base/rand_util.cc - Issue 1419703005: Add missing overflow handling to base::RandInt().

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: base/rand_util.cc

Issue 1419703005: Add missing overflow handling to base::RandInt(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: stdint hyyyyyyype Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: base/rand_util.cc

diff --git a/base/rand_util.cc b/base/rand_util.cc

index 931eb4e943e646e2f39e2848b33683247b5b4725..e12088e54344a9f0ba2de21d45a0cd467bd016df 100644

--- a/base/rand_util.cc

+++ b/base/rand_util.cc

@@ -10,7 +10,6 @@

#include <algorithm>

#include <limits>

-#include "base/basictypes.h"

#include "base/logging.h"

#include "base/strings/string_util.h"

@@ -19,8 +18,11 @@ namespace base {

int RandInt(int min, int max) {

DCHECK_LE(min, max);

- uint64 range = static_cast<uint64>(max) - min + 1;

- int result = min + static_cast<int>(base::RandGenerator(range));

+ uint64_t range = static_cast<uint64_t>(max) - min + 1;

+ // |range| is at most UINT_MAX + 1, so the result of RandGenerator(range)

+ // is at most UINT_MAX. Hence it's safe to cast it from uint64_t to int64_t.

+ int result =

+ static_cast<int>(min + static_cast<int64_t>(base::RandGenerator(range)));

DCHECK_GE(result, min);

DCHECK_LE(result, max);

return result;

@@ -30,7 +32,7 @@ double RandDouble() {

return BitsToOpenEndedUnitInterval(base::RandUint64());

}

-double BitsToOpenEndedUnitInterval(uint64 bits) {

+double BitsToOpenEndedUnitInterval(uint64_t bits) {

// We try to get maximum precision by masking out as many bits as will fit

// in the target type's mantissa, and raising it to an appropriate power to

// produce output in the range [0, 1). For IEEE 754 doubles, the mantissa

@@ -38,23 +40,23 @@ double BitsToOpenEndedUnitInterval(uint64 bits) {

COMPILE_ASSERT(std::numeric_limits<double>::radix == 2, otherwise_use_scalbn);

static const int kBits = std::numeric_limits<double>::digits;

- uint64 random_bits = bits & ((UINT64_C(1) << kBits) - 1);

+ uint64_t random_bits = bits & ((UINT64_C(1) << kBits) - 1);

double result = ldexp(static_cast<double>(random_bits), -1 * kBits);

DCHECK_GE(result, 0.0);

DCHECK_LT(result, 1.0);

return result;

}

-uint64 RandGenerator(uint64 range) {

+uint64_t RandGenerator(uint64_t range) {

DCHECK_GT(range, 0u);

// We must discard random results above this number, as they would

// make the random generator non-uniform (consider e.g. if

// MAX_UINT64 was 7 and |range| was 5, then a result of 1 would be twice

// as likely as a result of 3 or 4).

- uint64 max_acceptable_value =

- (std::numeric_limits<uint64>::max() / range) * range - 1;

+ uint64_t max_acceptable_value =

+ (std::numeric_limits<uint64_t>::max() / range) * range - 1;

- uint64 value;

+ uint64_t value;

do {

value = base::RandUint64();

} while (value > max_acceptable_value);

« no previous file with comments | « no previous file | base/rand_util_unittest.cc » ('j') | no next file with comments »