Chromium Code Reviews Chromium Code Reviews
Issue 2374643002:
Sanitize values in chrome_pdf::PDFiumPage::PageToScreen(). (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "pdf/pdfium/pdfium_page.h" | 5 #include "pdf/pdfium/pdfium_page.h" |
| 6 | 6 |
| 7 #include <math.h> | 7 #include <math.h> |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| 11 #include <memory> | 11 #include <memory> |
| 12 #include <utility> | 12 #include <utility> |
| 13 | 13 |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/numerics/safe_math.h" | |
| 15 #include "base/strings/string_number_conversions.h" | 16 #include "base/strings/string_number_conversions.h" |
| 16 #include "base/strings/string_util.h" | 17 #include "base/strings/string_util.h" |
| 17 #include "base/strings/utf_string_conversions.h" | 18 #include "base/strings/utf_string_conversions.h" |
| 18 #include "pdf/pdfium/pdfium_api_string_buffer_adapter.h" | 19 #include "pdf/pdfium/pdfium_api_string_buffer_adapter.h" |
| 19 #include "pdf/pdfium/pdfium_engine.h" | 20 #include "pdf/pdfium/pdfium_engine.h" |
| 20 #include "printing/units.h" | 21 #include "printing/units.h" |
| 21 | 22 |
| 22 // Used when doing hit detection. | 23 // Used when doing hit detection. |
| 23 #define kTolerance 20.0 | 24 #define kTolerance 20.0 |
| 24 | 25 |
| (...skipping 429 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 454 pp::Rect PDFiumPage::PageToScreen(const pp::Point& offset, | 455 pp::Rect PDFiumPage::PageToScreen(const pp::Point& offset, |
| 455 double zoom, | 456 double zoom, |
| 456 double left, | 457 double left, |
| 457 double top, | 458 double top, |
| 458 double right, | 459 double right, |
| 459 double bottom, | 460 double bottom, |
| 460 int rotation) const { | 461 int rotation) const { |
| 461 if (!available_) | 462 if (!available_) |
| 462 return pp::Rect(); | 463 return pp::Rect(); |
| 463 | 464 |
| 464 int new_left, new_top, new_right, new_bottom; | 465 base::CheckedNumeric<double> start_x = rect_.x(); |
|
Tom Sepez
2016/09/27 15:57:17
can we get away with just using doubles here? I'm
Lei Zhang
2016/09/27 16:44:40
Can multiplying by |zoom| overflow? Am I being too
Tom Sepez
2016/09/27 16:46:42
Probably can, but I wouldn't worry about it. Ther
Lei Zhang
2016/09/27 17:50:44
Done.
| |
| 465 FPDF_PageToDevice( | 466 start_x -= offset.x(); |
| 466 page_, | 467 start_x *= zoom; |
| 467 static_cast<int>((rect_.x() - offset.x()) * zoom), | 468 base::CheckedNumeric<double> start_y = rect_.y(); |
| 468 static_cast<int>((rect_.y() - offset.y()) * zoom), | 469 start_y -= offset.y(); |
| 469 static_cast<int>(ceil(rect_.width() * zoom)), | 470 start_y *= zoom; |
| 470 static_cast<int>(ceil(rect_.height() * zoom)), | 471 base::CheckedNumeric<double> size_x = rect_.width(); |
| 471 rotation, left, top, &new_left, &new_top); | 472 size_x *= zoom; |
| 472 FPDF_PageToDevice( | 473 base::CheckedNumeric<double> size_y = rect_.height(); |
| 473 page_, | 474 size_y *= zoom; |
| 474 static_cast<int>((rect_.x() - offset.x()) * zoom), | 475 if (!start_x.IsValid() || !start_y.IsValid() || !size_x.IsValid() || |
| 475 static_cast<int>((rect_.y() - offset.y()) * zoom), | 476 !size_y.IsValid()) { |
| 476 static_cast<int>(ceil(rect_.width() * zoom)), | 477 return pp::Rect(); |
| 477 static_cast<int>(ceil(rect_.height() * zoom)), | 478 } |
| 478 rotation, right, bottom, &new_right, &new_bottom); | 479 if (!base::IsValueInRangeForNumericType<int>(start_x.ValueOrDie()) || |
| 480 !base::IsValueInRangeForNumericType<int>(start_y.ValueOrDie()) || | |
| 481 !base::IsValueInRangeForNumericType<int>(size_x.ValueOrDie()) || | |
| 482 !base::IsValueInRangeForNumericType<int>(size_y.ValueOrDie())) { | |
| 483 return pp::Rect(); | |
| 484 } | |
| 485 | |
| 486 int new_left; | |
| 487 int new_top; | |
| 488 int new_right; | |
| 489 int new_bottom; | |
| 490 FPDF_PageToDevice(page_, static_cast<int>(start_x.ValueOrDie()), | |
| 491 static_cast<int>(start_y.ValueOrDie()), | |
| 492 static_cast<int>(ceil(size_x.ValueOrDie())), | |
| 493 static_cast<int>(ceil(size_y.ValueOrDie())), rotation, left, | |
| 494 top, &new_left, &new_top); | |
| 495 FPDF_PageToDevice(page_, static_cast<int>(start_x.ValueOrDie()), | |
| 496 static_cast<int>(start_y.ValueOrDie()), | |
| 497 static_cast<int>(ceil(size_x.ValueOrDie())), | |
| 498 static_cast<int>(ceil(size_y.ValueOrDie())), rotation, | |
| 499 right, bottom, &new_right, &new_bottom); | |
| 479 | 500 |
| 480 // If the PDF is rotated, the horizontal/vertical coordinates could be | 501 // If the PDF is rotated, the horizontal/vertical coordinates could be |
| 481 // flipped. See | 502 // flipped. See |
| 482 // http://www.netl.doe.gov/publications/proceedings/03/ubc/presentations/Goeck ner-pres.pdf | 503 // http://www.netl.doe.gov/publications/proceedings/03/ubc/presentations/Goeck ner-pres.pdf |
| 483 if (new_right < new_left) | 504 if (new_right < new_left) |
| 484 std::swap(new_right, new_left); | 505 std::swap(new_right, new_left); |
| 485 if (new_bottom < new_top) | 506 if (new_bottom < new_top) |
| 486 std::swap(new_bottom, new_top); | 507 std::swap(new_bottom, new_top); |
| 487 | 508 |
| 488 return pp::Rect( | 509 if (!base::IsValueInRangeForNumericType<int32_t>(new_left) || |
|
Tom Sepez
2016/09/27 15:57:17
new_left is an int (presumably == int32_t for prac
| |
| 489 new_left, new_top, new_right - new_left + 1, new_bottom - new_top + 1); | 510 !base::IsValueInRangeForNumericType<int32_t>(new_top)) { |
| 511 return pp::Rect(); | |
| 512 } | |
| 513 | |
| 514 base::CheckedNumeric<int32_t> new_size_x = new_right; | |
| 515 new_size_x -= new_left; | |
| 516 new_size_x += 1; | |
| 517 base::CheckedNumeric<int32_t> new_size_y = new_bottom; | |
| 518 new_size_y -= new_top; | |
| 519 new_size_y += 1; | |
| 520 if (!new_size_x.IsValid() || !new_size_y.IsValid()) | |
| 521 return pp::Rect(); | |
| 522 | |
| 523 return pp::Rect(new_left, new_top, new_size_x.ValueOrDie(), | |
| 524 new_size_y.ValueOrDie()); | |
| 490 } | 525 } |
| 491 | 526 |
| 492 PDFiumPage::ScopedLoadCounter::ScopedLoadCounter(PDFiumPage* page) | 527 PDFiumPage::ScopedLoadCounter::ScopedLoadCounter(PDFiumPage* page) |
| 493 : page_(page) { | 528 : page_(page) { |
| 494 page_->loading_count_++; | 529 page_->loading_count_++; |
| 495 } | 530 } |
| 496 | 531 |
| 497 PDFiumPage::ScopedLoadCounter::~ScopedLoadCounter() { | 532 PDFiumPage::ScopedLoadCounter::~ScopedLoadCounter() { |
| 498 page_->loading_count_--; | 533 page_->loading_count_--; |
| 499 } | 534 } |
| 500 | 535 |
| 501 PDFiumPage::Link::Link() = default; | 536 PDFiumPage::Link::Link() = default; |
| 502 | 537 |
| 503 PDFiumPage::Link::Link(const Link& that) = default; | 538 PDFiumPage::Link::Link(const Link& that) = default; |
| 504 | 539 |
| 505 PDFiumPage::Link::~Link() = default; | 540 PDFiumPage::Link::~Link() = default; |
| 506 | 541 |
| 507 } // namespace chrome_pdf | 542 } // namespace chrome_pdf |
| OLD | NEW |
