diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2018-02-09 10:35:33 +0000 |
|---|---|---|
| committer | Michael Stahl <mstahl@redhat.com> | 2018-02-09 19:02:24 +0100 |
| commit | 9826e506a64260d577d463fe49fe46d1e10848e6 (patch) | |
| tree | 1f6a7ff2e89ecbccbb18a3e169756f10a230e2f6 /include | |
| parent | e355d7d691cfe9719b06e15129d86ec22a2bd7a4 (diff) | |
various sft fixes
backport removing unneeded code
use ptr diff rather than int
(cherry picked from commit 5b426038a7befcaf0d05824ffb20200ff8833ad3)
fix mem leak
(cherry picked from commit 603cb6cf31a5212d03736a552770e5734b0e8066)
check more table sizes
(cherry picked from commit 1828490bb22f1c8273c4a9f5b1db819b173ca70d)
check cmap offset
(cherry picked from commit 683d9883ad8fd6568e6a7832e5bb347c1d043e4b)
check tableoffset against size
(cherry picked from commit ae73c3ff112e1ed38eb4678ac5745990661a2e66)
check ntables offset
(cherry picked from commit 75a171a405afd6eac236af93aa9d29a9c3ec9c64)
use safeint on calculations
(cherry picked from commit 139b6c6cf898467098f3a6f29fa84013a182285f)
simplify returns
(cherry picked from commit e8b2aad1cb2107304761e68aa380b5c29d8ef22f)
extend to cover the last byte needed
(cherry picked from commit c7b0117f26a386c98a721ff3897479c268103d74)
bounds check
(cherry picked from commit bb32616bdd6e3b327654bab0e1d790d8d50b893d)
move largest bounds check to start
(cherry picked from commit f832198e6a33052c7cc86b25843badfb962a2ae8)
android:update safeint header to use the else implementation with clang
Clang toolchain does not defines the __builtin_mul_overflow for 32-bit
ARM. So, fallback to else implementation of checked_multiply when
building Android with Clang
Reviewed-on: https://gerrit.libreoffice.org/39005
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 2149d4a88e9dc88c30e7475f8ea317e5c7b78529)
add checked_add
Reviewed-on: https://gerrit.libreoffice.org/43779
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 9cfb27ae6cb94f0a853ff70e9ad9f3109d305a94)
Change-Id: I0b59f1b93d31a7cb5b8db2a21736db11aed46536
a174fd94c57cc3c899c10e1c0dc5968965a50427
0d329357ac282d4652b0f7ebc401cbd51963461b
004a6d322f60d916cc4635b362ce948e8a10d7c7
5aae26c38f3645020f0e1d6d7b6877c2727af1b4
a79be052dd3f6b6ed38fb326558924c853af5fff
d75f5f4b578fd176c17e5763569f1403260c6594
c063786ba41aa9a985f505e62b43d3d543a0d48f
1a67cb2f1c686032438852fec1267a59fbd04d7f
5177d42b47a4bca614878dce4a69ab16b5cfe163
6d32a6b6f1dd91db42a3f154700ea55603f0e4dd
03fe80f9568759b829fac4e9bcfd496efebe6a26
6120606f521ce121541a5b7f1150229258012d55
10cba898bba528f5f1bfbd583e27a6821c789ab9
Reviewed-on: https://gerrit.libreoffice.org/49485
Reviewed-by: Michael Stahl <mstahl@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/o3tl/safeint.hxx | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/include/o3tl/safeint.hxx b/include/o3tl/safeint.hxx index ce144d22d9ea..5ebf353b6bd6 100644 --- a/include/o3tl/safeint.hxx +++ b/include/o3tl/safeint.hxx @@ -29,13 +29,23 @@ template<typename T> inline bool checked_multiply(T a, T b, T& result) return !msl::utilities::SafeMultiply(a, b, result); } -#elif (defined __GNUC__ && __GNUC__ >= 5) || (__has_builtin(__builtin_mul_overflow)) +template<typename T> inline bool checked_add(T a, T b, T& result) +{ + return !msl::utilities::SafeAdd(a, b, result); +} + +#elif (defined __GNUC__ && __GNUC__ >= 5) || (__has_builtin(__builtin_mul_overflow) && !(defined ANDROID && defined __clang__)) template<typename T> inline bool checked_multiply(T a, T b, T& result) { return __builtin_mul_overflow(a, b, &result); } +template<typename T> inline bool checked_add(T a, T b, T& result) +{ + return __builtin_add_overflow(a, b, &result); +} + #else //https://www.securecoding.cert.org/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow @@ -80,6 +90,31 @@ template<typename T> inline typename std::enable_if<std::is_unsigned<T>::value, return false; } +//https://www.securecoding.cert.org/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow +template<typename T> inline typename std::enable_if<std::is_signed<T>::value, bool>::type checked_add(T a, T b, T& result) +{ + if (((b > 0) && (a > (std::numeric_limits<T>::max() - b))) || + ((b < 0) && (a < (std::numeric_limits<T>::min() - b)))) { + return true; + } + + result = a + b; + + return false; +} + +//https://www.securecoding.cert.org/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap +template<typename T> inline typename std::enable_if<std::is_unsigned<T>::value, bool>::type checked_add(T a, T b, T& result) +{ + if (std::numeric_limits<T>::max() - a < b) { + return true;/* Handle error */ + } + + result = a + b; + + return false; +} + #endif } |