[poppler] 4 commits - fofi/FoFiType1C.cc goo/gmem.h goo/GooCheckedOps.h

GitLab Mirror gitlab-mirror at kemper.freedesktop.org
Fri Aug 31 07:16:51 UTC 2018 

 fofi/FoFiType1C.cc  |    6 +++++-
 goo/GooCheckedOps.h |   49 +++++++++++++++++++++++++++++++++++++++++++++++++
 goo/gmem.h          |   21 ++++++---------------
 3 files changed, 60 insertions(+), 16 deletions(-)

New commits:
commit 4244a048e55d7cce0caddc68b6bb21983e670bc4
Author: Adam Reichold <adam.reichold at t-online.de>
Date:   Fri Aug 31 07:33:31 2018 +0200

    Replace #pragma once by standard-supported include guards and add missing copyright preamble for new header.

diff --git a/goo/GooCheckedOps.h b/goo/GooCheckedOps.h
index 78401994..3da6b337 100644
--- a/goo/GooCheckedOps.h
+++ b/goo/GooCheckedOps.h
@@ -1,4 +1,15 @@
-#pragma once
+//========================================================================
+//
+// GooCheckedOps.h
+//
+// This file is licensed under the GPLv2 or later
+//
+// Copyright (C) 2018 Adam Reichold <adam.reichold at t-online.de>
+//
+//========================================================================
+
+#ifndef GOO_CHECKED_OPS_H
+#define GOO_CHECKED_OPS_H
 
 #include <climits>
 
@@ -34,3 +45,5 @@ inline bool checkedMultiply(int x, int y, int *z) {
   return checkedAssign(lz, z);
 #endif
 }
+
+#endif // GOO_CHECKED_OPS_H
diff --git a/goo/gmem.h b/goo/gmem.h
index f2b184eb..9b187c1d 100644
--- a/goo/gmem.h
+++ b/goo/gmem.h
@@ -23,7 +23,8 @@
 //
 //========================================================================
 
-#pragma once
+#ifndef GMEM_H
+#define GMEM_H
 
 #include <cstring>
 #include <cstdlib>
@@ -175,3 +176,5 @@ inline char *copyString(const char *s, size_t n) {
   r[n] = '\0';
   return std::strncpy(r, s, n);
 }
+
+#endif // GMEM_H
commit 5671d3acc6a723ac3cb63866e2f429e0f0075c68
Author: Adam Reichold <adam.reichold at t-online.de>
Date:   Thu Aug 30 21:27:13 2018 +0200

    Extend checked operations header with support for Clang in addition to checking for GCC version 5 or later.

diff --git a/goo/GooCheckedOps.h b/goo/GooCheckedOps.h
index a50152f8..78401994 100644
--- a/goo/GooCheckedOps.h
+++ b/goo/GooCheckedOps.h
@@ -13,8 +13,12 @@ inline bool checkedAssign(long long lz, int *z) {
   return false;
 }
 
+#ifndef __has_builtin
+  #define __has_builtin(x) 0
+#endif
+
 inline bool checkedAdd(int x, int y, int *z) {
-#if __GNUC__ >= 5
+#if __GNUC__ >= 5 || __has_builtin(__builtin_sadd_overflow)
   return __builtin_sadd_overflow(x, y, z);
 #else
   const auto lz = static_cast<long long>(x) + static_cast<long long>(y);
@@ -23,7 +27,7 @@ inline bool checkedAdd(int x, int y, int *z) {
 }
 
 inline bool checkedMultiply(int x, int y, int *z) {
-#if __GNUC__ >= 5
+#if __GNUC__ >= 5 || __has_builtin(__builtin_smul_overflow)
   return __builtin_smul_overflow(x, y, z);
 #else
   const auto lz = static_cast<long long>(x) * static_cast<long long>(y);
commit ed28a5612fc0bf8580ccd360ae086fc715d19b35
Author: Adam Reichold <adam.reichold at t-online.de>
Date:   Thu Aug 30 20:56:33 2018 +0200

    Fix delta decoding for Type1C fonts to avoid signed integer overflow. oss-fuzz/8424

diff --git a/fofi/FoFiType1C.cc b/fofi/FoFiType1C.cc
index caa4b42b..63518452 100644
--- a/fofi/FoFiType1C.cc
+++ b/fofi/FoFiType1C.cc
@@ -2663,7 +2663,11 @@ int FoFiType1C::getDeltaIntArray(int *arr, int maxLen) {
   }
   x = 0;
   for (i = 0; i < n; ++i) {
-    x += (int)ops[i].num;
+    int y;
+    if (checkedAdd(x, (int)ops[i].num, &y)) {
+      return i;
+    }
+    x = y;
     arr[i] = x;
   }
   return n;
commit de20e92a70e73d828984f41f52212051fba51700
Author: Adam Reichold <adam.reichold at t-online.de>
Date:   Thu Aug 30 20:54:17 2018 +0200

    Factor out overflow-checked multiplication into a separate header for extension and reuse.

diff --git a/goo/GooCheckedOps.h b/goo/GooCheckedOps.h
new file mode 100644
index 00000000..a50152f8
--- /dev/null
+++ b/goo/GooCheckedOps.h
@@ -0,0 +1,32 @@
+#pragma once
+
+#include <climits>
+
+inline bool checkedAssign(long long lz, int *z) {
+  static_assert(LLONG_MAX > INT_MAX, "Need type larger than int to perform overflow checks.");
+
+  if (lz > INT_MAX || lz < INT_MIN) {
+    return true;
+  }
+
+  *z = static_cast<int>(lz);
+  return false;
+}
+
+inline bool checkedAdd(int x, int y, int *z) {
+#if __GNUC__ >= 5
+  return __builtin_sadd_overflow(x, y, z);
+#else
+  const auto lz = static_cast<long long>(x) + static_cast<long long>(y);
+  return checkedAssign(lz, z);
+#endif
+}
+
+inline bool checkedMultiply(int x, int y, int *z) {
+#if __GNUC__ >= 5
+  return __builtin_smul_overflow(x, y, z);
+#else
+  const auto lz = static_cast<long long>(x) * static_cast<long long>(y);
+  return checkedAssign(lz, z);
+#endif
+}
diff --git a/goo/gmem.h b/goo/gmem.h
index 1422322a..f2b184eb 100644
--- a/goo/gmem.h
+++ b/goo/gmem.h
@@ -28,7 +28,8 @@
 #include <cstring>
 #include <cstdlib>
 #include <cstdio>
-#include <climits>
+
+#include "GooCheckedOps.h"
 
 /// Same as malloc, but prints error message and exits if malloc() returns NULL.
 inline void *gmalloc(size_t size, bool checkoverflow = false) {
@@ -94,19 +95,6 @@ inline void *grealloc_checkoverflow(void *p, size_t size) {
  * the application if a overflow is detected.
  */
 
-inline bool checkedMultiply(int x, int y, int *z) {
-#if __GNUC__ >= 5
-  return __builtin_smul_overflow(x, y, z);
-#else
-  if (x != 0 && INT_MAX / x < y) {
-    return true;
-  }
-
-  *z = x * y;
-  return false;
-#endif
-}
-
 inline void *gmallocn(int count, int size, bool checkoverflow = false) {
   if (count == 0) {
     return nullptr;

More information about the poppler mailing list