Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(94)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 11446048: The correct type for the size of a chunk of memory is size_t. (Closed)

Created:
8 years ago by Chris Evans
Modified:
7 years, 11 months ago
CC:
chromium-reviews, apatrick_chromium, joi+watch-content_chromium.org, darin-cc_chromium.org, sail+watch_chromium.org, erikwright+watch_chromium.org
Visibility:
Public.

Description

The correct type for the size of a chunk of memory is size_t. By using uint32, we have bugs on 64-bit platforms: callers passing in a size_t, will have their size truncated, potentially allocating a smaller chunk than requested. There are a few places this happens, including on the receiving ends of IPCs(!) However, coversely, other callers of the API might directly assign the memory chunk's length to uint32, leading to a different possible truncation problem. This is guaraded against by limiting operations internally to std::numeric_limits<uint32_t> in size for now. There's some minor cascade effects that make the CL look larger than it is. BUG=164678 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=175987

Patch Set 1 #

Patch Set 2 : #

Patch Set 3 : #

Unified diffs Side-by-side diffs Delta from patch set Stats (+38 lines, -16 lines) Patch
M base/shared_memory.h View 1 2 6 chunks +8 lines, -8 lines 0 comments Download
M base/shared_memory_android.cc View 1 2 1 chunk +3 lines, -0 lines 0 comments Download
M base/shared_memory_nacl.cc View 1 2 3 chunks +7 lines, -2 lines 0 comments Download
M base/shared_memory_posix.cc View 1 2 4 chunks +9 lines, -3 lines 0 comments Download
M base/shared_memory_win.cc View 1 2 3 chunks +8 lines, -2 lines 0 comments Download
M content/browser/renderer_host/render_sandbox_host_linux.cc View 1 2 1 chunk +3 lines, -1 line 0 comments Download

Messages

Total messages: 6 (0 generated)
Chris Evans
@darin: for base/* @jam: for the changes in content/* (looks big but is mechanical)
8 years ago (2012-12-06 20:57:02 UTC) #1
jam
we can't send size_t in the ipc messages because that would break when 32 bit ...
8 years ago (2012-12-06 23:30:29 UTC) #2
cevans
Ok, pausing to reconsider. On Thu, Dec 6, 2012 at 3:30 PM, <jam@chromium.org> wrote: > ...
8 years ago (2012-12-06 23:32:05 UTC) #3
Chris Evans
Splitting out the changes to base/shared_memory* This CL is now focussed just on those changes. ...
8 years ago (2012-12-07 22:28:12 UTC) #4
jam
content lgtm
8 years ago (2012-12-10 22:05:52 UTC) #5
darin (slow to review)
7 years, 11 months ago (2013-01-09 23:10:24 UTC) #6 
LGTM

I like your comment over IM about switching the limits from uint32 to int.

Powered by Google App Engine
This is Rietveld 408576698