diff options
author | Tom Sepez <tsepez@chromium.org> | 2024-05-08 18:08:11 +0000 |
---|---|---|
committer | Pdfium LUCI CQ <pdfium-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2024-05-08 18:08:11 +0000 |
commit | 4b44f35c3daebdec06f5784df47bab79d2d6d1e4 (patch) | |
tree | 7772e7620c4c26d7b8e4eaf3c3fb566fe6a8a499 /core/fxcrt/widestring.cpp | |
parent | a87fc215d61efaf110ec2b45db77bde7715dbafd (diff) | |
download | pdfium-4b44f35c3daebdec06f5784df47bab79d2d6d1e4.tar.gz |
Mass convert memset() to FXSYS_memset().
The FXSYS_ form requires callers to specify UNSAFE_BUFFERS(). Most
affected files are already in the pdfium_unsafe_buffers_paths.txt
suppression file. Other usage is hand-patched with TODO()s to
investigate safety.
-- convert one fxcrt::Fill() missed in previous cl.
Change-Id: I354a530da2439de8bbe7edc9a889857c6b8a4150
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/118390
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Thomas Sepez <tsepez@google.com>
Diffstat (limited to 'core/fxcrt/widestring.cpp')
-rw-r--r-- | core/fxcrt/widestring.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/core/fxcrt/widestring.cpp b/core/fxcrt/widestring.cpp index 56dbece1a..944cb825d 100644 --- a/core/fxcrt/widestring.cpp +++ b/core/fxcrt/widestring.cpp @@ -267,15 +267,15 @@ std::optional<WideString> TryVSWPrintf(size_t size, // Span's lifetime must end before ReleaseBuffer() below. pdfium::span<wchar_t> buffer = str.GetBuffer(size); - // In the following two calls, there's always space in the WideString - // for a terminating NUL that's not included in the span. + // SAFETY: In the following two calls, there's always space in the + // WideString for a terminating NUL that's not included in the span. // For vswprintf(), MSAN won't untaint the buffer on a truncated write's // -1 return code even though the buffer is written. Probably just as well // not to trust the vendor's implementation to write anything anyways. // See https://crbug.com/705912. - memset(buffer.data(), 0, (size + 1) * sizeof(wchar_t)); + UNSAFE_BUFFERS( + FXSYS_memset(buffer.data(), 0, (size + 1) * sizeof(wchar_t))); int ret = vswprintf(buffer.data(), size + 1, pFormat, argList); - bool bSufficientBuffer = ret >= 0 || buffer[size - 1] == 0; if (!bSufficientBuffer) return std::nullopt; |