Commit 92b692466f7a4dbf4e51e6a77713c029a3e18ab1
1 parent
b20f0519
Remove remaining incorrect assert calls from implementation
Showing
10 changed files
with
25 additions
and
20 deletions
README-maintainer
| @@ -123,6 +123,12 @@ CODING RULES | @@ -123,6 +123,12 @@ CODING RULES | ||
| 123 | "Code Formatting" section in manual/contributing.rst for details. | 123 | "Code Formatting" section in manual/contributing.rst for details. |
| 124 | See also "CODE FORMATTING" below. | 124 | See also "CODE FORMATTING" below. |
| 125 | 125 | ||
| 126 | +* Do not use assert in non-test code for any purpose other than as a | ||
| 127 | + sanity check during development that would be safe to remove in | ||
| 128 | + production. assert is for strong invariant checking. When developing | ||
| 129 | + and using assert for that purpose, make sure to use the Debug | ||
| 130 | + configuration since assert is disabled in other configurations. | ||
| 131 | + | ||
| 126 | * In a source file, include the header file that declares the source | 132 | * In a source file, include the header file that declares the source |
| 127 | class first followed by a blank line. If a config file is needed | 133 | class first followed by a blank line. If a config file is needed |
| 128 | first, put a blank line between that and the header followed by | 134 | first, put a blank line between that and the header followed by |
libqpdf/AES_PDF_native.cc
| @@ -4,7 +4,6 @@ | @@ -4,7 +4,6 @@ | ||
| 4 | #include <qpdf/QPDFCryptoImpl.hh> | 4 | #include <qpdf/QPDFCryptoImpl.hh> |
| 5 | #include <qpdf/QUtil.hh> | 5 | #include <qpdf/QUtil.hh> |
| 6 | #include <qpdf/rijndael.h> | 6 | #include <qpdf/rijndael.h> |
| 7 | -#include <assert.h> | ||
| 8 | #include <cstring> | 7 | #include <cstring> |
| 9 | #include <stdexcept> | 8 | #include <stdexcept> |
| 10 | #include <stdlib.h> | 9 | #include <stdlib.h> |
libqpdf/Pl_AES_PDF.cc
| @@ -3,7 +3,6 @@ | @@ -3,7 +3,6 @@ | ||
| 3 | #include <qpdf/QIntC.hh> | 3 | #include <qpdf/QIntC.hh> |
| 4 | #include <qpdf/QPDFCryptoProvider.hh> | 4 | #include <qpdf/QPDFCryptoProvider.hh> |
| 5 | #include <qpdf/QUtil.hh> | 5 | #include <qpdf/QUtil.hh> |
| 6 | -#include <assert.h> | ||
| 7 | #include <cstring> | 6 | #include <cstring> |
| 8 | #include <stdexcept> | 7 | #include <stdexcept> |
| 9 | #include <stdlib.h> | 8 | #include <stdlib.h> |
| @@ -115,7 +114,10 @@ Pl_AES_PDF::finish() | @@ -115,7 +114,10 @@ Pl_AES_PDF::finish() | ||
| 115 | // encountered files for which the output is not a | 114 | // encountered files for which the output is not a |
| 116 | // multiple of the block size. In this case, pad with | 115 | // multiple of the block size. In this case, pad with |
| 117 | // zeroes and hope for the best. | 116 | // zeroes and hope for the best. |
| 118 | - assert(this->buf_size > this->offset); | 117 | + if (this->offset >= this->buf_size) { |
| 118 | + throw std::logic_error("buffer overflow in AES encryption" | ||
| 119 | + " pipeline"); | ||
| 120 | + } | ||
| 119 | std::memset( | 121 | std::memset( |
| 120 | this->inbuf + this->offset, 0, this->buf_size - this->offset); | 122 | this->inbuf + this->offset, 0, this->buf_size - this->offset); |
| 121 | this->offset = this->buf_size; | 123 | this->offset = this->buf_size; |
| @@ -147,7 +149,10 @@ Pl_AES_PDF::initializeVector() | @@ -147,7 +149,10 @@ Pl_AES_PDF::initializeVector() | ||
| 147 | void | 149 | void |
| 148 | Pl_AES_PDF::flush(bool strip_padding) | 150 | Pl_AES_PDF::flush(bool strip_padding) |
| 149 | { | 151 | { |
| 150 | - assert(this->offset == this->buf_size); | 152 | + if (this->offset != this->buf_size) { |
| 153 | + throw std::logic_error( | ||
| 154 | + "AES pipeline: flush called when buffer was not full"); | ||
| 155 | + } | ||
| 151 | 156 | ||
| 152 | if (first) { | 157 | if (first) { |
| 153 | first = false; | 158 | first = false; |
libqpdf/Pl_Buffer.cc
libqpdf/Pl_LZWDecoder.cc
| @@ -3,7 +3,6 @@ | @@ -3,7 +3,6 @@ | ||
| 3 | #include <qpdf/QIntC.hh> | 3 | #include <qpdf/QIntC.hh> |
| 4 | #include <qpdf/QTC.hh> | 4 | #include <qpdf/QTC.hh> |
| 5 | #include <qpdf/QUtil.hh> | 5 | #include <qpdf/QUtil.hh> |
| 6 | -#include <assert.h> | ||
| 7 | #include <stdexcept> | 6 | #include <stdexcept> |
| 8 | #include <string.h> | 7 | #include <string.h> |
| 9 | 8 |
libqpdf/QPDFWriter.cc
| @@ -11,18 +11,17 @@ | @@ -11,18 +11,17 @@ | ||
| 11 | #include <qpdf/Pl_PNGFilter.hh> | 11 | #include <qpdf/Pl_PNGFilter.hh> |
| 12 | #include <qpdf/Pl_RC4.hh> | 12 | #include <qpdf/Pl_RC4.hh> |
| 13 | #include <qpdf/Pl_StdioFile.hh> | 13 | #include <qpdf/Pl_StdioFile.hh> |
| 14 | -#include <qpdf/QTC.hh> | ||
| 15 | -#include <qpdf/QUtil.hh> | ||
| 16 | -#include <qpdf/RC4.hh> | ||
| 17 | -#include <assert.h> | ||
| 18 | - | ||
| 19 | #include <qpdf/QIntC.hh> | 14 | #include <qpdf/QIntC.hh> |
| 20 | #include <qpdf/QPDF.hh> | 15 | #include <qpdf/QPDF.hh> |
| 21 | #include <qpdf/QPDFObjectHandle.hh> | 16 | #include <qpdf/QPDFObjectHandle.hh> |
| 22 | #include <qpdf/QPDF_Name.hh> | 17 | #include <qpdf/QPDF_Name.hh> |
| 23 | #include <qpdf/QPDF_String.hh> | 18 | #include <qpdf/QPDF_String.hh> |
| 19 | +#include <qpdf/QTC.hh> | ||
| 20 | +#include <qpdf/QUtil.hh> | ||
| 21 | +#include <qpdf/RC4.hh> | ||
| 24 | 22 | ||
| 25 | #include <algorithm> | 23 | #include <algorithm> |
| 24 | +#include <cassert> | ||
| 26 | #include <stdlib.h> | 25 | #include <stdlib.h> |
| 27 | 26 | ||
| 28 | QPDFWriter::Members::Members(QPDF& pdf) : | 27 | QPDFWriter::Members::Members(QPDF& pdf) : |
libqpdf/QPDF_encryption.cc
| @@ -15,7 +15,7 @@ | @@ -15,7 +15,7 @@ | ||
| 15 | #include <qpdf/RC4.hh> | 15 | #include <qpdf/RC4.hh> |
| 16 | 16 | ||
| 17 | #include <algorithm> | 17 | #include <algorithm> |
| 18 | -#include <assert.h> | 18 | +#include <cassert> |
| 19 | #include <string.h> | 19 | #include <string.h> |
| 20 | 20 | ||
| 21 | static unsigned char const padding_string[] = { | 21 | static unsigned char const padding_string[] = { |
libqpdf/QPDF_linearization.cc
| @@ -12,7 +12,6 @@ | @@ -12,7 +12,6 @@ | ||
| 12 | #include <qpdf/QUtil.hh> | 12 | #include <qpdf/QUtil.hh> |
| 13 | 13 | ||
| 14 | #include <algorithm> | 14 | #include <algorithm> |
| 15 | -#include <assert.h> | ||
| 16 | #include <iostream> | 15 | #include <iostream> |
| 17 | #include <math.h> | 16 | #include <math.h> |
| 18 | #include <string.h> | 17 | #include <string.h> |
| @@ -172,9 +171,6 @@ QPDF::readLinearizationData() | @@ -172,9 +171,6 @@ QPDF::readLinearizationData() | ||
| 172 | // This function throws an exception (which is trapped by | 171 | // This function throws an exception (which is trapped by |
| 173 | // checkLinearization()) for any errors that prevent loading. | 172 | // checkLinearization()) for any errors that prevent loading. |
| 174 | 173 | ||
| 175 | - // Hint table parsing code needs at least 32 bits in a long. | ||
| 176 | - assert(sizeof(long) >= 4); | ||
| 177 | - | ||
| 178 | if (!isLinearized()) { | 174 | if (!isLinearized()) { |
| 179 | throw std::logic_error("called readLinearizationData for file" | 175 | throw std::logic_error("called readLinearizationData for file" |
| 180 | " that is not linearized"); | 176 | " that is not linearized"); |
libqpdf/QPDF_optimization.cc
| @@ -6,7 +6,7 @@ | @@ -6,7 +6,7 @@ | ||
| 6 | #include <qpdf/QPDF_Array.hh> | 6 | #include <qpdf/QPDF_Array.hh> |
| 7 | #include <qpdf/QPDF_Dictionary.hh> | 7 | #include <qpdf/QPDF_Dictionary.hh> |
| 8 | #include <qpdf/QTC.hh> | 8 | #include <qpdf/QTC.hh> |
| 9 | -#include <assert.h> | 9 | +#include <cassert> |
| 10 | 10 | ||
| 11 | QPDF::ObjUser::ObjUser() : | 11 | QPDF::ObjUser::ObjUser() : |
| 12 | ou_type(ou_bad), | 12 | ou_type(ou_bad), |
libqpdf/QPDF_pages.cc
| 1 | #include <qpdf/QPDF.hh> | 1 | #include <qpdf/QPDF.hh> |
| 2 | 2 | ||
| 3 | -#include <assert.h> | ||
| 4 | - | ||
| 5 | #include <qpdf/QPDFExc.hh> | 3 | #include <qpdf/QPDFExc.hh> |
| 6 | #include <qpdf/QTC.hh> | 4 | #include <qpdf/QTC.hh> |
| 7 | #include <qpdf/QUtil.hh> | 5 | #include <qpdf/QUtil.hh> |
| @@ -233,6 +231,11 @@ QPDF::insertPage(QPDFObjectHandle newpage, int pos) | @@ -233,6 +231,11 @@ QPDF::insertPage(QPDFObjectHandle newpage, int pos) | ||
| 233 | QTC::TC("qpdf", "QPDF insert indirect page"); | 231 | QTC::TC("qpdf", "QPDF insert indirect page"); |
| 234 | } | 232 | } |
| 235 | 233 | ||
| 234 | + if ((pos < 0) || (QIntC::to_size(pos) > this->m->all_pages.size())) { | ||
| 235 | + throw std::runtime_error( | ||
| 236 | + "QPDF::insertPage called with pos out of range"); | ||
| 237 | + } | ||
| 238 | + | ||
| 236 | QTC::TC( | 239 | QTC::TC( |
| 237 | "qpdf", | 240 | "qpdf", |
| 238 | "QPDF insert page", | 241 | "QPDF insert page", |
| @@ -249,7 +252,6 @@ QPDF::insertPage(QPDFObjectHandle newpage, int pos) | @@ -249,7 +252,6 @@ QPDF::insertPage(QPDFObjectHandle newpage, int pos) | ||
| 249 | 252 | ||
| 250 | QPDFObjectHandle pages = getRoot().getKey("/Pages"); | 253 | QPDFObjectHandle pages = getRoot().getKey("/Pages"); |
| 251 | QPDFObjectHandle kids = pages.getKey("/Kids"); | 254 | QPDFObjectHandle kids = pages.getKey("/Kids"); |
| 252 | - assert((pos >= 0) && (QIntC::to_size(pos) <= this->m->all_pages.size())); | ||
| 253 | 255 | ||
| 254 | newpage.replaceKey("/Parent", pages); | 256 | newpage.replaceKey("/Parent", pages); |
| 255 | kids.insertItem(pos, newpage); | 257 | kids.insertItem(pos, newpage); |