| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/child_process_sandbox_support_impl_linux.h" | 5 #include "content/common/child_process_sandbox_support_impl_linux.h" |
| 6 | 6 |
| 7 #include <sys/stat.h> | 7 #include <sys/stat.h> |
| 8 | 8 |
| 9 #include "base/debug/trace_event.h" | 9 #include "base/debug/trace_event.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| 11 #include "base/numerics/safe_conversions.h" |
| 11 #include "base/pickle.h" | 12 #include "base/pickle.h" |
| 12 #include "base/posix/eintr_wrapper.h" | 13 #include "base/posix/eintr_wrapper.h" |
| 13 #include "base/posix/unix_domain_socket_linux.h" | 14 #include "base/posix/unix_domain_socket_linux.h" |
| 14 #include "base/safe_numerics.h" | |
| 15 #include "base/sys_byteorder.h" | 15 #include "base/sys_byteorder.h" |
| 16 #include "content/common/sandbox_linux/sandbox_linux.h" | 16 #include "content/common/sandbox_linux/sandbox_linux.h" |
| 17 #include "third_party/WebKit/public/platform/linux/WebFontFamily.h" | 17 #include "third_party/WebKit/public/platform/linux/WebFontFamily.h" |
| 18 #include "third_party/WebKit/public/platform/linux/WebFontRenderStyle.h" | 18 #include "third_party/WebKit/public/platform/linux/WebFontRenderStyle.h" |
| 19 | 19 |
| 20 namespace content { | 20 namespace content { |
| 21 | 21 |
| 22 void GetFontFamilyForCharacter(int32_t character, | 22 void GetFontFamilyForCharacter(int32_t character, |
| 23 const char* preferred_locale, | 23 const char* preferred_locale, |
| 24 blink::WebFontFamily* family) { | 24 blink::WebFontFamily* family) { |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 110 if (offset < 0) | 110 if (offset < 0) |
| 111 return false; | 111 return false; |
| 112 | 112 |
| 113 size_t data_length = 0; // the length of the file data. | 113 size_t data_length = 0; // the length of the file data. |
| 114 off_t data_offset = 0; // the offset of the data in the file. | 114 off_t data_offset = 0; // the offset of the data in the file. |
| 115 if (table_tag == 0) { | 115 if (table_tag == 0) { |
| 116 // Get the entire font file. | 116 // Get the entire font file. |
| 117 struct stat st; | 117 struct stat st; |
| 118 if (fstat(fd, &st) < 0) | 118 if (fstat(fd, &st) < 0) |
| 119 return false; | 119 return false; |
| 120 data_length = base::checked_numeric_cast<size_t>(st.st_size); | 120 data_length = base::checked_cast<size_t>(st.st_size); |
| 121 } else { | 121 } else { |
| 122 // Get a font table. Read the header to find its offset in the file. | 122 // Get a font table. Read the header to find its offset in the file. |
| 123 uint16_t num_tables; | 123 uint16_t num_tables; |
| 124 ssize_t n = HANDLE_EINTR(pread(fd, &num_tables, sizeof(num_tables), | 124 ssize_t n = HANDLE_EINTR(pread(fd, &num_tables, sizeof(num_tables), |
| 125 4 /* skip the font type */)); | 125 4 /* skip the font type */)); |
| 126 if (n != sizeof(num_tables)) | 126 if (n != sizeof(num_tables)) |
| 127 return false; | 127 return false; |
| 128 // Font data is stored in net (big-endian) order. | 128 // Font data is stored in net (big-endian) order. |
| 129 num_tables = base::NetToHost16(num_tables); | 129 num_tables = base::NetToHost16(num_tables); |
| 130 | 130 |
| 131 // Read the table directory. | 131 // Read the table directory. |
| 132 static const size_t kTableEntrySize = 16; | 132 static const size_t kTableEntrySize = 16; |
| 133 const size_t directory_size = num_tables * kTableEntrySize; | 133 const size_t directory_size = num_tables * kTableEntrySize; |
| 134 scoped_ptr<uint8_t[]> table_entries(new uint8_t[directory_size]); | 134 scoped_ptr<uint8_t[]> table_entries(new uint8_t[directory_size]); |
| 135 n = HANDLE_EINTR(pread(fd, table_entries.get(), directory_size, | 135 n = HANDLE_EINTR(pread(fd, table_entries.get(), directory_size, |
| 136 12 /* skip the SFNT header */)); | 136 12 /* skip the SFNT header */)); |
| 137 if (n != base::checked_numeric_cast<ssize_t>(directory_size)) | 137 if (n != base::checked_cast<ssize_t>(directory_size)) |
| 138 return false; | 138 return false; |
| 139 | 139 |
| 140 for (uint16_t i = 0; i < num_tables; ++i) { | 140 for (uint16_t i = 0; i < num_tables; ++i) { |
| 141 uint8_t* entry = table_entries.get() + i * kTableEntrySize; | 141 uint8_t* entry = table_entries.get() + i * kTableEntrySize; |
| 142 uint32_t tag = *reinterpret_cast<uint32_t*>(entry); | 142 uint32_t tag = *reinterpret_cast<uint32_t*>(entry); |
| 143 if (tag == table_tag) { | 143 if (tag == table_tag) { |
| 144 // Font data is stored in net (big-endian) order. | 144 // Font data is stored in net (big-endian) order. |
| 145 data_offset = | 145 data_offset = |
| 146 base::NetToHost32(*reinterpret_cast<uint32_t*>(entry + 8)); | 146 base::NetToHost32(*reinterpret_cast<uint32_t*>(entry + 8)); |
| 147 data_length = | 147 data_length = |
| 148 base::NetToHost32(*reinterpret_cast<uint32_t*>(entry + 12)); | 148 base::NetToHost32(*reinterpret_cast<uint32_t*>(entry + 12)); |
| 149 break; | 149 break; |
| 150 } | 150 } |
| 151 } | 151 } |
| 152 } | 152 } |
| 153 | 153 |
| 154 if (!data_length) | 154 if (!data_length) |
| 155 return false; | 155 return false; |
| 156 // Clamp |offset| inside the allowable range. This allows the read to succeed | 156 // Clamp |offset| inside the allowable range. This allows the read to succeed |
| 157 // but return 0 bytes. | 157 // but return 0 bytes. |
| 158 offset = std::min(offset, base::checked_numeric_cast<off_t>(data_length)); | 158 offset = std::min(offset, base::checked_cast<off_t>(data_length)); |
| 159 // Make sure it's safe to add the data offset and the caller's logical offset. | 159 // Make sure it's safe to add the data offset and the caller's logical offset. |
| 160 // Define the maximum positive offset on 32 bit systems. | 160 // Define the maximum positive offset on 32 bit systems. |
| 161 static const off_t kMaxPositiveOffset32 = 0x7FFFFFFF; // 2 GB - 1. | 161 static const off_t kMaxPositiveOffset32 = 0x7FFFFFFF; // 2 GB - 1. |
| 162 if ((offset > kMaxPositiveOffset32 / 2) || | 162 if ((offset > kMaxPositiveOffset32 / 2) || |
| 163 (data_offset > kMaxPositiveOffset32 / 2)) | 163 (data_offset > kMaxPositiveOffset32 / 2)) |
| 164 return false; | 164 return false; |
| 165 data_offset += offset; | 165 data_offset += offset; |
| 166 data_length -= offset; | 166 data_length -= offset; |
| 167 | 167 |
| 168 if (output) { | 168 if (output) { |
| 169 // 'output_length' holds the maximum amount of data the caller can accept. | 169 // 'output_length' holds the maximum amount of data the caller can accept. |
| 170 data_length = std::min(data_length, *output_length); | 170 data_length = std::min(data_length, *output_length); |
| 171 ssize_t n = HANDLE_EINTR(pread(fd, output, data_length, data_offset)); | 171 ssize_t n = HANDLE_EINTR(pread(fd, output, data_length, data_offset)); |
| 172 if (n != base::checked_numeric_cast<ssize_t>(data_length)) | 172 if (n != base::checked_cast<ssize_t>(data_length)) |
| 173 return false; | 173 return false; |
| 174 } | 174 } |
| 175 *output_length = data_length; | 175 *output_length = data_length; |
| 176 | 176 |
| 177 return true; | 177 return true; |
| 178 } | 178 } |
| 179 | 179 |
| 180 } // namespace content | 180 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 141113003:
Refactor base/safe_numerics.h (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/