This call caused GCC 12's static analyzer to think that we perform an
out-of-bounds write to the v_key Vector. This is obviously incorrect,
and comes from the fact that GCC doesn't properly track whether we use
the inline storage, or the Vector is allocated on the heap.
While searching for a workaround, Sam pointed out that this call is
redundant as `Vector::resize()` already zeroes out the elements, so we
can completely remove it.
Co-authored-by: Sam Atkins <atkinssj@serenityos.org>
In order to reduce our reliance on __builtin_{ffs, clz, ctz, popcount},
this commit removes all calls to these functions and replaces them with
the equivalent functions in AK/BuiltinWrappers.h.
This option is already enabled when building Lagom, so let's enable it
for the main build too. We will no longer be surprised by Lagom Clang
CI builds failing while everything compiles locally.
Furthermore, the stronger `-Wsuggest-override` warning is enabled in
this commit, which enforces the use of the `override` keyword in all
classes, not just those which already have some methods marked as
`override`. This works with both GCC and Clang.
This isn't a complete conversion to ErrorOr<void>, but a good chunk.
The end goal here is to propagate buffer allocation failures to the
caller, and allow the use of TRY() with formatting functions.
Currently, we get the following results
-1 - -2 = -1
-2 - -1 = 1
Correct would be:
-1 - -2 = 1
-2 - -1 = -1
This was already attempted to be fixed in 7ed8970, but that change was
incorrect. This directly translates to LibJS BigInts having the same
incorrect behavior - it even was tested.
Same as Vector, ByteBuffer now also signals allocation failure by
returning an ENOMEM Error instead of a bool, allowing us to use the
TRY() and MUST() patterns.
PVS-Studio flagged this, as memset can be optimized away by the compiler
in some cases. We obviously don't want that to ever happen so make sure
to always use `explicit_bzero(..)` which can't be optimized away.
This is primarily to be able to remove the GenericLexer include out of
Format.h as well. A subsequent commit will add AK::Result to
GenericLexer, which will cause naming conflicts with other structures
named Result. This can be avoided (for now) by preventing nearly every
file in the system from implicitly including GenericLexer.
Other changes in this commit are to add the GenericLexer include to
files where it is missing.
The fact that this always reads 16 bytes from the input byte stream
for the key data is still a bit on the suspicious side, but at least
it won't crash UBSAN anymore.
Because MD5 stored a "Bytes {}" wrapper to its internal data buffer,
it was not actually movable. However, its use in several parts of
the system (such as HashManager) assumed it was, leading to crashes.
Fixes#8135
Previously ByteBuffer::grow() behaved like Vector<T>::resize().
However the function name was somewhat ambiguous - and so this patch
updates ByteBuffer to behave more like Vector<T> by replacing grow()
with resize() and adding an ensure_capacity() method.
This also lets the user change the buffer's capacity without affecting
the size which was not previously possible.
Additionally this patch makes the capacity() method public (again).
This only affects malformed RSA keys. Instead of accepting and
continuing with potentially broken pointers (and in ASAN, crashing), we
now consider bitmaps malformed, and stop parsing.
Found by OSS Fuzz: #31698, long-standing-bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31698
Fun fact: The "if" only exists because of OSS Fuzz.
8cc279ed74
Problem:
- Static variables take memory and can be subject to less optimization
(https://serenityos.godbolt.org/z/7EYebr1aa)
- This static variable is only used in 1 place.
Solution:
- Move the variable into the function and make it non-static.
Problem:
- Clang ToT reports an error because `digest_size` cannot be evaluated
at compile-time.
Solution:
- Change from using the member function to the `static` shadow of the
NTTP.
