Index: ui/gfx/geometry/safe_integer_conversions.h |
diff --git a/ui/gfx/geometry/safe_integer_conversions.h b/ui/gfx/geometry/safe_integer_conversions.h |
index 5efe134f0793ba51f1ba0908e04b9c987e638073..eb3c8037fd34002357e2b85298852a491356762e 100644 |
--- a/ui/gfx/geometry/safe_integer_conversions.h |
+++ b/ui/gfx/geometry/safe_integer_conversions.h |
@@ -57,6 +57,52 @@ inline bool IsExpressibleAsInt(float value) { |
return true; |
} |
+// Returns true iff a+b would overflow max int. |
+constexpr bool AddWouldOverflow(int a, int b) { |
+ // In this function, GCC tries to make optimizations that would only |
+ // work if max - a wouldn't overflow but it isn't smart enough to notice that |
+ // a > 0. So cast everything to unsigned to avoid this. As it is guaranteed |
+ // that max - a and b are both already positive, the cast is a noop. |
+ // |
+ // This is intended to be: a > 0 && max - a < b |
+ return a > 0 && b > 0 && |
+ static_cast<unsigned>(std::numeric_limits<int>::max() - a) < |
+ static_cast<unsigned>(b); |
+} |
+ |
+// Returns true iff a+b would underflow min int. |
+constexpr bool AddWouldUnderflow(int a, int b) { |
+ return a < 0 && b < std::numeric_limits<int>::min() - a; |
+} |
+ |
+// Returns true iff a-b would overflow max int. |
+constexpr bool SubtractWouldOverflow(int a, int b) { |
+ return b < 0 && a > std::numeric_limits<int>::max() + b; |
+} |
+ |
+// Returns true iff a-b would underflow min int. |
+constexpr bool SubtractWouldUnderflow(int a, int b) { |
+ return b > 0 && a < std::numeric_limits<int>::min() + b; |
+} |
+ |
+// Safely adds a+b without integer overflow/underflow. Exceeding these |
+// bounds will clamp to the max or min int limit. |
+constexpr int SafeAdd(int a, int b) { |
+ return AddWouldOverflow(a, b) |
+ ? std::numeric_limits<int>::max() |
+ : AddWouldUnderflow(a, b) ? std::numeric_limits<int>::min() |
+ : a + b; |
+} |
+ |
+// Safely subtracts a-b without integer overflow/underflow. Exceeding these |
+// bounds will clamp to the max or min int limit. |
+constexpr int SafeSubtract(int a, int b) { |
+ return SubtractWouldOverflow(a, b) |
+ ? std::numeric_limits<int>::max() |
+ : SubtractWouldUnderflow(a, b) ? std::numeric_limits<int>::min() |
+ : a - b; |
+} |
+ |
} // namespace gfx |
#endif // UI_GFX_GEOMETRY_SAFE_INTEGER_CONVERSIONS_H_ |