer() below.
     pdfium::span<wchar_t> buf = result.GetBuffer(data.size() / 2);
-    for (size_t i = 0; i < data.size() - 1; i += 2) {
+    for (size_t i = 0; i + 1 < data.size(); i += 2) {
       buf[length++] = data[i] | data[i + 1] << 8;
     }
 
@@ -1086,7 +1086,7 @@
   {
     // Span's lifetime must end before ReleaseBuffer() below.
     pdfium::span<wchar_t> buf = result.GetBuffer(data.size() / 2);
-    for (size_t i = 0; i < data.size() - 1; i += 2) {
+    for (size_t i = 0; i + 1 < data.size(); i += 2) {
       buf[length++] = data[i] << 8 | data[i + 1];
     }
 

core/fxge/agg/fx_agg_driver.cpp

diff --git a/core/fxge/agg/fx_agg_driver.cpp b/core/fxge/agg/fx_agg_driver.cpp
index d197932..fd3c75e 100644
--- a/core/fxge/agg/fx_agg_driver.cpp
+++ b/core/fxge/agg/fx_agg_driver.cpp
@@ -930,7 +930,7 @@
       agg_path.move_to(pos.x, pos.y);
     } else if (point_type == CFX_Path::Point::Type::kLine) {
       if (i > 0 && points[i - 1].IsTypeAndOpen(CFX_Path::Point::Type::kMove) &&
-          (i == points.size() - 1 ||
+          (i + 1 == points.size() ||
            points[i + 1].IsTypeAndOpen(CFX_Path::Point::Type::kMove)) &&
           points[i].m_Point == points[i - 1].m_Point) {
         pos.x += 1;

core/fxge/cfx_path.cpp

diff --git a/core/fxge/cfx_path.cpp b/core/fxge/cfx_path.cpp
index 53e99dc..525409e 100644
--- a/core/fxge/cfx_path.cpp
+++ b/core/fxge/cfx_path.cpp
@@ -361,7 +361,7 @@
         rect.UpdateRect(m_Points[iPoint + 1].m_Point);
         iPoint += 2;
       }
-      if (iPoint == m_Points.size() - 1 ||
+      if (iPoint + 1 == m_Points.size() ||
           m_Points[iPoint + 1].m_Type == CFX_Path::Point::Type::kMove) {
         iStartPoint = iPoint - 1;
         iEndPoint = iPoint;

core/fxge/win32/cgdi_plus_ext.cpp

diff --git a/core/fxge/win32/cgdi_plus_ext.cpp b/core/fxge/win32/cgdi_plus_ext.cpp
index d001391..c491350 100644
--- a/core/fxge/win32/cgdi_plus_ext.cpp
+++ b/core/fxge/win32/cgdi_plus_ext.cpp
@@ -344,10 +344,11 @@
     for (size_t i = 0; i < pGraphState->m_DashArray.size(); i += 2) {
       float on_phase = pGraphState->m_DashArray[i];
       float off_phase;
-      if (i == pGraphState->m_DashArray.size() - 1)
-        off_phase = on_phase;
-      else
+      if (i + 1 < pGraphState->m_DashArray.size()) {
         off_phase = pGraphState->m_DashArray[i + 1];
+      } else {
+        off_phase = on_phase;
+      }
       on_phase /= width;
       off_phase /= width;
       if (on_phase + off_phase <= 0.00002f) {
@@ -673,7 +674,7 @@
     } else if (point_type == CFX_Path::Point::Type::kLine) {
       gp_types[i] = Gdiplus::PathPointTypeLine;
       if (points[i - 1].IsTypeAndOpen(CFX_Path::Point::Type::kMove) &&
-          (i == points.size() - 1 ||
+          (i + 1 == points.size() ||
            points[i + 1].IsTypeAndOpen(CFX_Path::Point::Type::kMove)) &&
           gp_points[i].Y == gp_points[i - 1].Y &&
           gp_points[i].X == gp_points[i - 1].X) {
@@ -759,7 +760,7 @@
     } else {
       size_t iStart = 0;
       for (size_t i = 0; i < points.size(); ++i) {
-        if (i == points.size() - 1 ||
+        if (i + 1 == points.size() ||
             gp_types[i + 1] == Gdiplus::PathPointTypeStart) {
           Gdiplus::GpPath* pSubPath;
           CallFunc(GdipCreatePath2)(

xfa/fxfa/cxfa_textlayout.cpp

diff --git a/xfa/fxfa/cxfa_textlayout.cpp b/xfa/fxfa/cxfa_textlayout.cpp
index 8228a5c..0bcd594 100644
--- a/xfa/fxfa/cxfa_textlayout.cpp
+++ b/xfa/fxfa/cxfa_textlayout.cpp
@@ -1228,8 +1228,8 @@
       return;
 
     bHasCount = false;
-    while (szPieceNext < pPieceLine->m_textPieces.size() - 1) {
-      szPieceNext++;
+    while (szPieceNext + 1 < pPieceLine->m_textPieces.size()) {
+      ++szPieceNext;
       if (pPieceLine->m_charCounts[szPieceNext] > 0) {
         bHasCount = true;
         break;