Fix dangling raw_ptr errors and related issues (see #3239)

- Use raw_ptr in class container fields. - Use defined lifespan for StreamReaderURLLoader. - Fix lifespan assumptions for WebContents/RFH usage.
2025-06-05 21:39:12 +02:00 · 2024-05-13 17:36:09 -04:00
parent aad216bf56
commit 6354d8daf1
62 changed files with 644 additions and 484 deletions
--- a/libcef/browser/stream_impl.cc
+++ b/libcef/browser/stream_impl.cc
@@ -6,8 +6,11 @@

 #include <stdlib.h>

+#include <algorithm>
+
 #include "base/files/file_util.h"
 #include "base/logging.h"
+#include "base/numerics/safe_conversions.h"
 #include "base/threading/thread_restrictions.h"

 // Static functions
@@ -33,7 +36,7 @@ CefRefPtr<CefStreamReader> CefStreamReader::CreateForData(void* data,
  DCHECK(size > 0);
  CefRefPtr<CefStreamReader> reader;
  if (data && size > 0) {
-    reader = new CefBytesReader(data, size, true);
+    reader = new CefBytesReader(data, size);
  }
  return reader;
 }
@@ -147,19 +150,15 @@ int CefFileWriter::Flush() {

 // CefBytesReader

-CefBytesReader::CefBytesReader(void* data, int64_t datasize, bool copy) {
-  SetData(data, datasize, copy);
-}
-
-CefBytesReader::~CefBytesReader() {
-  SetData(nullptr, 0, false);
+CefBytesReader::CefBytesReader(void* data, int64_t datasize) {
+  SetData(data, datasize);
 }

 size_t CefBytesReader::Read(void* ptr, size_t size, size_t n) {
  base::AutoLock lock_scope(lock_);
-  size_t s = (datasize_ - offset_) / size;
-  size_t ret = (n < s ? n : s);
-  memcpy(ptr, (reinterpret_cast<char*>(data_.get())) + offset_, ret * size);
+  size_t s = (data_.size() - offset_) / size;
+  size_t ret = std::min(n, s);
+  memcpy(ptr, data_.data() + offset_, ret * size);
  offset_ += ret * size;
  return ret;
 }
@@ -167,9 +166,12 @@ size_t CefBytesReader::Read(void* ptr, size_t size, size_t n) {
 int CefBytesReader::Seek(int64_t offset, int whence) {
  int rv = -1L;
  base::AutoLock lock_scope(lock_);
+
+  const int64_t size = base::checked_cast<int64_t>(data_.size());
+
  switch (whence) {
    case SEEK_CUR:
-      if (offset_ + offset > datasize_ || offset_ + offset < 0) {
+      if (offset_ + offset > size || offset_ + offset < 0) {
        break;
      }
      offset_ += offset;
@@ -177,15 +179,15 @@ int CefBytesReader::Seek(int64_t offset, int whence) {
      break;
    case SEEK_END: {
      int64_t offset_abs = std::abs(offset);
-      if (offset_abs > datasize_) {
+      if (offset_abs > size) {
        break;
      }
-      offset_ = datasize_ - offset_abs;
+      offset_ = size - offset_abs;
      rv = 0;
      break;
    }
    case SEEK_SET:
-      if (offset > datasize_ || offset < 0) {
+      if (offset > size || offset < 0) {
        break;
      }
      offset_ = offset;
@@ -203,120 +205,20 @@ int64_t CefBytesReader::Tell() {

 int CefBytesReader::Eof() {
  base::AutoLock lock_scope(lock_);
-  return (offset_ >= datasize_);
+  return (offset_ >= base::checked_cast<int64_t>(data_.size()));
 }

-void CefBytesReader::SetData(void* data, int64_t datasize, bool copy) {
+void CefBytesReader::SetData(void* data, int64_t datasize) {
  base::AutoLock lock_scope(lock_);
-  if (copy_) {
-    free(data_);
-  }

-  copy_ = copy;
  offset_ = 0;
-  datasize_ = datasize;

-  if (copy) {
-    data_ = malloc(datasize);
-    DCHECK(data_ != nullptr);
-    if (data_) {
-      memcpy(data_, data, datasize);
-    }
+  if (data && datasize > 0) {
+    data_.reserve(datasize);
+    std::copy(static_cast<unsigned char*>(data),
+              static_cast<unsigned char*>(data) + datasize,
+              std::back_inserter(data_));
  } else {
-    data_ = data;
+    data_.clear();
  }
 }
-
-// CefBytesWriter
-
-CefBytesWriter::CefBytesWriter(size_t grow) : grow_(grow), datasize_(grow) {
-  DCHECK(grow > 0);
-  data_ = malloc(grow);
-  DCHECK(data_ != nullptr);
-}
-
-CefBytesWriter::~CefBytesWriter() {
-  base::AutoLock lock_scope(lock_);
-  if (data_) {
-    free(data_);
-  }
-}
-
-size_t CefBytesWriter::Write(const void* ptr, size_t size, size_t n) {
-  base::AutoLock lock_scope(lock_);
-  size_t rv;
-  if (offset_ + static_cast<int64_t>(size * n) >= datasize_ &&
-      Grow(size * n) == 0) {
-    rv = 0;
-  } else {
-    memcpy(reinterpret_cast<char*>(data_.get()) + offset_, ptr, size * n);
-    offset_ += size * n;
-    rv = n;
-  }
-
-  return rv;
-}
-
-int CefBytesWriter::Seek(int64_t offset, int whence) {
-  int rv = -1L;
-  base::AutoLock lock_scope(lock_);
-  switch (whence) {
-    case SEEK_CUR:
-      if (offset_ + offset > datasize_ || offset_ + offset < 0) {
-        break;
-      }
-      offset_ += offset;
-      rv = 0;
-      break;
-    case SEEK_END: {
-      int64_t offset_abs = std::abs(offset);
-      if (offset_abs > datasize_) {
-        break;
-      }
-      offset_ = datasize_ - offset_abs;
-      rv = 0;
-      break;
-    }
-    case SEEK_SET:
-      if (offset > datasize_ || offset < 0) {
-        break;
-      }
-      offset_ = offset;
-      rv = 0;
-      break;
-  }
-
-  return rv;
-}
-
-int64_t CefBytesWriter::Tell() {
-  base::AutoLock lock_scope(lock_);
-  return offset_;
-}
-
-int CefBytesWriter::Flush() {
-  return 0;
-}
-
-std::string CefBytesWriter::GetDataString() {
-  base::AutoLock lock_scope(lock_);
-  std::string str(reinterpret_cast<char*>(data_.get()), offset_);
-  return str;
-}
-
-size_t CefBytesWriter::Grow(size_t size) {
-  base::AutoLock lock_scope(lock_);
-  size_t rv;
-  size_t s = (size > grow_ ? size : grow_);
-  void* tmp = realloc(data_, datasize_ + s);
-  DCHECK(tmp != nullptr);
-  if (tmp) {
-    data_ = tmp;
-    datasize_ += s;
-    rv = datasize_;
-  } else {
-    rv = 0;
-  }
-
-  return rv;
-}