Bug 213633

Summary:

Improve assertions in StringParsingBuffer

Product:

WebKit

Reporter:

Sam Weinig <sam>

Component:

New Bugs

Assignee:

Sam Weinig <sam>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

benjamin, cdumez, cmarcelo, darin, ews-watchlist, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

213460

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch	none

Sam Weinig

Reported 2020-06-25 18:14:22 PDT

Improve assertions in StringParsingBuffer

Attachments
Patch (2.06 KB, patch) 2020-06-25 18:15 PDT, Sam Weinig	no flags	Details Formatted Diff Diff
Patch (2.06 KB, patch) 2020-06-25 18:51 PDT, Sam Weinig	no flags	Details Formatted Diff Diff
Patch (1.93 KB, patch) 2020-06-26 14:49 PDT, Sam Weinig	no flags	Details Formatted Diff Diff
Patch (1.93 KB, patch) 2020-06-27 08:22 PDT, Sam Weinig	no flags	Details Formatted Diff Diff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.

Sam Weinig

Comment 1 2020-06-25 18:15:56 PDT Comment hidden (obsolete)

Created attachment 402838 [details] Patch

Sam Weinig

Comment 2 2020-06-25 18:51:28 PDT

Created attachment 402841 [details] Patch

Darin Adler

Comment 3 2020-06-26 09:37:41 PDT

Comment on attachment 402841 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402841&action=review > Source/WTF/wtf/text/StringParsingBuffer.h:55 > + ASSERT(static_cast<std::ptrdiff_t>(end - characters) < std::numeric_limits<unsigned>::max()); Surprised that the static_cast on the left side is necessary. Surprised that a static_cast on the right side isn’t necessary to ensure we don’t get signed/unsigned comparison warnings. > Source/WTF/wtf/text/StringParsingBuffer.h:86 > - constexpr void advanceBy(unsigned places) > + constexpr void advanceBy(size_t places) Not sure how I feel about this even though I suggested it. In general if we pass too large a type it will get chopped off. But if the value is too big for unsigned the code won’t work anyway. Not sure why this is more important than taking size_t in operator[]. Could imagine setting this to a super-large integer type and doing a RELEASE_ASSERT. Maybe we should just be leaving this unsigned? Issues don’t seem different here than in operator[] or the constructor.

Sam Weinig

Comment 4 2020-06-26 14:49:25 PDT

Created attachment 402907 [details] Patch

Darin Adler

Comment 5 2020-06-26 15:10:25 PDT

Comment on attachment 402907 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402907&action=review > Source/WTF/wtf/text/StringParsingBuffer.h:55 > + ASSERT(end - characters < std::numeric_limits<unsigned>::max()); <= ?

Sam Weinig

Comment 6 2020-06-27 08:22:26 PDT

Created attachment 402956 [details] Patch

EWS

Comment 7 2020-06-27 09:07:46 PDT

Committed r263620: <https://trac.webkit.org/changeset/263620> All reviewed patches have been landed. Closing bug and clearing flags on attachment 402956 [details].

Radar WebKit Bug Importer

Comment 8 2020-06-27 09:08:20 PDT

<rdar://problem/64844270>

Radar WebKit Bug Importer

Comment 9 2020-06-27 09:08:24 PDT

<rdar://problem/64844271>

Note You need to log in before you can comment on or make changes to this bug.