base/safe_numerics.h - Issue 11886037: Add numeric_cast for checked integral narrowing casts

Side by Side Diff: base/safe_numerics.h

Issue 11886037: Add numeric_cast for checked integral narrowing casts (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: rename to safe_numerics Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef BASE_NUMERIC_CAST_H_
	darin (slow to review) 2013/01/15 18:53:29 nit: fix include guard. or maybe the file name nu nit: fix include guard. or maybe the file name numeric_cast.h would be better? afterall, that is the name of the method being defined. usually, it works best if the file name and key class or function name match. helps people remember what to include or what to call. jschuh 2013/01/15 19:07:32 This was my request. I want to put the safe_numeri Show quoted text On 2013/01/15 18:53:29, darin wrote: > nit: fix include guard. or maybe the file name numeric_cast.h would be better? > afterall, that is the name of the method being defined. usually, it works best > if the file name and key class or function name match. helps people remember > what to include or what to call. This was my request. I want to put the safe_numeric classes in this file. The cast operation is just the easiest one to implement, and the one we need asap. scottmg 2013/01/15 19:30:17 Justin wanted it called safe_numerics with the int Show quoted text On 2013/01/15 18:53:29, darin wrote: > nit: fix include guard. or maybe the file name numeric_cast.h would be better? > afterall, that is the name of the method being defined. usually, it works best > if the file name and key class or function name match. helps people remember > what to include or what to call. Justin wanted it called safe_numerics with the intention that there would be more things (other math operations) added to it soon. I'm ambivalent either way if separate/narrow headers seem better. (Fixed include guard for now)
	6 #define BASE_NUMERIC_CAST_H_

	7

	8 #include <limits>

	9

	10 #include "base/logging.h"

	11

	12 namespace base {

	13

	14 // numeric_cast<> is analogous to static_cast<> for numeric types, except that

	15 // it CHECKs that the specified numeric conversion will not overflow or

	16 // underflow. Floating point arguments are not currently allowed (this is

	17 // COMPILE_ASSERTd), though this could be supported if necessary.

	18

	19 // The main test for whether the conversion will under or overflow.

	20 template <class Dest, class Source>
	darin (slow to review) 2013/01/15 18:53:29 this feels like implementation detail. perhaps it this feels like implementation detail. perhaps it should live in the "internal" namespace so that people don't use it directly. that is, i assume you mean for the public API to just be the numeric_cast<> function, right? scottmg 2013/01/15 19:30:17 Done. Show quoted text On 2013/01/15 18:53:29, darin wrote: > this feels like implementation detail. perhaps it should live in the "internal" > namespace so that people don't use it directly. that is, i assume you mean for > the public API to just be the numeric_cast<> function, right? Done.
	21 inline bool IsNumericCastableTo(Source source) {
	darin (slow to review) 2013/01/15 18:53:29 nit: IsValidNumericCast? nit: IsValidNumericCast? scottmg 2013/01/15 19:30:17 Done. Show quoted text On 2013/01/15 18:53:29, darin wrote: > nit: IsValidNumericCast? Done.
	22 typedef std::numeric_limits<Source> source_limits;
	darin (slow to review) 2013/01/15 18:53:29 nit: typedefs are usually MixedCase... SourceLimit nit: typedefs are usually MixedCase... SourceLimits and DestLimits scottmg 2013/01/15 19:30:17 Done. Show quoted text On 2013/01/15 18:53:29, darin wrote: > nit: typedefs are usually MixedCase... SourceLimits and DestLimits Done.
	23 typedef std::numeric_limits<Dest> dest_limits;

	24 COMPILE_ASSERT(source_limits::is_specialized, argument_must_be_numeric);

	25 COMPILE_ASSERT(source_limits::is_integer, argument_must_be_integral);

	26 COMPILE_ASSERT(dest_limits::is_specialized, result_must_be_numeric);

	27 COMPILE_ASSERT(dest_limits::is_integer, result_must_be_integral);

	28

	29 // Source and Dest are the same.

	30 if (dest_limits::digits == source_limits::digits &&

	31 dest_limits::is_signed == source_limits::is_signed)

	32 return true;

	33

	34 // Dest is wider, check for loss of sign if Dest is not signed.

	35 if (dest_limits::digits > source_limits::digits)

	36 return dest_limits::is_signed \|\| source >= 0;

	37

	38 // Otherwise, Dest is narrower than Source.

	39

	40 // Check for underflow.

	41 if (source_limits::is_signed && // Don't need to check if source is unsigned.

	42 source < static_cast<Source>(dest_limits::min()))

	43 return false;

	44

	45 // Or overflow.

	46 return source <= static_cast<Source>(dest_limits::max());

	47 }

	48

	49 template <class Dest, class Source>

	50 inline Dest numeric_cast(Source source) {

	51 CHECK(IsNumericCastableTo<Dest>(source));

	52 return static_cast<Dest>(source);

	53 }

	54

	55 } // namespace base

	56

	57 #endif // BASE_NUMERIC_CAST_H_

OLD	NEW

« base/base.gyp ('K') | « base/base.gyp ('k') | base/safe_numerics_unittest.cc » ('j') | base/safe_numerics_unittest.cc » ('J')