diff --git a/src/hb-aat-layout-common.hh b/src/hb-aat-layout-common.hh index 25f4fe14a..85c40a71d 100644 --- a/src/hb-aat-layout-common.hh +++ b/src/hb-aat-layout-common.hh @@ -129,7 +129,7 @@ struct BinSearchArrayOf TRACE_SANITIZE (this); return_trace (header.sanitize (c) && Type::static_size >= header.unitSize && - c->check_array (bytesZ, header.unitSize, header.nUnits)); + c->check_array (bytesZ, header.nUnits, header.unitSize)); } protected: @@ -480,8 +480,8 @@ struct StateTable while (state < num_states) { if (unlikely (!c->check_array (states, - states[0].static_size * nClasses, - num_states))) + num_states, + states[0].static_size * nClasses))) return_trace (false); { /* Sweep new states. */ const HBUINT16 *stop = &states[num_states * nClasses]; @@ -490,9 +490,7 @@ struct StateTable state = num_states; } - if (unlikely (!c->check_array (entries, - entries[0].static_size, - num_entries))) + if (unlikely (!c->check_array (entries, num_entries))) return_trace (false); { /* Sweep new entries. */ const Entry *stop = &entries[num_entries]; diff --git a/src/hb-aat-layout-morx-table.hh b/src/hb-aat-layout-morx-table.hh index ef452e22b..6f7bf770a 100644 --- a/src/hb-aat-layout-morx-table.hh +++ b/src/hb-aat-layout-morx-table.hh @@ -648,7 +648,7 @@ struct Chain !c->check_range (this, length)) return_trace (false); - if (!c->check_array (featureZ, featureZ[0].static_size, featureCount)) + if (!c->check_array (featureZ, featureCount)) return_trace (false); const ChainSubtable *subtable = &StructAtOffset (featureZ, featureZ[0].static_size * featureCount); diff --git a/src/hb-machinery.hh b/src/hb-machinery.hh index 62f490721..f80cfdb2e 100644 --- a/src/hb-machinery.hh +++ b/src/hb-machinery.hh @@ -296,7 +296,8 @@ struct hb_sanitize_context_t : return likely (ok); } - inline bool check_array (const void *base, unsigned int record_size, unsigned int len) const + template + inline bool check_array (const T *base, unsigned int len, unsigned int record_size = T::static_size) const { const char *p = (const char *) base; bool overflows = hb_unsigned_mul_overflows (len, record_size); diff --git a/src/hb-open-type.hh b/src/hb-open-type.hh index ef18163fa..49e52c6eb 100644 --- a/src/hb-open-type.hh +++ b/src/hb-open-type.hh @@ -345,7 +345,7 @@ struct UnsizedArrayOf inline bool sanitize_shallow (hb_sanitize_context_t *c, unsigned int count) const { TRACE_SANITIZE (this); - return_trace (c->check_array (arrayZ, arrayZ[0].static_size, count)); + return_trace (c->check_array (arrayZ, count)); } public: @@ -487,7 +487,7 @@ struct ArrayOf inline bool sanitize_shallow (hb_sanitize_context_t *c) const { TRACE_SANITIZE (this); - return_trace (len.sanitize (c) && c->check_array (arrayZ, Type::static_size, len)); + return_trace (len.sanitize (c) && c->check_array (arrayZ, len)); } public: @@ -596,7 +596,7 @@ struct HeadlessArrayOf { TRACE_SANITIZE (this); return_trace (len.sanitize (c) && - (!len || c->check_array (arrayZ, Type::static_size, len - 1))); + (!len || c->check_array (arrayZ, len - 1))); } public: diff --git a/src/hb-ot-color-cbdt-table.hh b/src/hb-ot-color-cbdt-table.hh index 8bedf2224..a5636975b 100644 --- a/src/hb-ot-color-cbdt-table.hh +++ b/src/hb-ot-color-cbdt-table.hh @@ -128,7 +128,7 @@ struct IndexSubtableFormat1Or3 { TRACE_SANITIZE (this); return_trace (c->check_struct (this) && - c->check_array (offsetArrayZ, offsetArrayZ[0].static_size, glyph_count + 1)); + c->check_array (offsetArrayZ, glyph_count + 1)); } bool get_image_data (unsigned int idx, @@ -240,7 +240,7 @@ struct IndexSubtableArray inline bool sanitize (hb_sanitize_context_t *c, unsigned int count) const { TRACE_SANITIZE (this); - if (unlikely (!c->check_array (&indexSubtablesZ, indexSubtablesZ[0].static_size, count))) + if (unlikely (!c->check_array (indexSubtablesZ, count))) return_trace (false); for (unsigned int i = 0; i < count; i++) if (unlikely (!indexSubtablesZ[i].sanitize (c, this))) diff --git a/src/hb-ot-kern-table.hh b/src/hb-ot-kern-table.hh index 40f94be29..e9f109c3f 100644 --- a/src/hb-ot-kern-table.hh +++ b/src/hb-ot-kern-table.hh @@ -208,7 +208,7 @@ struct KernSubTableWrapper TRACE_SANITIZE (this); return_trace (c->check_struct (thiz()) && thiz()->length >= T::min_size && - c->check_array (thiz(), 1, thiz()->length) && + c->check_array (thiz(), thiz()->length, 1) && thiz()->subtable.sanitize (c, thiz()->format)); } }; diff --git a/src/hb-ot-layout-common.hh b/src/hb-ot-layout-common.hh index dd65f3384..e469ff879 100644 --- a/src/hb-ot-layout-common.hh +++ b/src/hb-ot-layout-common.hh @@ -1542,7 +1542,7 @@ struct VarData regionIndices.sanitize(c) && shortCount <= regionIndices.len && c->check_array (&StructAfter (regionIndices), - get_row_size (), itemCount)); + itemCount, get_row_size ())); } protected: diff --git a/src/hb-ot-layout-gpos-table.hh b/src/hb-ot-layout-gpos-table.hh index 5847306d6..b3651f933 100644 --- a/src/hb-ot-layout-gpos-table.hh +++ b/src/hb-ot-layout-gpos-table.hh @@ -199,7 +199,7 @@ struct ValueFormat : HBUINT16 TRACE_SANITIZE (this); unsigned int len = get_len (); - if (!c->check_array (values, get_size (), count)) return_trace (false); + if (!c->check_array (values, count, get_size ())) return_trace (false); if (!has_device ()) return_trace (true); @@ -376,7 +376,7 @@ struct AnchorMatrix if (!c->check_struct (this)) return_trace (false); if (unlikely (hb_unsigned_mul_overflows (rows, cols))) return_trace (false); unsigned int count = rows * cols; - if (!c->check_array (matrixZ, matrixZ[0].static_size, count)) return_trace (false); + if (!c->check_array (matrixZ, count)) return_trace (false); for (unsigned int i = 0; i < count; i++) if (!matrixZ[i].sanitize (c, this)) return_trace (false); return_trace (true); @@ -698,7 +698,7 @@ struct PairSet { TRACE_SANITIZE (this); if (!(c->check_struct (this) - && c->check_array (arrayZ, HBUINT16::static_size * closure->stride, len))) return_trace (false); + && c->check_array (arrayZ, len, HBUINT16::static_size * closure->stride))) return_trace (false); unsigned int count = len; const PairValueRecord *record = CastP (arrayZ); @@ -869,7 +869,7 @@ struct PairPosFormat2 unsigned int stride = len1 + len2; unsigned int record_size = valueFormat1.get_size () + valueFormat2.get_size (); unsigned int count = (unsigned int) class1Count * (unsigned int) class2Count; - return_trace (c->check_array (values, record_size, count) && + return_trace (c->check_array (values, count, record_size) && valueFormat1.sanitize_values_stride_unsafe (c, this, &values[0], count, stride) && valueFormat2.sanitize_values_stride_unsafe (c, this, &values[len1], count, stride)); } diff --git a/src/hb-ot-layout-gsubgpos.hh b/src/hb-ot-layout-gsubgpos.hh index d4755655e..719a5050a 100644 --- a/src/hb-ot-layout-gsubgpos.hh +++ b/src/hb-ot-layout-gsubgpos.hh @@ -1677,11 +1677,11 @@ struct ContextFormat3 if (!c->check_struct (this)) return_trace (false); unsigned int count = glyphCount; if (!count) return_trace (false); /* We want to access coverageZ[0] freely. */ - if (!c->check_array (coverageZ.arrayZ, coverageZ[0].static_size, count)) return_trace (false); + if (!c->check_array (coverageZ.arrayZ, count)) return_trace (false); for (unsigned int i = 0; i < count; i++) if (!coverageZ[i].sanitize (c, this)) return_trace (false); const LookupRecord *lookupRecord = &StructAtOffset (coverageZ.arrayZ, coverageZ[0].static_size * count); - return_trace (c->check_array (lookupRecord, lookupRecord[0].static_size, lookupCount)); + return_trace (c->check_array (lookupRecord, lookupCount)); } protected: diff --git a/src/hb-ot-math-table.hh b/src/hb-ot-math-table.hh index b7ca167b1..1b2d550a7 100644 --- a/src/hb-ot-math-table.hh +++ b/src/hb-ot-math-table.hh @@ -242,9 +242,7 @@ struct MathKern { TRACE_SANITIZE (this); return_trace (c->check_struct (this) && - c->check_array (mathValueRecords, - mathValueRecords[0].static_size, - 2 * heightCount + 1) && + c->check_array (mathValueRecords, 2 * heightCount + 1) && sanitize_math_value_records (c)); } @@ -598,9 +596,7 @@ struct MathVariants return_trace (c->check_struct (this) && vertGlyphCoverage.sanitize (c, this) && horizGlyphCoverage.sanitize (c, this) && - c->check_array (glyphConstruction, - glyphConstruction[0].static_size, - vertGlyphCount + horizGlyphCount) && + c->check_array (glyphConstruction, vertGlyphCount + horizGlyphCount) && sanitize_offsets (c)); } diff --git a/src/hb-ot-name-table.hh b/src/hb-ot-name-table.hh index a1de1193f..c1e7adbdd 100644 --- a/src/hb-ot-name-table.hh +++ b/src/hb-ot-name-table.hh @@ -118,7 +118,7 @@ struct name TRACE_SANITIZE (this); return_trace (c->check_struct (this) && likely (format == 0 || format == 1) && - c->check_array (nameRecord, nameRecord[0].static_size, count) && + c->check_array (nameRecord, count) && sanitize_records (c)); } diff --git a/src/hb-ot-var-avar-table.hh b/src/hb-ot-var-avar-table.hh index 5428c97bb..d100ca21e 100644 --- a/src/hb-ot-var-avar-table.hh +++ b/src/hb-ot-var-avar-table.hh @@ -93,6 +93,7 @@ struct SegmentMaps : ArrayOf (value - arrayZ[i-1].fromCoord) + denom/2) / denom; } + public: DEFINE_SIZE_ARRAY (2, arrayZ); }; @@ -105,8 +106,7 @@ struct avar TRACE_SANITIZE (this); if (unlikely (!(version.sanitize (c) && version.major == 1 && - c->check_struct (this), - c->check_array(axisSegmentMapsZ.arrayZ, sizeof (axisSegmentMapsZ[0]), axisCount)))) + c->check_struct (this)))) return_trace (false); const SegmentMaps *map = axisSegmentMapsZ.arrayZ; diff --git a/src/hb-ot-var-fvar-table.hh b/src/hb-ot-var-fvar-table.hh index 1a85b6e5d..1d17a97eb 100644 --- a/src/hb-ot-var-fvar-table.hh +++ b/src/hb-ot-var-fvar-table.hh @@ -46,7 +46,7 @@ struct InstanceRecord { TRACE_SANITIZE (this); return_trace (c->check_struct (this) && - c->check_array (coordinatesZ.arrayZ, coordinatesZ[0].static_size, axis_count)); + c->check_array (coordinatesZ.arrayZ, axis_count)); } protected: diff --git a/src/hb-ot-var-hvar-table.hh b/src/hb-ot-var-hvar-table.hh index 97300f42b..d87285b7f 100644 --- a/src/hb-ot-var-hvar-table.hh +++ b/src/hb-ot-var-hvar-table.hh @@ -39,7 +39,7 @@ struct DeltaSetIndexMap { TRACE_SANITIZE (this); return_trace (c->check_struct (this) && - c->check_array (mapDataZ.arrayZ, get_width (), mapCount)); + c->check_array (mapDataZ.arrayZ, mapCount, get_width ())); } unsigned int map (unsigned int v) const /* Returns 16.16 outer.inner. */ diff --git a/src/hb-ot-var-mvar-table.hh b/src/hb-ot-var-mvar-table.hh index d10c3e9d8..d60c6b910 100644 --- a/src/hb-ot-var-mvar-table.hh +++ b/src/hb-ot-var-mvar-table.hh @@ -68,7 +68,7 @@ struct MVAR c->check_struct (this) && valueRecordSize >= VariationValueRecord::static_size && varStore.sanitize (c, this) && - c->check_array (valuesZ.arrayZ, valueRecordSize, valueRecordCount)); + c->check_array (valuesZ.arrayZ, valueRecordCount, valueRecordSize)); } inline float get_var (hb_tag_t tag,