From 9522a0b7c16414fce2103cf58bfdd63aaf0cb01b Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 3 Nov 2022 14:58:32 -0400 Subject: DRTVWR-575: Fix llcommon assumptions that size_t fits in 4 bytes. It's a little distressing how often we have historically coded S32 or U32 to pass a length or index. There are more such assumptions in other viewer subdirectories, but this is a start. --- indra/llcommon/llsd.cpp | 98 +++++++++++++++++++++++-------------------------- 1 file changed, 45 insertions(+), 53 deletions(-) (limited to 'indra/llcommon/llsd.cpp') diff --git a/indra/llcommon/llsd.cpp b/indra/llcommon/llsd.cpp index 807b3d13f8..8772178b05 100644 --- a/indra/llcommon/llsd.cpp +++ b/indra/llcommon/llsd.cpp @@ -136,10 +136,10 @@ public: virtual void erase(const String&) { } virtual const LLSD& ref(const String&) const{ return undef(); } - virtual int size() const { return 0; } - virtual LLSD get(Integer) const { return LLSD(); } - virtual void erase(Integer) { } - virtual const LLSD& ref(Integer) const { return undef(); } + virtual size_t size() const { return 0; } + virtual LLSD get(size_t) const { return LLSD(); } + virtual void erase(size_t) { } + virtual const LLSD& ref(size_t) const { return undef(); } virtual LLSD::map_const_iterator beginMap() const { return endMap(); } virtual LLSD::map_const_iterator endMap() const { static const std::map empty; return empty.end(); } @@ -272,7 +272,7 @@ namespace virtual LLSD::UUID asUUID() const { return LLUUID(mValue); } virtual LLSD::Date asDate() const { return LLDate(mValue); } virtual LLSD::URI asURI() const { return LLURI(mValue); } - virtual int size() const { return mValue.size(); } + virtual size_t size() const { return mValue.size(); } virtual const LLSD::String& asStringRef() const { return mValue; } }; @@ -377,9 +377,9 @@ namespace virtual bool has(const LLSD::String&) const; - using LLSD::Impl::get; // Unhiding get(LLSD::Integer) - using LLSD::Impl::erase; // Unhiding erase(LLSD::Integer) - using LLSD::Impl::ref; // Unhiding ref(LLSD::Integer) + using LLSD::Impl::get; // Unhiding get(size_t) + using LLSD::Impl::erase; // Unhiding erase(size_t) + using LLSD::Impl::ref; // Unhiding ref(size_t) virtual LLSD get(const LLSD::String&) const; virtual LLSD getKeys() const; void insert(const LLSD::String& k, const LLSD& v); @@ -387,7 +387,7 @@ namespace LLSD& ref(const LLSD::String&); virtual const LLSD& ref(const LLSD::String&) const; - virtual int size() const { return mData.size(); } + virtual size_t size() const { return mData.size(); } LLSD::map_iterator beginMap() { return mData.begin(); } LLSD::map_iterator endMap() { return mData.end(); } @@ -518,14 +518,14 @@ namespace using LLSD::Impl::get; // Unhiding get(LLSD::String) using LLSD::Impl::erase; // Unhiding erase(LLSD::String) using LLSD::Impl::ref; // Unhiding ref(LLSD::String) - virtual int size() const; - virtual LLSD get(LLSD::Integer) const; - void set(LLSD::Integer, const LLSD&); - void insert(LLSD::Integer, const LLSD&); + virtual size_t size() const; + virtual LLSD get(size_t) const; + void set(size_t, const LLSD&); + void insert(size_t, const LLSD&); LLSD& append(const LLSD&); - virtual void erase(LLSD::Integer); - LLSD& ref(LLSD::Integer); - virtual const LLSD& ref(LLSD::Integer) const; + virtual void erase(size_t); + LLSD& ref(size_t); + virtual const LLSD& ref(size_t) const; LLSD::array_iterator beginArray() { return mData.begin(); } LLSD::array_iterator endArray() { return mData.end(); } @@ -550,85 +550,77 @@ namespace return *this; } } - - int ImplArray::size() const { return mData.size(); } - - LLSD ImplArray::get(LLSD::Integer i) const + + size_t ImplArray::size() const { return mData.size(); } + + LLSD ImplArray::get(size_t i) const { - if (i < 0) { return LLSD(); } DataVector::size_type index = i; - + return (index < mData.size()) ? mData[index] : LLSD(); } - - void ImplArray::set(LLSD::Integer i, const LLSD& v) + + void ImplArray::set(size_t i, const LLSD& v) { - if (i < 0) { return; } DataVector::size_type index = i; - + if (index >= mData.size()) { mData.resize(index + 1); } - + mData[index] = v; } - - void ImplArray::insert(LLSD::Integer i, const LLSD& v) + + void ImplArray::insert(size_t i, const LLSD& v) { - if (i < 0) - { - return; - } DataVector::size_type index = i; - + if (index >= mData.size()) // tbd - sanity check limit for index ? { mData.resize(index + 1); } - + mData.insert(mData.begin() + index, v); } - + LLSD& ImplArray::append(const LLSD& v) { mData.push_back(v); return mData.back(); } - - void ImplArray::erase(LLSD::Integer i) + + void ImplArray::erase(size_t i) { - if (i < 0) { return; } DataVector::size_type index = i; - + if (index < mData.size()) { mData.erase(mData.begin() + index); } } - - LLSD& ImplArray::ref(LLSD::Integer i) + + LLSD& ImplArray::ref(size_t i) { - DataVector::size_type index = i >= 0 ? i : 0; - + DataVector::size_type index = i; + if (index >= mData.size()) { mData.resize(i + 1); } - + return mData[index]; } - const LLSD& ImplArray::ref(LLSD::Integer i) const + const LLSD& ImplArray::ref(size_t i) const { - if (i < 0) { return undef(); } DataVector::size_type index = i; - + if (index >= mData.size()) { return undef(); } - + return mData[index]; } @@ -912,7 +904,7 @@ LLSD LLSD::emptyArray() return v; } -int LLSD::size() const { return safe(impl).size(); } +size_t LLSD::size() const { return safe(impl).size(); } LLSD LLSD::get(Integer i) const { return safe(impl).get(i); } void LLSD::set(Integer i, const LLSD& v){ makeArray(impl).set(i, v); } @@ -926,12 +918,12 @@ LLSD& LLSD::with(Integer i, const LLSD& v) LLSD& LLSD::append(const LLSD& v) { return makeArray(impl).append(v); } void LLSD::erase(Integer i) { makeArray(impl).erase(i); } -LLSD& LLSD::operator[](Integer i) +LLSD& LLSD::operator[](size_t i) { LL_PROFILE_ZONE_SCOPED_CATEGORY_LLSD; return makeArray(impl).ref(i); } -const LLSD& LLSD::operator[](Integer i) const +const LLSD& LLSD::operator[](size_t i) const { LL_PROFILE_ZONE_SCOPED_CATEGORY_LLSD; return safe(impl).ref(i); @@ -956,7 +948,7 @@ static const char *llsd_dump(const LLSD &llsd, bool useXMLFormat) out << LLSDNotationStreamer(llsd); out_string = out.str(); } - int len = out_string.length(); + auto len = out_string.length(); sStorage = new char[len + 1]; memcpy(sStorage, out_string.c_str(), len); sStorage[len] = '\0'; -- cgit v1.2.3 From 4349cb6165e983ff6bdd45ad1b82bb98bfc0436f Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Sat, 12 Nov 2022 18:59:21 -1000 Subject: DRTVWR-575: Address review comments on Xcode 14.1 type tweaks. Introduce LLSD template constructors and assignment operators to disambiguate construction or assignment from any integer type to Integer, likewise any floating point type to Real. Use new narrow() function to validate conversions. For LLSD method parameters converted from LLSD::Integer to size_t, where the method previously checked for a negative argument, make it now check for size_t converted from negative: in other words, more than S32_MAX. The risk of having a parameter forced from negative to unsigned exceeds the risk of a valid length or index over that max. In lltracerecording.cpp's PeriodicRecording, now that mCurPeriod and mNumRecordedPeriods are size_t instead of S32, defend against subtracting 1 from 0. Use narrow() to validate newly-introduced narrowing conversions. Make llclamp() return the type of the raw input value, even if the types of the boundary values differ. std::ostream::tellp() no longer returns a value we can directly report as a number. Cast to U64. --- indra/llcommon/llsd.cpp | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'indra/llcommon/llsd.cpp') diff --git a/indra/llcommon/llsd.cpp b/indra/llcommon/llsd.cpp index 8772178b05..a645e624f8 100644 --- a/indra/llcommon/llsd.cpp +++ b/indra/llcommon/llsd.cpp @@ -36,6 +36,18 @@ #include "llsdserialize.h" #include "stringize.h" +#include + +// Defend against a caller forcibly passing a negative number into an unsigned +// size_t index param +inline +bool was_negative(size_t i) +{ + return (i > std::numeric_limits::max()); +} +#define NEGATIVE_EXIT(i) if (was_negative(i)) return +#define NEGATIVE_RETURN(i, result) NEGATIVE_EXIT(i) (result) + #ifndef LL_RELEASE_FOR_DOWNLOAD #define NAME_UNNAMED_NAMESPACE #endif @@ -555,6 +567,7 @@ namespace LLSD ImplArray::get(size_t i) const { + NEGATIVE_RETURN(i, LLSD()); DataVector::size_type index = i; return (index < mData.size()) ? mData[index] : LLSD(); @@ -562,6 +575,7 @@ namespace void ImplArray::set(size_t i, const LLSD& v) { + NEGATIVE_EXIT(i); DataVector::size_type index = i; if (index >= mData.size()) @@ -574,6 +588,7 @@ namespace void ImplArray::insert(size_t i, const LLSD& v) { + NEGATIVE_EXIT(i); DataVector::size_type index = i; if (index >= mData.size()) // tbd - sanity check limit for index ? @@ -592,6 +607,7 @@ namespace void ImplArray::erase(size_t i) { + NEGATIVE_EXIT(i); DataVector::size_type index = i; if (index < mData.size()) @@ -602,7 +618,7 @@ namespace LLSD& ImplArray::ref(size_t i) { - DataVector::size_type index = i; + DataVector::size_type index = was_negative(i)? 0 : i; if (index >= mData.size()) { @@ -614,6 +630,7 @@ namespace const LLSD& ImplArray::ref(size_t i) const { + NEGATIVE_RETURN(i, undef()); DataVector::size_type index = i; if (index >= mData.size()) @@ -833,9 +850,6 @@ LLSD::LLSD(const Date& v) : impl(0) { ALLOC_LLSD_OBJECT; assign(v); } LLSD::LLSD(const URI& v) : impl(0) { ALLOC_LLSD_OBJECT; assign(v); } LLSD::LLSD(const Binary& v) : impl(0) { ALLOC_LLSD_OBJECT; assign(v); } -// Convenience Constructors -LLSD::LLSD(F32 v) : impl(0) { ALLOC_LLSD_OBJECT; assign((Real)v); } - // Scalar Assignment void LLSD::assign(Boolean v) { safe(impl).assign(impl, v); } void LLSD::assign(Integer v) { safe(impl).assign(impl, v); } -- cgit v1.2.3