[Libreoffice-commits] core.git: include/o3tl vcl/source

Caolán McNamara (via logerrit) logerrit at kemper.freedesktop.org
Sat Mar 27 20:56:37 UTC 2021 

 include/o3tl/safeint.hxx        |   10 ++--------
 vcl/source/font/fontcharmap.cxx |    2 --
 2 files changed, 2 insertions(+), 10 deletions(-)

New commits:
commit 780e1ffb991f3bfc4e8a73714b0e2a464feb3a86
Author:     Caolán McNamara <caolanm at redhat.com>
AuthorDate: Sat Mar 27 19:43:46 2021 +0000
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Sat Mar 27 21:55:55 2021 +0100

    cid#1473755 Untrusted loop bound
    
    deem_sanizize isn't sufficiently complex to sanize its input apparently
    
    Change-Id: Id1d73feefce9b587a8024021d8766267b105b4f1
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113234
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/include/o3tl/safeint.hxx b/include/o3tl/safeint.hxx
index ef0b6593ad76..801b3dc6fdd5 100644
--- a/include/o3tl/safeint.hxx
+++ b/include/o3tl/safeint.hxx
@@ -239,17 +239,11 @@ make_unsigned(T value)
 // tools like -fsanitize=implicit-conversion should still be able to detect truncation:
 template<typename T1, typename T2> constexpr T1 narrowing(T2 value) { return value; }
 
-// inform coverity that the returned value is now deemed sanitized
-// coverity[ -taint_source ]
-template<typename T> [[nodiscard]] constexpr T deem_sanitized(T a)
-{
-    return a;
-}
-
 // std::min wrapped to inform coverity that the result is now deemed sanitized
+// coverity[ -taint_source ]
 template<typename T> [[nodiscard]] inline T sanitizing_min(T a, T b)
 {
-    return o3tl::deem_sanitized(std::min(a, b));
+    return std::min(a, b);
 }
 
 }
diff --git a/vcl/source/font/fontcharmap.cxx b/vcl/source/font/fontcharmap.cxx
index ac4336137735..e68939d3885e 100644
--- a/vcl/source/font/fontcharmap.cxx
+++ b/vcl/source/font/fontcharmap.cxx
@@ -23,7 +23,6 @@
 
 #include <algorithm>
 #include <vector>
-#include <o3tl/safeint.hxx>
 #include <o3tl/sorted_vector.hxx>
 
 CmapResult::CmapResult( bool bSymbolic,
@@ -113,7 +112,6 @@ bool ParseCMAP( const unsigned char* pCmap, int nLength, CmapResult& rResult )
     int nSubTables = GetUShort( pCmap + 2 );
     if( (nSubTables <= 0) || (nLength < (24 + 8*nSubTables)) )
         return false;
-    nSubTables = o3tl::deem_sanitized(nSubTables);
 
     const unsigned char* pEndValidArea = pCmap + nLength;

More information about the Libreoffice-commits mailing list