[cairo-commit] 4 commits - src/cairo-array.c src/cairo-ft-font.c src/cairoint.h

GitLab Mirror gitlab-mirror at kemper.freedesktop.org
Sun Feb 20 12:09:04 UTC 2022 

 src/cairo-array.c   |   14 +++++++-------
 src/cairo-ft-font.c |   10 +++++-----
 src/cairoint.h      |   12 ++++++------
 3 files changed, 18 insertions(+), 18 deletions(-)

New commits:
commit 2ec0a874031fdb2f3d7a4eaf1d63740a0e25b268
Merge: cf7508394 f83e0ed4e
Author: Uli Schlachter <psychon at znc.in>
Date:   Sun Feb 20 12:09:02 2022 +0000

    Merge branch 'develop3' into 'master'
    
    miscellaneous math fixes
    
    See merge request cairo/cairo!280

commit f83e0ed4e665a1eb317b321964fae4ea934bdf58
Author: Ayman El Didi <ayman at eldidi.org>
Date:   Fri Feb 18 00:18:22 2022 -0700

    removed redundant casts in cairoint.h
    
    In a couple of instances, ints are being casted to int before use.

diff --git a/src/cairoint.h b/src/cairoint.h
index 8299bf92d..4ffcba033 100644
--- a/src/cairoint.h
+++ b/src/cairoint.h
@@ -351,10 +351,10 @@ static inline cairo_bool_t
 _cairo_rectangle_intersects (const cairo_rectangle_int_t *dst,
 			     const cairo_rectangle_int_t *src)
 {
-    return !(src->x >= dst->x + (int) dst->width ||
-	     src->x + (int) src->width <= dst->x ||
-	     src->y >= dst->y + (int) dst->height ||
-	     src->y + (int) src->height <= dst->y);
+    return !(src->x >= dst->x + dst->width  ||
+	     src->x + src->width <= dst->x  ||
+	     src->y >= dst->y + dst->height ||
+	     src->y + src->height <= dst->y);
 }
 
 static inline cairo_bool_t
@@ -362,9 +362,9 @@ _cairo_rectangle_contains_rectangle (const cairo_rectangle_int_t *a,
 				     const cairo_rectangle_int_t *b)
 {
     return (a->x <= b->x &&
-	    a->x + (int) a->width >= b->x + (int) b->width &&
+	    a->x + a->width >= b->x + b->width &&
 	    a->y <= b->y &&
-	    a->y + (int) a->height >= b->y + (int) b->height);
+	    a->y + a->height >= b->y + b->height);
 }
 
 cairo_private void
commit 915dd7942264c76c78e15989476b80ba70f70f64
Author: Ayman El Didi <ayman at eldidi.org>
Date:   Sat Feb 19 11:59:41 2022 -0700

    fixed some multiplications prone to overflowing their type
    
    In a couple of instances, code is present where two numbers are being
    multiplied in a type like unsigned int, but immediately being casted
    to a wider type like size_t.
    
    This means, although the result can be any size_t value, the
    multiplication can potentially overflow before it's used because
    unsigned int has a smaller range of values.
    
    In another more niche case, I also cast to size_t before multiplying
    a signed integer, since the result is immediately used as an argument
    to memcpy, which would give memory corruption if the value was negative
    anyway.

diff --git a/src/cairo-array.c b/src/cairo-array.c
index c93714f38..db7b6de7a 100644
--- a/src/cairo-array.c
+++ b/src/cairo-array.c
@@ -181,7 +181,7 @@ _cairo_array_index (cairo_array_t *array, unsigned int index)
 
     assert (index < array->num_elements);
 
-    return array->elements + index * array->element_size;
+    return array->elements + (size_t)index * array->element_size;
 }
 
 /**
@@ -225,7 +225,7 @@ _cairo_array_index_const (const cairo_array_t *array, unsigned int index)
 
     assert (index < array->num_elements);
 
-    return array->elements + index * array->element_size;
+    return array->elements + (size_t)index * array->element_size;
 }
 
 /**
@@ -289,7 +289,7 @@ _cairo_array_append_multiple (cairo_array_t	*array,
     if (unlikely (status))
 	return status;
 
-    memcpy (dest, elements, num_elements * array->element_size);
+    memcpy (dest, elements, (size_t)num_elements * array->element_size);
 
     return CAIRO_STATUS_SUCCESS;
 }
@@ -320,7 +320,7 @@ _cairo_array_allocate (cairo_array_t	 *array,
 
     assert (array->num_elements + num_elements <= array->size);
 
-    *elements = array->elements + array->num_elements * array->element_size;
+    *elements = array->elements + (size_t)array->num_elements * array->element_size;
 
     array->num_elements += num_elements;
 
diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
index 683ee916d..60b98fb41 100644
--- a/src/cairo-ft-font.c
+++ b/src/cairo-ft-font.c
@@ -1194,7 +1194,7 @@ _fill_xrender_bitmap(FT_Bitmap      *target,
 #ifdef FT_LOAD_COLOR
     case FT_PIXEL_MODE_BGRA:
 	for (h = height; h > 0; h--, srcLine += src_pitch, dstLine += pitch)
-	    memcpy (dstLine, srcLine, width * 4);
+	    memcpy (dstLine, srcLine, (size_t)width * 4);
 	break;
 #endif
 
@@ -1241,7 +1241,7 @@ _get_bitmap_surface (FT_Bitmap		     *bitmap,
 		return _cairo_error (CAIRO_STATUS_NO_MEMORY);
 
 	    if (stride == bitmap->pitch) {
-		memcpy (data, bitmap->buffer, stride * height);
+		memcpy (data, bitmap->buffer, (size_t)stride * height);
 	    } else {
 		int i;
 		unsigned char *source, *dest;
@@ -1294,7 +1294,7 @@ _get_bitmap_surface (FT_Bitmap		     *bitmap,
 		if (!data)
 		    return _cairo_error (CAIRO_STATUS_NO_MEMORY);
 
-		memcpy (data, bitmap->buffer, stride * height);
+		memcpy (data, bitmap->buffer, (size_t)stride * height);
 	    }
 
 	    format = CAIRO_FORMAT_A8;
@@ -1315,7 +1315,7 @@ _get_bitmap_surface (FT_Bitmap		     *bitmap,
 	    if (!data)
 		return _cairo_error (CAIRO_STATUS_NO_MEMORY);
 
-	    memcpy (data, bitmap->buffer, stride * height);
+	    memcpy (data, bitmap->buffer, (size_t)stride * height);
 	}
 
 	if (!_cairo_is_little_endian ())
@@ -1371,7 +1371,7 @@ _get_bitmap_surface (FT_Bitmap		     *bitmap,
 	      }
 	    }
 
-	    memcpy (data, bitmap->buffer, stride * height);
+	    memcpy (data, bitmap->buffer, (size_t)stride * height);
 	    break;
 	}
 	/* fall through */
commit 8f7d039801f4dd0013fa8735aec82af44389ce8a
Author: Ayman El Didi <ayman at eldidi.org>
Date:   Thu Feb 17 23:22:43 2022 -0700

    fixed some comparisons between signed and unsigned integers
    
    In some places, there were int variables being compared to unsigned
    ints when they would never take a negative value, exposing some edge
    cases that didn't need to be there.

diff --git a/src/cairo-array.c b/src/cairo-array.c
index 60f45db4e..c93714f38 100644
--- a/src/cairo-array.c
+++ b/src/cairo-array.c
@@ -412,7 +412,7 @@ void *
 _cairo_user_data_array_get_data (cairo_user_data_array_t     *array,
 				 const cairo_user_data_key_t *key)
 {
-    int i, num_slots;
+    unsigned int i, num_slots;
     cairo_user_data_slot_t *slots;
 
     /* We allow this to support degenerate objects such as cairo_surface_nil. */
@@ -452,7 +452,7 @@ _cairo_user_data_array_set_data (cairo_user_data_array_t     *array,
 				 cairo_destroy_func_t	      destroy)
 {
     cairo_status_t status;
-    int i, num_slots;
+    unsigned int i, num_slots;
     cairo_user_data_slot_t *slots, *slot, new_slot;
 
     if (user_data) {
@@ -523,7 +523,7 @@ _cairo_user_data_array_foreach (cairo_user_data_array_t     *array,
 				void *closure)
 {
     cairo_user_data_slot_t *slots;
-    int i, num_slots;
+    unsigned int i, num_slots;
 
     num_slots = array->num_elements;
     slots = _cairo_array_index (array, 0);

More information about the cairo-commit mailing list