Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3009)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: base/safe_numerics.h

Issue 11886037: Add numeric_cast for checked integral narrowing casts (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: review fixes Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « base/base.gypi ('k') | base/safe_numerics_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: base/safe_numerics.h
diff --git a/base/safe_numerics.h b/base/safe_numerics.h
new file mode 100644
index 0000000000000000000000000000000000000000..0392e270f976b262cd06973bf25738eb6e6a6605
--- /dev/null
+++ b/base/safe_numerics.h
@@ -0,0 +1,59 @@
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef BASE_SAFE_NUMERICS_H_
+#define BASE_SAFE_NUMERICS_H_
+
+#include <limits>
+
+#include "base/logging.h"
+
+namespace base {
+namespace internal {
+
+// The main test for whether the conversion will under or overflow.
+template <class Dest, class Source>
+inline bool IsValidNumericCast(Source source) {
+ typedef std::numeric_limits<Source> SourceLimits;
+ typedef std::numeric_limits<Dest> DestLimits;
+ COMPILE_ASSERT(SourceLimits::is_specialized, argument_must_be_numeric);
+ COMPILE_ASSERT(SourceLimits::is_integer, argument_must_be_integral);
+ COMPILE_ASSERT(DestLimits::is_specialized, result_must_be_numeric);
+ COMPILE_ASSERT(DestLimits::is_integer, result_must_be_integral);
+
+ // Source and Dest are the same.
+ if (DestLimits::digits == SourceLimits::digits &&
+ DestLimits::is_signed == SourceLimits::is_signed)
+ return true;
+
+ // Dest is wider, check for loss of sign if Dest is not signed.
+ if (DestLimits::digits > SourceLimits::digits)
+ return DestLimits::is_signed || source >= 0;
+
+ // Otherwise, Dest is narrower than Source.
+
+ // Check for underflow.
+ if (SourceLimits::is_signed && // Don't need to check if source is unsigned.
+ source < static_cast<Source>(DestLimits::min()))
+ return false;
+
+ // Or overflow.
+ return source <= static_cast<Source>(DestLimits::max());
+}
+
+} // namespace internal
+
+// numeric_cast<> is analogous to static_cast<> for numeric types, except that
+// it CHECKs that the specified numeric conversion will not overflow or
+// underflow. Floating point arguments are not currently allowed (this is
+// COMPILE_ASSERTd), though this could be supported if necessary.
+template <class Dest, class Source>
+inline Dest numeric_cast(Source source) {
+ CHECK(internal::IsValidNumericCast<Dest>(source));
+ return static_cast<Dest>(source);
+}
+
+} // namespace base
brettw 2013/01/15 21:09:50 We've done some extern templates in some cases whi
jschuh 2013/01/15 21:13:27 fwiw, I was planning on just adding a saturating_c
+
+#endif // BASE_SAFE_NUMERICS_H_
« no previous file with comments | « base/base.gypi ('k') | base/safe_numerics_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698