Fix a bug in CBDT sanitize, and redundant check in avar.
TRACE_SANITIZE (this);
return_trace (header.sanitize (c) &&
Type::static_size >= header.unitSize &&
- c->check_array (bytesZ, header.unitSize, header.nUnits));
+ c->check_array (bytesZ, header.nUnits, header.unitSize));
}
protected:
while (state < num_states)
{
if (unlikely (!c->check_array (states,
- states[0].static_size * nClasses,
- num_states)))
+ num_states,
+ states[0].static_size * nClasses)))
return_trace (false);
{ /* Sweep new states. */
const HBUINT16 *stop = &states[num_states * nClasses];
state = num_states;
}
- if (unlikely (!c->check_array (entries,
- entries[0].static_size,
- num_entries)))
+ if (unlikely (!c->check_array (entries, num_entries)))
return_trace (false);
{ /* Sweep new entries. */
const Entry<Extra> *stop = &entries[num_entries];
!c->check_range (this, length))
return_trace (false);
- if (!c->check_array (featureZ, featureZ[0].static_size, featureCount))
+ if (!c->check_array (featureZ, featureCount))
return_trace (false);
const ChainSubtable *subtable = &StructAtOffset<ChainSubtable> (featureZ, featureZ[0].static_size * featureCount);
return likely (ok);
}
- inline bool check_array (const void *base, unsigned int record_size, unsigned int len) const
+ template <typename T>
+ inline bool check_array (const T *base, unsigned int len, unsigned int record_size = T::static_size) const
{
const char *p = (const char *) base;
bool overflows = hb_unsigned_mul_overflows (len, record_size);
inline bool sanitize_shallow (hb_sanitize_context_t *c, unsigned int count) const
{
TRACE_SANITIZE (this);
- return_trace (c->check_array (arrayZ, arrayZ[0].static_size, count));
+ return_trace (c->check_array (arrayZ, count));
}
public:
inline bool sanitize_shallow (hb_sanitize_context_t *c) const
{
TRACE_SANITIZE (this);
- return_trace (len.sanitize (c) && c->check_array (arrayZ, Type::static_size, len));
+ return_trace (len.sanitize (c) && c->check_array (arrayZ, len));
}
public:
{
TRACE_SANITIZE (this);
return_trace (len.sanitize (c) &&
- (!len || c->check_array (arrayZ, Type::static_size, len - 1)));
+ (!len || c->check_array (arrayZ, len - 1)));
}
public:
{
TRACE_SANITIZE (this);
return_trace (c->check_struct (this) &&
- c->check_array (offsetArrayZ, offsetArrayZ[0].static_size, glyph_count + 1));
+ c->check_array (offsetArrayZ, glyph_count + 1));
}
bool get_image_data (unsigned int idx,
inline bool sanitize (hb_sanitize_context_t *c, unsigned int count) const
{
TRACE_SANITIZE (this);
- if (unlikely (!c->check_array (&indexSubtablesZ, indexSubtablesZ[0].static_size, count)))
+ if (unlikely (!c->check_array (indexSubtablesZ, count)))
return_trace (false);
for (unsigned int i = 0; i < count; i++)
if (unlikely (!indexSubtablesZ[i].sanitize (c, this)))
TRACE_SANITIZE (this);
return_trace (c->check_struct (thiz()) &&
thiz()->length >= T::min_size &&
- c->check_array (thiz(), 1, thiz()->length) &&
+ c->check_array (thiz(), thiz()->length, 1) &&
thiz()->subtable.sanitize (c, thiz()->format));
}
};
regionIndices.sanitize(c) &&
shortCount <= regionIndices.len &&
c->check_array (&StructAfter<HBUINT8> (regionIndices),
- get_row_size (), itemCount));
+ itemCount, get_row_size ()));
}
protected:
TRACE_SANITIZE (this);
unsigned int len = get_len ();
- if (!c->check_array (values, get_size (), count)) return_trace (false);
+ if (!c->check_array (values, count, get_size ())) return_trace (false);
if (!has_device ()) return_trace (true);
if (!c->check_struct (this)) return_trace (false);
if (unlikely (hb_unsigned_mul_overflows (rows, cols))) return_trace (false);
unsigned int count = rows * cols;
- if (!c->check_array (matrixZ, matrixZ[0].static_size, count)) return_trace (false);
+ if (!c->check_array (matrixZ, count)) return_trace (false);
for (unsigned int i = 0; i < count; i++)
if (!matrixZ[i].sanitize (c, this)) return_trace (false);
return_trace (true);
{
TRACE_SANITIZE (this);
if (!(c->check_struct (this)
- && c->check_array (arrayZ, HBUINT16::static_size * closure->stride, len))) return_trace (false);
+ && c->check_array (arrayZ, len, HBUINT16::static_size * closure->stride))) return_trace (false);
unsigned int count = len;
const PairValueRecord *record = CastP<PairValueRecord> (arrayZ);
unsigned int stride = len1 + len2;
unsigned int record_size = valueFormat1.get_size () + valueFormat2.get_size ();
unsigned int count = (unsigned int) class1Count * (unsigned int) class2Count;
- return_trace (c->check_array (values, record_size, count) &&
+ return_trace (c->check_array (values, count, record_size) &&
valueFormat1.sanitize_values_stride_unsafe (c, this, &values[0], count, stride) &&
valueFormat2.sanitize_values_stride_unsafe (c, this, &values[len1], count, stride));
}
if (!c->check_struct (this)) return_trace (false);
unsigned int count = glyphCount;
if (!count) return_trace (false); /* We want to access coverageZ[0] freely. */
- if (!c->check_array (coverageZ.arrayZ, coverageZ[0].static_size, count)) return_trace (false);
+ if (!c->check_array (coverageZ.arrayZ, count)) return_trace (false);
for (unsigned int i = 0; i < count; i++)
if (!coverageZ[i].sanitize (c, this)) return_trace (false);
const LookupRecord *lookupRecord = &StructAtOffset<LookupRecord> (coverageZ.arrayZ, coverageZ[0].static_size * count);
- return_trace (c->check_array (lookupRecord, lookupRecord[0].static_size, lookupCount));
+ return_trace (c->check_array (lookupRecord, lookupCount));
}
protected:
{
TRACE_SANITIZE (this);
return_trace (c->check_struct (this) &&
- c->check_array (mathValueRecords,
- mathValueRecords[0].static_size,
- 2 * heightCount + 1) &&
+ c->check_array (mathValueRecords, 2 * heightCount + 1) &&
sanitize_math_value_records (c));
}
return_trace (c->check_struct (this) &&
vertGlyphCoverage.sanitize (c, this) &&
horizGlyphCoverage.sanitize (c, this) &&
- c->check_array (glyphConstruction,
- glyphConstruction[0].static_size,
- vertGlyphCount + horizGlyphCount) &&
+ c->check_array (glyphConstruction, vertGlyphCount + horizGlyphCount) &&
sanitize_offsets (c));
}
TRACE_SANITIZE (this);
return_trace (c->check_struct (this) &&
likely (format == 0 || format == 1) &&
- c->check_array (nameRecord, nameRecord[0].static_size, count) &&
+ c->check_array (nameRecord, count) &&
sanitize_records (c));
}
(value - arrayZ[i-1].fromCoord) + denom/2) / denom;
}
+ public:
DEFINE_SIZE_ARRAY (2, arrayZ);
};
TRACE_SANITIZE (this);
if (unlikely (!(version.sanitize (c) &&
version.major == 1 &&
- c->check_struct (this),
- c->check_array(axisSegmentMapsZ.arrayZ, sizeof (axisSegmentMapsZ[0]), axisCount))))
+ c->check_struct (this))))
return_trace (false);
const SegmentMaps *map = axisSegmentMapsZ.arrayZ;
{
TRACE_SANITIZE (this);
return_trace (c->check_struct (this) &&
- c->check_array (coordinatesZ.arrayZ, coordinatesZ[0].static_size, axis_count));
+ c->check_array (coordinatesZ.arrayZ, axis_count));
}
protected:
{
TRACE_SANITIZE (this);
return_trace (c->check_struct (this) &&
- c->check_array (mapDataZ.arrayZ, get_width (), mapCount));
+ c->check_array (mapDataZ.arrayZ, mapCount, get_width ()));
}
unsigned int map (unsigned int v) const /* Returns 16.16 outer.inner. */
c->check_struct (this) &&
valueRecordSize >= VariationValueRecord::static_size &&
varStore.sanitize (c, this) &&
- c->check_array (valuesZ.arrayZ, valueRecordSize, valueRecordCount));
+ c->check_array (valuesZ.arrayZ, valueRecordCount, valueRecordSize));
}
inline float get_var (hb_tag_t tag,