WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
285462
Fix various -Werror=unsafe-buffer-usage build failures
https://bugs.webkit.org/show_bug.cgi?id=285462
Summary
Fix various -Werror=unsafe-buffer-usage build failures
Michael Catanzaro
Reported
2025-01-06 13:26:08 PST
/home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:365:32: error: 'variants' is an unsafe buffer that does not perform bounds checks [-Werror,-Wunsafe-buffer-usage] 365 | hb_ot_math_glyph_variant_t variants[10]; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:374:33: note: used in buffer access here 374 | sizeVariants.append(variants[i].glyph); | ^~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:378:29: error: 'parts' is an unsafe buffer that does not perform bounds checks [-Werror,-Wunsafe-buffer-usage] 378 | hb_ot_math_glyph_part_t parts[10]; | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:387:34: note: used in buffer access here 387 | assemblyPart.glyph = parts[i].glyph; | ^~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/opentype/OpenTypeMathData.cpp:388:39: note: used in buffer access here 388 | assemblyPart.isExtender = parts[i].flags & HB_MATH_GLYPH_PART_FLAG_EXTENDER; | ^~~~~ 2 errors generated. /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/skia/ImageBufferUtilitiesSkia.cpp:56:25: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 56 | m_vector.append(std::span { static_cast<const uint8_t*>(data), length }); | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/graphics/skia/ImageBufferUtilitiesSkia.cpp:127:16: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 127 | return std::span<const uint8_t> { reinterpret_cast<const uint8_t*>(data->data()), data->size() }; | ^ 2 errors generated. /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:77:37: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 77 | auto currentCharacter = m_segment[m_segmentIndex++]; | ^~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:98:15: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 98 | if (++m_iteratorCurrent == m_iteratorEnd) { | ^~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:127:17: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 127 | data.append(std::span { m_segment + m_segmentIndex, availableInSegment }); | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:127:29: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 127 | data.append(std::span { m_segment + m_segmentIndex, availableInSegment }); | ^~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:132:10: error: 'currentSegment' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage] 132 | auto currentSegment = m_iteratorCurrent; | ~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBufferChunkReader.cpp:134:31: note: used in pointer arithmetic here 134 | while (requestedSize && ++currentSegment != m_iteratorEnd) { | ^~~~~~~~~~~~~~ 5 errors generated.
Attachments
Add attachment
proposed patch, testcase, etc.
Michael Catanzaro
Comment 1
2025-01-06 13:39:07 PST
Additional errors: /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:170:78: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 170 | const Vector<ScalableImageDecoderFrame>::iterator end(m_frameBufferCache.begin() + clearBeforeFrame); | ~~~~~~~~~~~~~~~~~~~^~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:190:49: error: 'i' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage] 190 | Vector<ScalableImageDecoderFrame>::iterator i(end); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:191:158: note: used in pointer arithmetic here 191 | for (; (i != m_frameBufferCache.begin()) && (i->isInvalid() || (i->disposalMethod() == ScalableImageDecoderFrame::DisposalMethod::RestoreToPrevious)); --i) { | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:197:54: error: 'j' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage] 197 | for (Vector<ScalableImageDecoderFrame>::iterator j(m_frameBufferCache.begin()); j != i; ++j) { | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:197:95: note: used in pointer arithmetic here 197 | for (Vector<ScalableImageDecoderFrame>::iterator j(m_frameBufferCache.begin()); j != i; ++j) { | ^ GIFImageReader: /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:452:29: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 452 | m_screenWidth = GETINT16(currentComponent.data()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:453:30: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 453 | m_screenHeight = GETINT16(currentComponent.data() + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:453:56: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 453 | m_screenHeight = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:453:56: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 453 | m_screenHeight = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:587:39: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 587 | currentFrame->delayTime = GETINT16(currentComponent.data() + 1) * 10; | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:587:65: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 587 | currentFrame->delayTime = GETINT16(currentComponent.data() + 1) * 10; | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:587:65: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 587 | currentFrame->delayTime = GETINT16(currentComponent.data() + 1) * 10; | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:631:31: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 631 | m_loopCount = GETINT16(currentComponent.data() + 1); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:631:57: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 631 | m_loopCount = GETINT16(currentComponent.data() + 1); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:631:57: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 631 | m_loopCount = GETINT16(currentComponent.data() + 1); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:656:23: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 656 | xOffset = GETINT16(currentComponent.data()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:657:23: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 657 | yOffset = GETINT16(currentComponent.data() + 2); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:657:49: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 657 | yOffset = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:657:49: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 657 | yOffset = GETINT16(currentComponent.data() + 2); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:660:22: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 660 | width = GETINT16(currentComponent.data() + 4); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:660:48: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 660 | width = GETINT16(currentComponent.data() + 4); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:660:48: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 660 | width = GETINT16(currentComponent.data() + 4); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:35: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:661:22: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 661 | height = GETINT16(currentComponent.data() + 6); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:24: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:661:48: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 661 | height = GETINT16(currentComponent.data() + 6); | ~~~~~~~~~~~~~~~~~^~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:103:25: note: expanded from macro 'GETINT16' 103 | #define GETINT16(p) ((p)[1]<<8|(p)[0]) | ^ fatal error: too many errors emitted, stopping now [-ferror-limit=] JPEGImageDecoder: /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:213:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 213 | && marker->data[1] == 'C' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:214:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 214 | && marker->data[2] == 'C' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:215:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 215 | && marker->data[3] == '_' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:216:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 216 | && marker->data[4] == 'P' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:217:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 217 | && marker->data[5] == 'R' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:218:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 218 | && marker->data[6] == 'O' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:219:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 219 | && marker->data[7] == 'F' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:220:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 220 | && marker->data[8] == 'I' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:221:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 221 | && marker->data[9] == 'L' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:222:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 222 | && marker->data[10] == 'E' | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:223:12: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 223 | && marker->data[11] == '\0'; | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:233:35: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 233 | unsigned sequenceNumber = marker->data[12]; | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:237:32: error: unsafe buffer access [-Werror,-Wunsafe-buffer-usage] 237 | unsigned markerCount = marker->data[13]; | ^~~~~~~~~~~~ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:242:23: error: the two-parameter std::span construction is unsafe as it can introduce mismatch between buffer size and the bound information [-Werror,-Wunsafe-buffer-usage-in-container] 242 | buffer.append(std::span { reinterpret_cast<const uint8_t*>(marker->data + iccHeaderSize), markerSize }); | ^ /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp:242:68: error: unsafe pointer arithmetic [-Werror,-Wunsafe-buffer-usage] 242 | buffer.append(std::span { reinterpret_cast<const uint8_t*>(marker->data + iccHeaderSize), markerSize }); | ^~~~~~~~~~~~ 15 errors generated.
Michael Catanzaro
Comment 2
2025-01-06 14:02:51 PST
Pull request:
https://github.com/WebKit/WebKit/pull/38595
EWS
Comment 3
2025-01-07 12:17:45 PST
Committed
288557@main
(d950ca99af3e): <
https://commits.webkit.org/288557@main
> Reviewed commits have been landed. Closing PR #38595 and removing active labels.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug