DescriptionWebCrypto: [refactor] Use "unsigned" rather than "size_t" for buffer sizes in the public API.
Justification:
I have noticed some instances where the Chromium-side implementation is directly passing this "size_t" as the buffer length to NSS.
NSS however expects buffer lengths as "unsigned int", and the C++ compiler implicitly converts the "size_t" to an "unsigned int". This conversion is dangerous, since theoretically it could result in truncation of the buffer length given to NSS. (Under LP64 datamodel for instance).
Chromium's compilation settings don't warn about such issues.
In practice this isn't a problem, and likely never will be, since in Blink ArrayBuffers are limited to lengths of 2^32-1.
It is therefore a good idea to pass a narrower datatype in the API to make this obvious. Embedder shouldn't have to worry about dealing with buffer sizes in the full range of size_t.
BUG=245025
Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=157532
Patch Set 1 #Patch Set 2 : Add missing file #Patch Set 3 : Add deprecated method to keep chromium compiling #Patch Set 4 : Add ifdef so it compiles properly on 32-bit systems #Patch Set 5 : add an ifdef to coordinate with chromium side #
Messages
Total messages: 11 (0 generated)
|