RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 19:27:45 +00:00
Code Issues Activity Actions

AK: Assert that we don't create StringViews of negative length

Browse source 
Due to us using size_t for the length, the actual value will always be positive.
If, for example, we calculate the length as "0 - 1", we'll get SIZE_T_MAX. What
we can do is check that adding the characters pointer and the length together
doesn't overflow.
This commit is contained in:
Sergey Bugaev 2020-04-30 00:17:54 +03:00 committed by Andreas Kling
parent 361a1b54d7
commit 135d29b498
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
AK/StringView.h
View file

@ -26,6 +26,8 @@
#pragma once #pragma once
#include <AK/Assertions.h>
#include <AK/Checked.h>
#include <AK/Forward.h> #include <AK/Forward.h>
#include <AK/StdLibExtras.h> #include <AK/StdLibExtras.h>
#include <AK/StringUtils.h> #include <AK/StringUtils.h>
@ -41,11 +43,13 @@ public:
: m_characters(characters) : m_characters(characters)
, m_length(length) , m_length(length)
{ {
ASSERT(!Checked<uintptr_t>::addition_would_overflow((uintptr_t)characters, length));
} }
StringView(const unsigned char* characters, size_t length) StringView(const unsigned char* characters, size_t length)
: m_characters((const char*)characters) : m_characters((const char*)characters)
, m_length(length) , m_length(length)
{ {
ASSERT(!Checked<uintptr_t>::addition_would_overflow((uintptr_t)characters, length));
} }
[[gnu::always_inline]] inline StringView(const char* cstring) [[gnu::always_inline]] inline StringView(const char* cstring)
: m_characters(cstring) : m_characters(cstring)