Commit 1868a10f8b06631362618bfc85ca8646da4b4b71
1 parent
742190bd
Replace all atoi calls with QUtil::string_to_int
The latter catches underflow/overflow.
Showing
9 changed files
with
27 additions
and
23 deletions
README-maintainer.md
| ... | ... | @@ -17,6 +17,7 @@ |
| 17 | 17 | * Test with clang. |
| 18 | 18 | * Check all open issues in the sourceforge trackers and on github. |
| 19 | 19 | * If any interfaces were added or changed, check C API to see whether changes are appropriate there as well. If necessary, review the casting policy in the manual, and ensure that integer types are properly handled. |
| 20 | +* Avoid atoi. Use QUtil::string_to_int instead. It does overflow/underflow checking. | |
| 20 | 21 | * Remember to avoid using `operator[]` with `std::string` or `std::vector`. Instead, use `at()`. See README-hardening.md for details. |
| 21 | 22 | * Increment shared library version information as needed (`LT_*` in `configure.ac`) |
| 22 | 23 | * Update release notes in manual. Look at diffs and ChangeLog. | ... | ... |
examples/pdf-parse-content.cc
libqpdf/QPDF.cc
| ... | ... | @@ -440,8 +440,8 @@ QPDF::reconstruct_xref(QPDFExc& e) |
| 440 | 440 | (t3 == QPDFTokenizer::Token(QPDFTokenizer::tt_word, "obj"))) |
| 441 | 441 | { |
| 442 | 442 | in_obj = true; |
| 443 | - int obj = atoi(t1.getValue().c_str()); | |
| 444 | - int gen = atoi(t2.getValue().c_str()); | |
| 443 | + int obj = QUtil::string_to_int(t1.getValue().c_str()); | |
| 444 | + int gen = QUtil::string_to_int(t2.getValue().c_str()); | |
| 445 | 445 | insertXrefEntry(obj, 1, token_start, gen, true); |
| 446 | 446 | } |
| 447 | 447 | } |
| ... | ... | @@ -610,8 +610,8 @@ QPDF::parse_xrefFirst(std::string const& line, |
| 610 | 610 | ++p; |
| 611 | 611 | } |
| 612 | 612 | bytes = p - start; |
| 613 | - obj = atoi(obj_str.c_str()); | |
| 614 | - num = atoi(num_str.c_str()); | |
| 613 | + obj = QUtil::string_to_int(obj_str.c_str()); | |
| 614 | + num = QUtil::string_to_int(num_str.c_str()); | |
| 615 | 615 | return true; |
| 616 | 616 | } |
| 617 | 617 | |
| ... | ... | @@ -706,7 +706,7 @@ QPDF::parse_xrefEntry(std::string const& line, |
| 706 | 706 | } |
| 707 | 707 | |
| 708 | 708 | f1 = QUtil::string_to_ll(f1_str.c_str()); |
| 709 | - f2 = atoi(f2_str.c_str()); | |
| 709 | + f2 = QUtil::string_to_int(f2_str.c_str()); | |
| 710 | 710 | |
| 711 | 711 | return true; |
| 712 | 712 | } |
| ... | ... | @@ -1570,8 +1570,8 @@ QPDF::readObjectAtOffset(bool try_recovery, |
| 1570 | 1570 | this->m->last_object_description, offset, |
| 1571 | 1571 | "expected n n obj"); |
| 1572 | 1572 | } |
| 1573 | - objid = atoi(tobjid.getValue().c_str()); | |
| 1574 | - generation = atoi(tgen.getValue().c_str()); | |
| 1573 | + objid = QUtil::string_to_int(tobjid.getValue().c_str()); | |
| 1574 | + generation = QUtil::string_to_int(tgen.getValue().c_str()); | |
| 1575 | 1575 | |
| 1576 | 1576 | if (objid == 0) |
| 1577 | 1577 | { |
| ... | ... | @@ -1855,7 +1855,7 @@ QPDF::resolveObjectsInStream(int obj_stream_number) |
| 1855 | 1855 | "expected integer in object stream header"); |
| 1856 | 1856 | } |
| 1857 | 1857 | |
| 1858 | - int num = atoi(tnum.getValue().c_str()); | |
| 1858 | + int num = QUtil::string_to_int(tnum.getValue().c_str()); | |
| 1859 | 1859 | int offset = QUtil::string_to_ll(toffset.getValue().c_str()); |
| 1860 | 1860 | offsets[num] = offset + first; |
| 1861 | 1861 | } | ... | ... |
libqpdf/QPDFWriter.cc
| ... | ... | @@ -661,8 +661,10 @@ QPDFWriter::disableIncompatibleEncryption(int major, int minor, |
| 661 | 661 | } |
| 662 | 662 | else |
| 663 | 663 | { |
| 664 | - int V = atoi(this->m->encryption_dictionary["/V"].c_str()); | |
| 665 | - int R = atoi(this->m->encryption_dictionary["/R"].c_str()); | |
| 664 | + int V = QUtil::string_to_int( | |
| 665 | + this->m->encryption_dictionary["/V"].c_str()); | |
| 666 | + int R = QUtil::string_to_int( | |
| 667 | + this->m->encryption_dictionary["/R"].c_str()); | |
| 666 | 668 | if (compareVersions(major, minor, 1, 4) < 0) |
| 667 | 669 | { |
| 668 | 670 | if ((V > 1) || (R > 2)) |
| ... | ... | @@ -705,12 +707,12 @@ void |
| 705 | 707 | QPDFWriter::parseVersion(std::string const& version, |
| 706 | 708 | int& major, int& minor) const |
| 707 | 709 | { |
| 708 | - major = atoi(version.c_str()); | |
| 710 | + major = QUtil::string_to_int(version.c_str()); | |
| 709 | 711 | minor = 0; |
| 710 | 712 | size_t p = version.find('.'); |
| 711 | 713 | if ((p != std::string::npos) && (version.length() > p)) |
| 712 | 714 | { |
| 713 | - minor = atoi(version.substr(p + 1).c_str()); | |
| 715 | + minor = QUtil::string_to_int(version.substr(p + 1).c_str()); | |
| 714 | 716 | } |
| 715 | 717 | std::string tmp = QUtil::int_to_string(major) + "." + |
| 716 | 718 | QUtil::int_to_string(minor); | ... | ... |
libtests/dct_compress.cc
| ... | ... | @@ -42,8 +42,8 @@ int main(int argc, char* argv[]) |
| 42 | 42 | |
| 43 | 43 | char* infilename = argv[1]; |
| 44 | 44 | char* outfilename = argv[2]; |
| 45 | - unsigned int width = atoi(argv[3]); | |
| 46 | - unsigned int height = atoi(argv[4]); | |
| 45 | + int width = QUtil::string_to_int(argv[3]); | |
| 46 | + int height = QUtil::string_to_int(argv[4]); | |
| 47 | 47 | char* colorspace = argv[5]; |
| 48 | 48 | J_COLOR_SPACE cs = |
| 49 | 49 | ((strcmp(colorspace, "rgb") == 0) ? JCS_RGB : | ... | ... |
libtests/png_filter.cc
qpdf/pdf_from_scratch.cc
qpdf/qpdf.cc
| ... | ... | @@ -1127,7 +1127,7 @@ static void parse_version(std::string const& full_version_string, |
| 1127 | 1127 | if (p2 && *(p2 + 1)) |
| 1128 | 1128 | { |
| 1129 | 1129 | *p2++ = '\0'; |
| 1130 | - extension_level = atoi(p2); | |
| 1130 | + extension_level = QUtil::string_to_int(p2); | |
| 1131 | 1131 | } |
| 1132 | 1132 | version = v; |
| 1133 | 1133 | } |
| ... | ... | @@ -1233,7 +1233,7 @@ static void parse_rotation_parameter(Options& o, std::string const& parameter) |
| 1233 | 1233 | if (range_valid && |
| 1234 | 1234 | ((angle_str == "90") || (angle_str == "180") || (angle_str == "270"))) |
| 1235 | 1235 | { |
| 1236 | - int angle = atoi(angle_str.c_str()); | |
| 1236 | + int angle = QUtil::string_to_int(angle_str.c_str()); | |
| 1237 | 1237 | if (relative == -1) |
| 1238 | 1238 | { |
| 1239 | 1239 | angle = -angle; |
| ... | ... | @@ -1492,7 +1492,8 @@ static void parse_options(int argc, char* argv[], Options& o) |
| 1492 | 1492 | } |
| 1493 | 1493 | else if (strcmp(arg, "split-pages") == 0) |
| 1494 | 1494 | { |
| 1495 | - int n = ((parameter == 0) ? 1 : atoi(parameter)); | |
| 1495 | + int n = ((parameter == 0) ? 1 : | |
| 1496 | + QUtil::string_to_int(parameter)); | |
| 1496 | 1497 | o.split_pages = n; |
| 1497 | 1498 | } |
| 1498 | 1499 | else if (strcmp(arg, "verbose") == 0) |
| ... | ... | @@ -1547,9 +1548,9 @@ static void parse_options(int argc, char* argv[], Options& o) |
| 1547 | 1548 | if ((gen = strchr(obj, ',')) != 0) |
| 1548 | 1549 | { |
| 1549 | 1550 | *gen++ = 0; |
| 1550 | - o.show_gen = atoi(gen); | |
| 1551 | + o.show_gen = QUtil::string_to_int(gen); | |
| 1551 | 1552 | } |
| 1552 | - o.show_obj = atoi(obj); | |
| 1553 | + o.show_obj = QUtil::string_to_int(obj); | |
| 1553 | 1554 | o.require_outfile = false; |
| 1554 | 1555 | } |
| 1555 | 1556 | else if (strcmp(arg, "raw-stream-data") == 0) | ... | ... |
qpdf/test_driver.cc
| ... | ... | @@ -1383,7 +1383,7 @@ int main(int argc, char* argv[]) |
| 1383 | 1383 | |
| 1384 | 1384 | try |
| 1385 | 1385 | { |
| 1386 | - int n = atoi(argv[1]); | |
| 1386 | + int n = QUtil::string_to_int(argv[1]); | |
| 1387 | 1387 | char const* filename1 = argv[2]; |
| 1388 | 1388 | char const* arg2 = argv[3]; |
| 1389 | 1389 | runtest(n, filename1, arg2); | ... | ... |