Bug 285462

Summary: Fix various -Werror=unsafe-buffer-usage build failures
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKitGTKAssignee: Michael Catanzaro <mcatanzaro>
Status: RESOLVED FIXED    
Severity: Normal CC: bugs-noreply, mcatanzaro
Priority: P2    
Version: Other   
Hardware: PC   
OS: Linux   

Michael Catanzaro
Reported 2025-01-06 13:26:08 PST
/home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:365:32: error: 'variants' is an unsafe buffer that does not perform bounds checks [-Werror,-Wunsafe-buffer-usage] 365 | hb_ot_math_glyph_variant_t variants[10]; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:374:33: note: used in buffer access here 374 | sizeVariants.append(variants[i].glyph); | ^~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:378:29: error: 'parts' is an unsafe buffer that does not perform bounds checks [-Werror,-Wunsafe-buffer-usage] 378 | hb_ot_math_glyph_part_t parts[10]; | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:387:34: note: used in buffer access here 387 | assemblyPart.glyph = parts[i].glyph; | ^~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:388:39: note: used in buffer access here 388 | assemblyPart.isExtender = parts[i].flags & HB_MATH_GLYPH_PART_FLAG_EXTENDER; | ^~~~~ 2 errors generated. /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/skia/ImageBufferUtilitiesSkia.cpp:56:25: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 56 | m_vector.append(std::span { static_cast<const uint8_t*>(data), length }); | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/skia/ImageBufferUtilitiesSkia.cpp:127:16: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 127 | return std::span<const uint8_t> { reinterpret_cast<const uint8_t*>(data->data()), data->size() }; | ^ 2 errors generated. /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:77:37: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 77 | auto currentCharacter = m_segment[m_segmentIndex++]; | ^~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:98:15: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 98 | if (++m_iteratorCurrent == m_iteratorEnd) { | ^~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:127:17: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 127 | data.append(std::span { m_segment + m_segmentIndex, availableInSegment }); | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:127:29: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 127 | data.append(std::span { m_segment + m_segmentIndex, availableInSegment }); | ^~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:132:10: error: 'currentSegment' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage] 132 | auto currentSegment = m_iteratorCurrent; | ~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:134:31: note: used in pointer arithmetic here 134 | while (requestedSize && ++currentSegment != m_iteratorEnd) { | ^~~~~~~~~~~~~~ 5 errors generated.
Attachments
Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2025-01-06 13:39:07 PST
Additional errors: /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:170:78: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 170 | const Vector<ScalableImageDecoderFrame>::iterator end(m_frameBufferCache.begin() + clearBeforeFrame); | ~~~~~~~~~~~~~~~~~~~^~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:190:49: error: 'i' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage] 190 | Vector<ScalableImageDecoderFrame>::iterator i(end); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:191:158: note: used in pointer arithmetic here 191 | for (; (i != m_frameBufferCache.begin()) && (i->isInvalid() || (i->disposalMethod() == ScalableImageDecoderFrame::DisposalMethod::RestoreToPrevious)); --i) { | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:197:54: error: 'j' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage] 197 | for (Vector<ScalableImageDecoderFrame>::iterator j(m_frameBufferCache.begin()); j != i; ++j) { | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:197:95: note: used in pointer arithmetic here 197 | for (Vector<ScalableImageDecoderFrame>::iterator j(m_frameBufferCache.begin()); j != i; ++j) { | ^ GIFImageReader: /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:452:29: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 452 | m_screenWidth = GETINT16(currentComponent.data()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:453:30: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 453 | m_screenHeight = GETINT16(currentComponent.data() + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:453:56: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 453 | m_screenHeight = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:453:56: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 453 | m_screenHeight = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:587:39: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 587 | currentFrame->delayTime = GETINT16(currentComponent.data() + 1) * 10; | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:587:65: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 587 | currentFrame->delayTime = GETINT16(currentComponent.data() + 1) * 10; | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:587:65: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 587 | currentFrame->delayTime = GETINT16(currentComponent.data() + 1) * 10; | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:631:31: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 631 | m_loopCount = GETINT16(currentComponent.data() + 1); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:631:57: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 631 | m_loopCount = GETINT16(currentComponent.data() + 1); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:631:57: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 631 | m_loopCount = GETINT16(currentComponent.data() + 1); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:656:23: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 656 | xOffset = GETINT16(currentComponent.data()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:657:23: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 657 | yOffset = GETINT16(currentComponent.data() + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:657:49: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 657 | yOffset = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:657:49: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 657 | yOffset = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:660:22: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 660 | width = GETINT16(currentComponent.data() + 4); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:660:48: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 660 | width = GETINT16(currentComponent.data() + 4); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:660:48: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 660 | width = GETINT16(currentComponent.data() + 4); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:661:22: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 661 | height = GETINT16(currentComponent.data() + 6); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:661:48: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 661 | height = GETINT16(currentComponent.data() + 6); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ fatal error: too many errors emitted, stopping now [-ferror-limit=] JPEGImageDecoder: /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:213:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 213 | && marker->data[1] == 'C' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:214:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 214 | && marker->data[2] == 'C' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:215:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 215 | && marker->data[3] == '_' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:216:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 216 | && marker->data[4] == 'P' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:217:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 217 | && marker->data[5] == 'R' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:218:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 218 | && marker->data[6] == 'O' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:219:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 219 | && marker->data[7] == 'F' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:220:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 220 | && marker->data[8] == 'I' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:221:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 221 | && marker->data[9] == 'L' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:222:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 222 | && marker->data[10] == 'E' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:223:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 223 | && marker->data[11] == '\0'; | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:233:35: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 233 | unsigned sequenceNumber = marker->data[12]; | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:237:32: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 237 | unsigned markerCount = marker->data[13]; | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:242:23: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 242 | buffer.append(std::span { reinterpret_cast<const uint8_t*>(marker->data + iccHeaderSize), markerSize }); | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:242:68: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 242 | buffer.append(std::span { reinterpret_cast<const uint8_t*>(marker->data + iccHeaderSize), markerSize }); | ^~~~~~~~~~~~ 15 errors generated.
Michael Catanzaro
Comment 2 2025-01-06 14:02:51 PST
Pull request: https://github.com/WebKit/WebKit/pull/38595
EWS
Comment 3 2025-01-07 12:17:45 PST
Committed 288557@main (d950ca99af3e): <https://commits.webkit.org/288557@main> Reviewed commits have been landed. Closing PR #38595 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.