[webkit-reviews] review granted: [Bug 239024] Fix size computation in WebCore::StorageMap : [Attachment 457147] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Apr 10 16:45:38 PDT 2022
Chris Dumez <cdumez at apple.com> has granted Sihui Liu <sihui_liu at apple.com>'s
request for review:
Bug 239024: Fix size computation in WebCore::StorageMap
https://bugs.webkit.org/show_bug.cgi?id=239024
Attachment 457147: Patch
https://bugs.webkit.org/attachment.cgi?id=457147&action=review
--- Comment #3 from Chris Dumez <cdumez at apple.com> ---
Comment on attachment 457147
--> https://bugs.webkit.org/attachment.cgi?id=457147
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=457147&action=review
r=me
> Source/WebCore/storage/StorageMap.cpp:167
> + for (auto& pair : m_impl->map)
Why not use `for (auto& [key, value] : m_impl->map) {` like you did below?
> Source/WebCore/storage/StorageMap.cpp:168
> + newSize += (pair.key.sizeInBytes() + pair.value.sizeInBytes());
Might need to be written like so for overflow checks:
newSize += (pair.key.sizeInBytes();
newSize += pair.value.sizeInBytes());
Otherwise, there might be an issue if `pair.key.sizeInBytes() +
pair.value.sizeInBytes()` overflows, no?
> Source/WebCore/storage/StorageMap.cpp:174
> + newSize += key.sizeInBytes() + value.sizeInBytes();
Same comment as above about overflows.
More information about the webkit-reviews
mailing list