Add safe FX_Alloc2D() macro
authorTom Sepez <tsepez@chromium.org>
Mon, 18 May 2015 21:18:08 +0000 (14:18 -0700)
committerTom Sepez <tsepez@chromium.org>
Mon, 18 May 2015 21:18:08 +0000 (14:18 -0700)
commit31b3a2b31a50f83ed100e01485013fd871399f45
treeaeece5130880a698b56eec044d73925e7e5ae7f3
parenta88e3a16ae711f6523ad3a40a08d774b72adc9eb
Add safe FX_Alloc2D() macro

This avoids unchecked multiplications when computing a size argument
to malloc(). Such an overflow is very scary, and can result in
exploitable bugs.

Along the way, kill off some return checks, since we know this can't
return NULL.

R=thestig@chromium.org

Review URL: https://codereview.chromium.org/1143663004
19 files changed:
core/include/fxcrt/fx_basic.h
core/include/fxcrt/fx_memory.h
core/src/fpdfapi/fpdf_edit/fpdf_edit_image.cpp
core/src/fpdfapi/fpdf_font/fpdf_font_cid.cpp
core/src/fpdfapi/fpdf_page/fpdf_page_colors.cpp
core/src/fpdfapi/fpdf_page/fpdf_page_func.cpp
core/src/fpdfapi/fpdf_parser/fpdf_parser_filters.cpp
core/src/fpdfapi/fpdf_render/fpdf_render_cache.cpp
core/src/fpdfapi/fpdf_render/fpdf_render_pattern.cpp
core/src/fpdftext/fpdf_text.cpp
core/src/fxcodec/codec/fx_codec_fax.cpp
core/src/fxcodec/codec/fx_codec_flate.cpp
core/src/fxcodec/codec/fx_codec_jpeg.cpp
core/src/fxcrt/fx_basic_array.cpp
core/src/fxcrt/fx_basic_memmgr_unittest.cpp
core/src/fxge/agg/agg23/fx_agg_path_storage.cpp
core/src/fxge/dib/fx_dib_engine.cpp
core/src/fxge/skia/fx_skia_device.cpp
core/src/fxge/win32/fx_win32_gdipext.cpp