1 // Copyright 2018 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6
7 #include "core/fxcrt/fx_number.h"
8
9 #include <limits>
10
11 #include "core/fxcrt/fx_extension.h"
12 #include "core/fxcrt/fx_safe_types.h"
13 #include "core/fxcrt/fx_string.h"
14
FX_Number()15 FX_Number::FX_Number()
16 : m_bInteger(true), m_bSigned(false), m_UnsignedValue(0) {}
17
FX_Number(int32_t value)18 FX_Number::FX_Number(int32_t value)
19 : m_bInteger(true), m_bSigned(true), m_SignedValue(value) {}
20
FX_Number(float value)21 FX_Number::FX_Number(float value)
22 : m_bInteger(false), m_bSigned(true), m_FloatValue(value) {}
23
FX_Number(ByteStringView strc)24 FX_Number::FX_Number(ByteStringView strc)
25 : m_bInteger(true), m_bSigned(false), m_UnsignedValue(0) {
26 if (strc.IsEmpty())
27 return;
28
29 if (strc.Contains('.')) {
30 m_bInteger = false;
31 m_bSigned = true;
32 m_FloatValue = StringToFloat(strc);
33 return;
34 }
35
36 // Note, numbers in PDF are typically of the form 123, -123, etc. But,
37 // for things like the Permissions on the encryption hash the number is
38 // actually an unsigned value. We use a uint32_t so we can deal with the
39 // unsigned and then check for overflow if the user actually signed the value.
40 // The Permissions flag is listed in Table 3.20 PDF 1.7 spec.
41 FX_SAFE_UINT32 unsigned_val = 0;
42 bool bNegative = false;
43 size_t cc = 0;
44 if (strc[0] == '+') {
45 cc++;
46 m_bSigned = true;
47 } else if (strc[0] == '-') {
48 bNegative = true;
49 m_bSigned = true;
50 cc++;
51 }
52
53 while (cc < strc.GetLength() && std::isdigit(strc[cc])) {
54 unsigned_val = unsigned_val * 10 + FXSYS_DecimalCharToInt(strc.CharAt(cc));
55 if (!unsigned_val.IsValid())
56 break;
57 cc++;
58 }
59
60 uint32_t uValue = unsigned_val.ValueOrDefault(0);
61 if (!m_bSigned) {
62 m_UnsignedValue = uValue;
63 return;
64 }
65
66 // We have a sign, so if the value was greater then the signed integer
67 // limits, then we've overflowed and must reset to the default value.
68 constexpr uint32_t uLimit =
69 static_cast<uint32_t>(std::numeric_limits<int>::max());
70
71 if (uValue > (bNegative ? uLimit + 1 : uLimit))
72 uValue = 0;
73
74 // Switch back to the int space so we can flip to a negative if we need.
75 int32_t value = static_cast<int32_t>(uValue);
76 if (bNegative) {
77 // |value| is usually positive, except in the corner case of "-2147483648",
78 // where |uValue| is 2147483648. When it gets casted to an int, |value|
79 // becomes -2147483648. For this case, avoid undefined behavior, because
80 // an int32_t cannot represent 2147483648.
81 static constexpr int kMinInt = std::numeric_limits<int>::min();
82 m_SignedValue = LIKELY(value != kMinInt) ? -value : kMinInt;
83 } else {
84 m_SignedValue = value;
85 }
86 }
87
GetSigned() const88 int32_t FX_Number::GetSigned() const {
89 return m_bInteger ? m_SignedValue : static_cast<int32_t>(m_FloatValue);
90 }
91
GetFloat() const92 float FX_Number::GetFloat() const {
93 if (!m_bInteger)
94 return m_FloatValue;
95
96 return m_bSigned ? static_cast<float>(m_SignedValue)
97 : static_cast<float>(m_UnsignedValue);
98 }
99