WTF: Use base::checked_cast for size casting in Vector constructors [chromium/src : main]
1 view
Skip to first unread message
Kent Tamura (Gerrit)
May 19, 2026, 10:34:29 PMMay 19
to Kent Tamura, Kentaro Hara, Chromium LUCI CQ, android-bu...@system.gserviceaccount.com, chromium...@chromium.org, blink-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Kentaro Hara
Kent Tamura voted and added 1 comment![]( "Open in Gerrit")
Votes added by Kent Tamura
| Auto-Submit | +1 |
| Commit-Queue | +1 |
1 comment
Patchset-level comments
File-level comment, Patchset 3 (Latest):
Kent Tamura . resolved
haraken@, would you review this please?
Related details
Attention is currently required from:
- Kentaro Hara
Submit Requirements:
Code-Coverage
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Kentaro Hara (Gerrit)
May 19, 2026, 10:59:01 PMMay 19
to Kent Tamura, Chromium LUCI CQ, android-bu...@system.gserviceaccount.com, chromium...@chromium.org, blink-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Kent Tamura
Kentaro Hara voted Code-Review+1![]( "Open in Gerrit")
Attention is currently required from:
- Kent Tamura
Submit Requirements:
Code-Coverage
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Kent Tamura (Gerrit)
May 19, 2026, 11:00:45 PMMay 19
to Kent Tamura, Kentaro Hara, Chromium LUCI CQ, android-bu...@system.gserviceaccount.com, chromium...@chromium.org, blink-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Kent Tamura voted Commit-Queue+2![]( "Open in Gerrit")
Submit Requirements:
Code-Coverage
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chromium LUCI CQ (Gerrit)
May 19, 2026, 11:04:14 PMMay 19
to Kent Tamura, Kentaro Hara, android-bu...@system.gserviceaccount.com, chromium...@chromium.org, blink-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Chromium LUCI CQ submitted the change![]( "Open in Gerrit")
Change information
Commit message:
WTF: Use base::checked_cast for size casting in Vector constructors
Initializing a blink::Vector from a base::span or a range uses size_t
for the input size, but blink::Vector internally uses wtf_size_t
(32-bit) for its size representation.
This change introduces base::checked_cast<wtf_size_t> during
construction to ensure that if the input size exceeds the 32-bit limit,
the process crashes safely. This prevents silent integer truncation,
which could otherwise lead to memory safety issues such as buffer
overflows.
No unit tests are added because it is impractical to allocate a 4GB+
buffer to trigger this condition in a standard test environment.
Bug: 514746176
Change-Id: Iff0edf2a1ce40da294c77f9c5eeb5898ac56611b
Reviewed-by: Kentaro Hara <har...@chromium.org>
Commit-Queue: Kent Tamura <tk...@chromium.org>
Auto-Submit: Kent Tamura <tk...@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1633311}
Files:
- M third_party/blink/renderer/platform/wtf/vector.h
Change size: XS
Delta: 1 file changed, 4 insertions(+), 4 deletions(-)
Branch: refs/heads/main
Submit Requirements:
Code-Review: +1 by Kentaro Hara
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages