[WTF] Do an unsigned comparison with snprintf's output and buffer size #35053

AZero13 · 2024-10-11T18:35:55Z

[WTF] Do an unsigned comparison with snprintf's output and buffer size
https://bugs.webkit.org/show_bug.cgi?id=281317

Reviewed by NOBODY (OOPS!).

This lets us catch errors that would result in a negative value and buffer
overruns in one go.

* Source/WTF/wtf/DataLog.cpp:
(WTF::setDataFile): Compare return value unsigned so that negative
values return false.
* Source/WTF/wtf/playstation/FileSystemPlayStation.cpp:
(WTF::FileSystemImpl::listDirectorySub): Ditto.
* Source/WTF/wtf/posix/FileSystemPOSIX.cpp:
(WTF::FileSystemImpl::openTemporaryFile): Ditto.

4b4e50c

Misc	iOS, visionOS, tvOS & watchOS	macOS	Linux	Windows
✅ 🧪 style	✅ 🛠 ios	✅ 🛠 mac	✅ 🛠 wpe	✅ 🛠 win
	✅ 🛠 ios-sim	✅ 🛠 mac-AS-debug	✅ 🧪 wpe-wk2	✅ 🧪 win-tests
✅ 🧪 webkitperl	✅ 🧪 ios-wk2	✅ 🧪 api-mac	✅ 🧪 api-wpe
	✅ 🧪 ios-wk2-wpt	✅ 🧪 mac-wk1	✅ 🛠 wpe-cairo
✅ 🛠 🧪 jsc	✅ 🧪 api-ios	✅ 🧪 mac-wk2	✅ 🛠 gtk
✅ 🛠 🧪 jsc-arm64	✅ 🛠 vision	✅ 🧪 mac-AS-debug-wk2	✅ 🧪 gtk-wk2
	✅ 🛠 vision-sim	✅ 🧪 mac-wk2-stress	✅ 🧪 api-gtk
	✅ 🧪 vision-wk2	✅ 🧪 mac-intel-wk2	~~🛠 playstation~~
	✅ 🛠 tv	✅ 🛠 mac-safer-cpp	✅ 🛠 jsc-armv7
	✅ 🛠 tv-sim		❌ 🧪 jsc-armv7-tests
	✅ 🛠 watch
	✅ 🛠 watch-sim

webkit-early-warning-system · 2024-10-11T18:36:02Z

EWS run on previous version of this PR (hash fe32143)

Misc	iOS, visionOS, tvOS & watchOS	macOS	Linux	Windows
✅ 🧪 style	~~🛠 ios~~	✅ 🛠 mac	~~🛠 wpe~~	~~🛠 win~~
	✅ 🛠 ios-sim	~~🛠 mac-AS-debug~~	~~🧪 wpe-wk2~~	~~🧪 win-tests~~
✅ 🧪 webkitperl	⏳ 🧪 ios-wk2	⏳ 🧪 api-mac	~~🧪 api-wpe~~
	⏳ 🧪 ios-wk2-wpt	⏳ 🧪 mac-wk1	✅ 🛠 wpe-cairo
~~🛠 🧪 jsc~~	⏳ 🧪 api-ios	~~🧪 mac-wk2~~	~~🛠 gtk~~
~~🛠 🧪 jsc-arm64~~	~~🛠 vision~~	~~🧪 mac-AS-debug-wk2~~	~~🧪 gtk-wk2~~
	~~🛠 vision-sim~~	~~🧪 mac-wk2-stress~~	~~🧪 api-gtk~~
	⏳ 🧪 vision-wk2	⏳ 🧪 mac-intel-wk2	✅ 🛠 jsc-armv7
	~~🛠 tv~~		⏳ 🧪 jsc-armv7-tests
	~~🛠 tv-sim~~
	~~🛠 watch~~
	~~🛠 watch-sim~~

webkit-early-warning-system · 2024-10-11T18:40:44Z

EWS run on previous version of this PR (hash f8f09d4)

Misc	iOS, visionOS, tvOS & watchOS	macOS	Linux	Windows
✅ 🧪 style	✅ 🛠 ios	✅ 🛠 mac	✅ 🛠 wpe	✅ 🛠 win
	✅ 🛠 ios-sim	✅ 🛠 mac-AS-debug	✅ 🧪 wpe-wk2	✅ 🧪 win-tests
✅ 🧪 webkitperl	✅ 🧪 ios-wk2	✅ 🧪 api-mac	✅ 🧪 api-wpe
	✅ 🧪 ios-wk2-wpt	✅ 🧪 mac-wk1	✅ 🛠 wpe-cairo
✅ 🛠 🧪 jsc	✅ 🧪 api-ios	✅ 🧪 mac-wk2	✅ 🛠 gtk
✅ 🛠 🧪 jsc-arm64	✅ 🛠 vision	✅ 🧪 mac-AS-debug-wk2	✅ 🧪 gtk-wk2
	✅ 🛠 vision-sim	✅ 🧪 mac-wk2-stress	✅ 🧪 api-gtk
	✅ 🧪 vision-wk2	✅ 🧪 mac-intel-wk2	✅ 🛠 jsc-armv7
	✅ 🛠 tv		✅ 🧪 jsc-armv7-tests
	✅ 🛠 tv-sim
	✅ 🛠 watch
	✅ 🛠 watch-sim

webkit-early-warning-system · 2024-10-14T21:20:53Z

EWS run on previous version of this PR (hash eeb8a22)

Misc	iOS, visionOS, tvOS & watchOS	macOS	Linux	Windows
✅ 🧪 style	✅ 🛠 ios	✅ 🛠 mac	✅ 🛠 wpe	✅ 🛠 win
	✅ 🛠 ios-sim	✅ 🛠 mac-AS-debug	~~🧪 wpe-wk2~~	✅ 🧪 win-tests
✅ 🧪 webkitperl	✅ 🧪 ios-wk2	✅ 🧪 api-mac	❌ 🧪 api-wpe
	✅ 🧪 ios-wk2-wpt	✅ 🧪 mac-wk1	✅ 🛠 wpe-cairo
✅ 🛠 🧪 jsc	✅ 🧪 api-ios	✅ 🧪 mac-wk2	✅ 🛠 gtk
✅ 🛠 🧪 jsc-arm64	✅ 🛠 vision	✅ 🧪 mac-AS-debug-wk2	⏳ 🧪 gtk-wk2
	✅ 🛠 vision-sim	✅ 🧪 mac-wk2-stress	✅ 🧪 api-gtk
	✅ 🧪 vision-wk2	✅ 🧪 mac-intel-wk2	✅ 🛠 jsc-armv7
	✅ 🛠 tv		✅ 🧪 jsc-armv7-tests
	✅ 🛠 tv-sim
	✅ 🛠 watch
	✅ 🛠 watch-sim

webkit-early-warning-system · 2024-10-15T02:14:16Z

EWS run on previous version of this PR (hash 8f50629)

Misc	iOS, visionOS, tvOS & watchOS	macOS	Linux	Windows
✅ 🧪 style	✅ 🛠 ios	✅ 🛠 mac	✅ 🛠 wpe	✅ 🛠 win
	✅ 🛠 ios-sim	✅ 🛠 mac-AS-debug	✅ 🧪 wpe-wk2	✅ 🧪 win-tests
✅ 🧪 webkitperl	✅ 🧪 ios-wk2	✅ 🧪 api-mac	✅ 🧪 api-wpe
	✅ 🧪 ios-wk2-wpt	✅ 🧪 mac-wk1	✅ 🛠 wpe-cairo
✅ 🛠 🧪 jsc	✅ 🧪 api-ios	✅ 🧪 mac-wk2	✅ 🛠 gtk
✅ 🛠 🧪 jsc-arm64	✅ 🛠 vision	✅ 🧪 mac-AS-debug-wk2	✅ 🧪 gtk-wk2
	✅ 🛠 vision-sim	✅ 🧪 mac-wk2-stress	✅ 🧪 api-gtk
	✅ 🧪 vision-wk2	✅ 🧪 mac-intel-wk2	⏳ 🛠 playstation
	✅ 🛠 tv		✅ 🛠 jsc-armv7
	✅ 🛠 tv-sim		✅ 🧪 jsc-armv7-tests
	✅ 🛠 watch
	✅ 🛠 watch-sim

https://bugs.webkit.org/show_bug.cgi?id=281317 Reviewed by NOBODY (OOPS!). This lets us catch errors that would result in a negative value and buffer overruns in one go. * Source/WTF/wtf/DataLog.cpp: (WTF::setDataFile): Compare return value unsigned so that negative values return false.

webkit-early-warning-system · 2025-03-05T19:03:48Z

EWS run on current version of this PR (hash 4b4e50c)

Misc	iOS, visionOS, tvOS & watchOS	macOS	Linux	Windows
✅ 🧪 style	✅ 🛠 ios	✅ 🛠 mac	✅ 🛠 wpe	✅ 🛠 win
	✅ 🛠 ios-sim	✅ 🛠 mac-AS-debug	✅ 🧪 wpe-wk2	✅ 🧪 win-tests
✅ 🧪 webkitperl	✅ 🧪 ios-wk2	✅ 🧪 api-mac	✅ 🧪 api-wpe
	✅ 🧪 ios-wk2-wpt	✅ 🧪 mac-wk1	✅ 🛠 wpe-cairo
✅ 🛠 🧪 jsc	✅ 🧪 api-ios	✅ 🧪 mac-wk2	✅ 🛠 gtk
✅ 🛠 🧪 jsc-arm64	✅ 🛠 vision	✅ 🧪 mac-AS-debug-wk2	✅ 🧪 gtk-wk2
	✅ 🛠 vision-sim	✅ 🧪 mac-wk2-stress	✅ 🧪 api-gtk
	✅ 🧪 vision-wk2	✅ 🧪 mac-intel-wk2	~~🛠 playstation~~
	✅ 🛠 tv	✅ 🛠 mac-safer-cpp	✅ 🛠 jsc-armv7
	✅ 🛠 tv-sim		❌ 🧪 jsc-armv7-tests
	✅ 🛠 watch
	✅ 🛠 watch-sim

AZero13 force-pushed the snprintf2 branch from fe32143 to f8f09d4 Compare October 11, 2024 18:40

Ahmad-S792 assigned AZero13 Oct 11, 2024

Ahmad-S792 requested review from donny-dont and fujii October 13, 2024 11:01

AZero13 force-pushed the snprintf2 branch from f8f09d4 to eeb8a22 Compare October 14, 2024 21:20

AZero13 force-pushed the snprintf2 branch from eeb8a22 to 8f50629 Compare October 15, 2024 02:14

AZero13 force-pushed the snprintf2 branch from 8f50629 to 4b4e50c Compare March 5, 2025 19:03

AZero13 closed this Mar 5, 2025

AZero13 reopened this Mar 5, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[WTF] Do an unsigned comparison with snprintf's output and buffer size #35053

[WTF] Do an unsigned comparison with snprintf's output and buffer size #35053

Uh oh!

AZero13 commented Oct 11, 2024 •

edited by webkit-early-warning-system

Loading

Uh oh!

webkit-early-warning-system commented Oct 11, 2024 •

edited

Loading

Uh oh!

webkit-early-warning-system commented Oct 11, 2024 •

edited

Loading

Uh oh!

webkit-early-warning-system commented Oct 14, 2024 •

edited

Loading

Uh oh!

webkit-early-warning-system commented Oct 15, 2024 •

edited

Loading

Uh oh!

webkit-early-warning-system commented Mar 5, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

[WTF] Do an unsigned comparison with snprintf's output and buffer size #35053

Are you sure you want to change the base?

[WTF] Do an unsigned comparison with snprintf's output and buffer size #35053

Uh oh!

Conversation

AZero13 commented Oct 11, 2024 • edited by webkit-early-warning-system Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

webkit-early-warning-system commented Oct 11, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

webkit-early-warning-system commented Oct 11, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

webkit-early-warning-system commented Oct 14, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

webkit-early-warning-system commented Oct 15, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

webkit-early-warning-system commented Mar 5, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

AZero13 commented Oct 11, 2024 •

edited by webkit-early-warning-system

Loading

webkit-early-warning-system commented Oct 11, 2024 •

edited

Loading

webkit-early-warning-system commented Oct 11, 2024 •

edited

Loading

webkit-early-warning-system commented Oct 14, 2024 •

edited

Loading

webkit-early-warning-system commented Oct 15, 2024 •

edited

Loading

webkit-early-warning-system commented Mar 5, 2025 •

edited

Loading