Bug 576927 - Use saturating multiply when calculating zoomed app units to avoid integer overflow. r=roc
☠☠ backed out by 5e28f202bd55 ☠ ☠
authorMats Palmgren <mats@mozilla.com>
Mon, 16 Nov 2015 17:32:39 +0100
changeset 272703 cbc8ceae73a2
parent 272702 028619a0e9ae
child 272704 1fc0ecca3e9b
push id68050
push usermpalmgren@mozilla.com
push dateMon, 16 Nov 2015 16:32:51 +0000
treeherdermozilla-inbound@ceb2a5dce49b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersroc
bugs576927
milestone45.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 576927 - Use saturating multiply when calculating zoomed app units to avoid integer overflow. r=roc
layout/base/nsPresContext.h
layout/style/nsStyleStruct.cpp
layout/style/nsStyleStruct.h
--- a/layout/base/nsPresContext.h
+++ b/layout/base/nsPresContext.h
@@ -524,16 +524,17 @@ public:
   void SetPrintPreviewScale(float aScale) { mPPScale = aScale; }
 
   nsDeviceContext* DeviceContext() { return mDeviceContext; }
   mozilla::EventStateManager* EventStateManager() { return mEventManager; }
   nsIAtom* GetLanguageFromCharset() { return mLanguage; }
 
   float TextZoom() { return mTextZoom; }
   void SetTextZoom(float aZoom) {
+    MOZ_ASSERT(aZoom > 0.0f, "invalid zoom factor");
     if (aZoom == mTextZoom)
       return;
 
     mTextZoom = aZoom;
     if (HasCachedStyleData()) {
       // Media queries could have changed, since we changed the meaning
       // of 'em' units in them.
       MediaFeatureValuesChanged(eRestyle_ForceDescendants,
--- a/layout/style/nsStyleStruct.cpp
+++ b/layout/style/nsStyleStruct.cpp
@@ -195,23 +195,26 @@ nsChangeHint nsStyleFont::CalcDifference
   }
 
   return NS_STYLE_HINT_NONE;
 }
 
 /* static */ nscoord
 nsStyleFont::ZoomText(nsPresContext *aPresContext, nscoord aSize)
 {
-  return nscoord(float(aSize) * aPresContext->TextZoom());
+  MOZ_ASSERT(aSize >= 0, "negative font size");
+  return NSCoordSaturatingNonnegativeMultiply(aSize, aPresContext->TextZoom());
 }
 
 /* static */ nscoord
 nsStyleFont::UnZoomText(nsPresContext *aPresContext, nscoord aSize)
 {
-  return nscoord(float(aSize) / aPresContext->TextZoom());
+  MOZ_ASSERT(aSize >= 0, "negative font size");
+  return NSCoordSaturatingNonnegativeMultiply(aSize,
+                                              1.0 / aPresContext->TextZoom());
 }
 
 /* static */ already_AddRefed<nsIAtom>
 nsStyleFont::GetLanguage(nsPresContext* aPresContext)
 {
   nsAutoString language;
   aPresContext->Document()->GetContentLanguage(language);
   language.StripWhitespace();
--- a/layout/style/nsStyleStruct.h
+++ b/layout/style/nsStyleStruct.h
@@ -114,17 +114,19 @@ struct nsStyleFont {
     // CalcDifference never returns the reflow hints that are sometimes
     // handled for descendants as hints not handled for descendants.
     return nsChangeHint_NeedReflow |
            nsChangeHint_ReflowChangesSizeOrPosition |
            nsChangeHint_ClearAncestorIntrinsics;
   }
   static nsChangeHint CalcFontDifference(const nsFont& aFont1, const nsFont& aFont2);
 
+  // aSize must be non-negative; the result is clamped to 0 .. nscoord_MAX
   static nscoord ZoomText(nsPresContext* aPresContext, nscoord aSize);
+  // aSize must be non-negative; the result is clamped to 0 .. nscoord_MAX
   static nscoord UnZoomText(nsPresContext* aPresContext, nscoord aSize);
   static already_AddRefed<nsIAtom> GetLanguage(nsPresContext* aPresContext);
 
   void* operator new(size_t sz, nsPresContext* aContext) CPP_THROW_NEW {
     return aContext->PresShell()->
       AllocateByObjectID(mozilla::eArenaObjectID_nsStyleFont, sz);
   }
   void Destroy(nsPresContext* aContext);