Files
platform-external-webrtc/webrtc/base/safe_conversions_impl.h
Tommi d44c077dce Revert of Safe numeric library: base/numerics (copied from Chromium) (patchset #11 id:250001 of https://codereview.webrtc.org/1753293002/ )
Reason for revert:
Looks like the Chrome iOS build is broken because of these two changes.  So I'm going to have to revert.  Here's the error:

https://build.chromium.org/p/tryserver.chromium.mac/builders/ios_rel_device_ninja/builds/185624/steps/compile/logs/stdio

FAILED: rm -f arch/libsafe_numerics.arm64.a && ./gyp-mac-tool filter-libtool libtool  -static -o arch/libsafe_numerics.arm64.a
error: /Applications/Xcode7.0.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/libtool: no files specified
Usage: /Applications/Xcode7.0.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/libtool -static [-] file [...] [-filelist listfile[,dirname]] [-arch_only arch] [-sacLT] [-no_warning_for_no_symbols]
Usage: /Applications/Xcode7.0.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/libtool -dynamic [-] file [...] [-filelist listfile[,dirname]] [-arch_only arch] [-o output] [-install_name name] [-compatibility_version #] [-current_version #] [-seg1addr 0x#] [-segs_read_only_addr 0x#] [-segs_read_write_addr 0x#] [-seg_addr_table <filename>] [-seg_addr_table_filename <file_system_path>] [-all_load] [-noall_load]
FAILED: rm -f arch/libsafe_numerics.armv7.a && ./gyp-mac-tool filter-libtool libtool  -static -o arch/libsafe_numerics.armv7.a
error: /Applications/Xcode7.0.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/libtool: no files specified
Usage: /Applications/Xcode7.0.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/libtool -static [-] file [...] [-filelist listfile[,dirname]] [-arch_only arch] [-sacLT] [-no_warning_for_no_symbols]
Usage: /Applications/Xcode7.0.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/libtool -dynamic [-] file [...] [-filelist listfile[,dirname]] [-arch_only arch] [-o output] [-install_name name] [-compatibility_version #] [-current_version #] [-seg1addr 0x#] [-segs_read_only_addr 0x#] [-segs_read_write_addr 0x#] [-seg_addr_table <filename>] [-seg_addr_table_filename <file_system_path>] [-all_load] [-noall_load]
ninja: build stopped: subcommand failed.

Original issue's description:
> Safe numeric library added: base/numerics (copied from Chromium)
>
> This copies the contents (unittest excluded) of base/numerics in
> chromium to base/numerics in webrtc. Files added:
> - safe_conversions.h
> - safe_conversions_impl.h
> - safe_math.h
> - safe_math_impl.h
>
> A really old version of safe_conversions[_impl].h previously existed in
> base/, this has been deleted and sources using it have been updated
> to include the new base/numerics/safe_converions.h.
>
> This CL also adds a DEPS file to webrtc/base.
>
> NOPRESUBMIT=True
> BUG=webrtc:5548, webrtc:5623
>
> Committed: https://crrev.com/de1c81b2d2196be611674aa6019b9db3a9329042
> Cr-Commit-Position: refs/heads/master@{#11907}

TBR=kjellander@webrtc.org,kwiberg@webrtc.org,tina.legrand@webrtc.org,hbos@webrtc.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=webrtc:5548, webrtc:5623

Review URL: https://codereview.webrtc.org/1792613002 .

Cr-Commit-Position: refs/heads/master@{#11965}
2016-03-12 01:12:40 +00:00

189 lines
7.2 KiB
C++

/*
* Copyright 2014 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
// Borrowed from Chromium's src/base/numerics/safe_conversions_impl.h.
#ifndef WEBRTC_BASE_SAFE_CONVERSIONS_IMPL_H_
#define WEBRTC_BASE_SAFE_CONVERSIONS_IMPL_H_
#include <limits>
namespace rtc {
namespace internal {
enum DstSign {
DST_UNSIGNED,
DST_SIGNED
};
enum SrcSign {
SRC_UNSIGNED,
SRC_SIGNED
};
enum DstRange {
OVERLAPS_RANGE,
CONTAINS_RANGE
};
// Helper templates to statically determine if our destination type can contain
// all values represented by the source type.
template <typename Dst, typename Src,
DstSign IsDstSigned = std::numeric_limits<Dst>::is_signed ?
DST_SIGNED : DST_UNSIGNED,
SrcSign IsSrcSigned = std::numeric_limits<Src>::is_signed ?
SRC_SIGNED : SRC_UNSIGNED>
struct StaticRangeCheck {};
template <typename Dst, typename Src>
struct StaticRangeCheck<Dst, Src, DST_SIGNED, SRC_SIGNED> {
typedef std::numeric_limits<Dst> DstLimits;
typedef std::numeric_limits<Src> SrcLimits;
// Compare based on max_exponent, which we must compute for integrals.
static const size_t kDstMaxExponent = DstLimits::is_iec559 ?
DstLimits::max_exponent :
(sizeof(Dst) * 8 - 1);
static const size_t kSrcMaxExponent = SrcLimits::is_iec559 ?
SrcLimits::max_exponent :
(sizeof(Src) * 8 - 1);
static const DstRange value = kDstMaxExponent >= kSrcMaxExponent ?
CONTAINS_RANGE : OVERLAPS_RANGE;
};
template <typename Dst, typename Src>
struct StaticRangeCheck<Dst, Src, DST_UNSIGNED, SRC_UNSIGNED> {
static const DstRange value = sizeof(Dst) >= sizeof(Src) ?
CONTAINS_RANGE : OVERLAPS_RANGE;
};
template <typename Dst, typename Src>
struct StaticRangeCheck<Dst, Src, DST_SIGNED, SRC_UNSIGNED> {
typedef std::numeric_limits<Dst> DstLimits;
typedef std::numeric_limits<Src> SrcLimits;
// Compare based on max_exponent, which we must compute for integrals.
static const size_t kDstMaxExponent = DstLimits::is_iec559 ?
DstLimits::max_exponent :
(sizeof(Dst) * 8 - 1);
static const size_t kSrcMaxExponent = sizeof(Src) * 8;
static const DstRange value = kDstMaxExponent >= kSrcMaxExponent ?
CONTAINS_RANGE : OVERLAPS_RANGE;
};
template <typename Dst, typename Src>
struct StaticRangeCheck<Dst, Src, DST_UNSIGNED, SRC_SIGNED> {
static const DstRange value = OVERLAPS_RANGE;
};
enum RangeCheckResult {
TYPE_VALID = 0, // Value can be represented by the destination type.
TYPE_UNDERFLOW = 1, // Value would overflow.
TYPE_OVERFLOW = 2, // Value would underflow.
TYPE_INVALID = 3 // Source value is invalid (i.e. NaN).
};
// This macro creates a RangeCheckResult from an upper and lower bound
// check by taking advantage of the fact that only NaN can be out of range in
// both directions at once.
#define BASE_NUMERIC_RANGE_CHECK_RESULT(is_in_upper_bound, is_in_lower_bound) \
RangeCheckResult(((is_in_upper_bound) ? 0 : TYPE_OVERFLOW) | \
((is_in_lower_bound) ? 0 : TYPE_UNDERFLOW))
template <typename Dst,
typename Src,
DstSign IsDstSigned = std::numeric_limits<Dst>::is_signed ?
DST_SIGNED : DST_UNSIGNED,
SrcSign IsSrcSigned = std::numeric_limits<Src>::is_signed ?
SRC_SIGNED : SRC_UNSIGNED,
DstRange IsSrcRangeContained = StaticRangeCheck<Dst, Src>::value>
struct RangeCheckImpl {};
// The following templates are for ranges that must be verified at runtime. We
// split it into checks based on signedness to avoid confusing casts and
// compiler warnings on signed an unsigned comparisons.
// Dst range always contains the result: nothing to check.
template <typename Dst, typename Src, DstSign IsDstSigned, SrcSign IsSrcSigned>
struct RangeCheckImpl<Dst, Src, IsDstSigned, IsSrcSigned, CONTAINS_RANGE> {
static RangeCheckResult Check(Src value) {
return TYPE_VALID;
}
};
// Signed to signed narrowing.
template <typename Dst, typename Src>
struct RangeCheckImpl<Dst, Src, DST_SIGNED, SRC_SIGNED, OVERLAPS_RANGE> {
static RangeCheckResult Check(Src value) {
typedef std::numeric_limits<Dst> DstLimits;
return DstLimits::is_iec559 ?
BASE_NUMERIC_RANGE_CHECK_RESULT(
value <= static_cast<Src>(DstLimits::max()),
value >= static_cast<Src>(DstLimits::max() * -1)) :
BASE_NUMERIC_RANGE_CHECK_RESULT(
value <= static_cast<Src>(DstLimits::max()),
value >= static_cast<Src>(DstLimits::min()));
}
};
// Unsigned to unsigned narrowing.
template <typename Dst, typename Src>
struct RangeCheckImpl<Dst, Src, DST_UNSIGNED, SRC_UNSIGNED, OVERLAPS_RANGE> {
static RangeCheckResult Check(Src value) {
typedef std::numeric_limits<Dst> DstLimits;
return BASE_NUMERIC_RANGE_CHECK_RESULT(
value <= static_cast<Src>(DstLimits::max()), true);
}
};
// Unsigned to signed.
template <typename Dst, typename Src>
struct RangeCheckImpl<Dst, Src, DST_SIGNED, SRC_UNSIGNED, OVERLAPS_RANGE> {
static RangeCheckResult Check(Src value) {
typedef std::numeric_limits<Dst> DstLimits;
return sizeof(Dst) > sizeof(Src) ? TYPE_VALID :
BASE_NUMERIC_RANGE_CHECK_RESULT(
value <= static_cast<Src>(DstLimits::max()), true);
}
};
// Signed to unsigned.
template <typename Dst, typename Src>
struct RangeCheckImpl<Dst, Src, DST_UNSIGNED, SRC_SIGNED, OVERLAPS_RANGE> {
static RangeCheckResult Check(Src value) {
typedef std::numeric_limits<Dst> DstLimits;
typedef std::numeric_limits<Src> SrcLimits;
// Compare based on max_exponent, which we must compute for integrals.
static const size_t kDstMaxExponent = sizeof(Dst) * 8;
static const size_t kSrcMaxExponent = SrcLimits::is_iec559 ?
SrcLimits::max_exponent :
(sizeof(Src) * 8 - 1);
return (kDstMaxExponent >= kSrcMaxExponent) ?
BASE_NUMERIC_RANGE_CHECK_RESULT(true, value >= static_cast<Src>(0)) :
BASE_NUMERIC_RANGE_CHECK_RESULT(
value <= static_cast<Src>(DstLimits::max()),
value >= static_cast<Src>(0));
}
};
template <typename Dst, typename Src>
inline RangeCheckResult RangeCheck(Src value) {
static_assert(std::numeric_limits<Src>::is_specialized,
"argument must be numeric");
static_assert(std::numeric_limits<Dst>::is_specialized,
"result must be numeric");
return RangeCheckImpl<Dst, Src>::Check(value);
}
} // namespace internal
} // namespace rtc
#endif // WEBRTC_BASE_SAFE_CONVERSIONS_IMPL_H_