Use safe math when rendering line segments in AGG.

Use safe math when rendering line segments in AGG.

It is possible for the calculations in outline_aa::render_line to overflow
as the |p| variable is calculated. This Cl updates the routine to use
checked math when calculating the value of |p|.

BUG=chromium:647026
Committed: https://pdfium.googlesource.com/pdfium/+/4935e606c632e38af8fca1729f8688fa0d152b90

[dsinclair, 2016-09-15 13:51:02]

The CQ bit was checked by dsinclair@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-09-15 13:51:10]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[dsinclair, 2016-09-15 13:58:59]

dsinclair@chromium.org changed reviewers:
+ tsepez@chromium.org, weili@chromium.org

[dsinclair, 2016-09-15 13:58:59]

PTAL.

[commit-bot: I haz the power, 2016-09-15 14:05:23]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-09-15 14:05:24]

Dry run: This issue passed the CQ dry run.

[Tom Sepez, 2016-09-15 16:50:41]

https://codereview.chromium.org/2347603002/diff/1/third_party/agg23/agg_raste...
File third_party/agg23/agg_rasterizer_scanline_aa.cpp (right):

https://codereview.chromium.org/2347603002/diff/1/third_party/agg23/agg_raste...
third_party/agg23/agg_rasterizer_scanline_aa.cpp:51: #include
"third_party/base/numerics/safe_math.h"
Is this the first time we've introduced a dependency on our code into agg?

[dsinclair, 2016-09-15 17:40:45]

On 2016/09/15 16:50:41, Tom Sepez wrote:
>
https://codereview.chromium.org/2347603002/diff/1/third_party/agg23/agg_raste...
> File third_party/agg23/agg_rasterizer_scanline_aa.cpp (right):
> 
>
https://codereview.chromium.org/2347603002/diff/1/third_party/agg23/agg_raste...
> third_party/agg23/agg_rasterizer_scanline_aa.cpp:51: #include
> "third_party/base/numerics/safe_math.h"
> Is this the first time we've introduced a dependency on our code into agg?

No, we use pdfium::base::CheckedNumeric in agg_clip_liang_barsky already.
(Although, I do see that I should probably generate a .patch file to commit as
well?)

[Tom Sepez, 2016-09-15 17:42:37]

On 2016/09/15 17:40:45, dsinclair wrote:
> On 2016/09/15 16:50:41, Tom Sepez wrote:
> >
>
https://codereview.chromium.org/2347603002/diff/1/third_party/agg23/agg_raste...
> > File third_party/agg23/agg_rasterizer_scanline_aa.cpp (right):
> > 
> >
>
https://codereview.chromium.org/2347603002/diff/1/third_party/agg23/agg_raste...
> > third_party/agg23/agg_rasterizer_scanline_aa.cpp:51: #include
> > "third_party/base/numerics/safe_math.h"
> > Is this the first time we've introduced a dependency on our code into agg?
> 
> No, we use pdfium::base::CheckedNumeric in agg_clip_liang_barsky already.
> (Although, I do see that I should probably generate a .patch file to commit as
> well?)

Yeah, lets do it as a patch, even though agg is pretty much unmaintained
upstream as I understand it, and we intend to be on skia shortly.

[Tom Sepez, 2016-09-15 17:42:50]

LGTM otherwise.

[dsinclair, 2016-09-15 17:49:24]

The CQ bit was checked by dsinclair@chromium.org

[dsinclair, 2016-09-15 17:49:24]

The patchset sent to the CQ was uploaded after l-g-t-m from tsepez@chromium.org
Link to the patchset: https://codereview.chromium.org/2347603002/#ps20001
(title: "Add patch file")

[commit-bot: I haz the power, 2016-09-15 17:49:34]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-09-15 19:21:41]

Description was changed from

==========
Use safe math when rendering line segments in AGG.

It is possible for the calculations in outline_aa::render_line to overflow
as the |p| variable is calculated. This Cl updates the routine to use
checked math when calculating the value of |p|.

BUG=chromium:647026
==========

to

==========
Use safe math when rendering line segments in AGG.

It is possible for the calculations in outline_aa::render_line to overflow
as the |p| variable is calculated. This Cl updates the routine to use
checked math when calculating the value of |p|.

BUG=chromium:647026

Committed:
https://pdfium.googlesource.com/pdfium/+/4935e606c632e38af8fca1729f8688fa0d15...
==========

[commit-bot: I haz the power, 2016-09-15 19:21:42]

Committed patchset #2 (id:20001) as
https://pdfium.googlesource.com/pdfium/+/4935e606c632e38af8fca1729f8688fa0d15...