Bug 309163
| Summary: | REGRESSION(308608@main): [JSC] Clang 21 reports unsafe buffer usage warnings | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Adrian Perez <aperez> |
| Component: | WebKit API | Assignee: | Adrian Perez <aperez> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=309060 | ||
Adrian Perez
They are listed as warnings because I was building without -Werror. Bots didn't catch this because they use Clang 18 and these diagnostics have been improving since. We should tackle those before updating the Clang version used by the bots, because they build with -Werror:
../Source/JavaScriptCore/API/glib/JSCContext.cpp:882:98: warning: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Wunsafe-buffer-usage-in-container]
882 | JSValueRef result = evaluateScriptInContext(context->priv->jsContext.get(), String::fromUTF8(std::span(code, length < 0 ? strlen(code) : length)), uri, lineNumber, &exception);
| ^
../Source/JavaScriptCore/API/glib/JSCContext.cpp:882:127: warning: function 'strlen' is unsafe [-Wunsafe-buffer-usage-in-libc-call]
882 | JSValueRef result = evaluateScriptInContext(context->priv->jsContext.get(), String::fromUTF8(std::span(code, length < 0 ? strlen(code) : length)), uri, lineNumber, &exception);
| ^~~~~~~~~~~~
../Source/JavaScriptCore/API/glib/JSCContext.cpp:922:87: warning: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Wunsafe-buffer-usage-in-container]
922 | JSValueRef result = evaluateScriptInContext(objectContext.get(), String::fromUTF8(std::span(code, length < 0 ? strlen(code) : length)), uri, lineNumber, &exception);
| ^
../Source/JavaScriptCore/API/glib/JSCContext.cpp:922:116: warning: function 'strlen' is unsafe [-Wunsafe-buffer-usage-in-libc-call]
922 | JSValueRef result = evaluateScriptInContext(objectContext.get(), String::fromUTF8(std::span(code, length < 0 ? strlen(code) : length)), uri, lineNumber, &exception);
| ^~~~~~~~~~~~
../Source/JavaScriptCore/API/glib/JSCContext.cpp:982:63: warning: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Wunsafe-buffer-usage-in-container]
982 | JSC::SourceCode source = JSC::makeSource(String::fromUTF8(std::span(code, length < 0 ? strlen(code) : length)), JSC::SourceOrigin { sourceURL }, JSC::SourceTaintedOrigin::Untainted,
| ^
../Source/JavaScriptCore/API/glib/JSCContext.cpp:982:92: warning: function 'strlen' is unsafe [-Wunsafe-buffer-usage-in-libc-call]
982 | JSC::SourceCode source = JSC::makeSource(String::fromUTF8(std::span(code, length < 0 ? strlen(code) : length)), JSC::SourceOrigin { sourceURL }, JSC::SourceTaintedOrigin::Untainted,
| ^~~~~~~~~~~~
6 warnings generated.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Adrian Perez
Pull request: https://github.com/WebKit/WebKit/pull/59889
EWS
Committed 308689@main (d93be1ab7ae7): <https://commits.webkit.org/308689@main>
Reviewed commits have been landed. Closing PR #59889 and removing active labels.
Radar WebKit Bug Importer
<rdar://problem/171794956>