diff options
| author | Stephan Bergmann <sbergman@redhat.com> | 2020-01-27 09:30:39 +0100 |
|---|---|---|
| committer | Stephan Bergmann <sbergman@redhat.com> | 2020-01-28 07:42:15 +0100 |
| commit | aef7feb3e695ecf6d411f0777196dcc4281e201a (patch) | |
| tree | 6adff7e08e6431ff87c575d026e330badb9a6cd3 /editeng/source | |
| parent | 65f007c629e5a7b2710e21e3f26164b433576e27 (diff) | |
New loplugin:unsignedcompare
"Find explicit casts from signed to unsigned integer in comparison against
unsigned integer, where the cast is presumably used to avoid warnings about
signed vs. unsigned comparisons, and could thus be replaced with
o3tl::make_unsigned for clairty." (compilerplugins/clang/unsignedcompare.cxx)
o3tl::make_unsigned requires its argument to be non-negative, and there is a
chance that some original code like
static_cast<sal_uInt32>(n) >= c
used the explicit cast to actually force a (potentially negative) value of
sal_Int32 to be interpreted as an unsigned sal_uInt32, rather than using the
cast to avoid a false "signed vs. unsigned comparison" warning in a case where
n is known to be non-negative. It appears that restricting this plugin to non-
equality comparisons (<, >, <=, >=) and excluding equality comparisons (==, !=)
is a useful heuristic to avoid such false positives. The only remainging false
positive I found was 0288c8ffecff4956a52b9147d441979941e8b87f "Rephrase cast
from sal_Int32 to sal_uInt32".
But which of course does not mean that there were no further false positivies
that I missed. So this commit may accidentally introduce some false hits of the
assert in o3tl::make_unsigned. At least, it passed a full (Linux ASan+UBSan
--enable-dbgutil) `make check && make screenshot`.
It is by design that o3tl::make_unsigned only accepts signed integer parameter
types (and is not defined as a nop for unsigned ones), to avoid unnecessary uses
which would in general be suspicious. But the STATIC_ARRAY_SELECT macro in
include/oox/helper/helper.hxx is used with both signed and unsigned types, so
needs a little oox::detail::make_unsigned helper function for now. (The
ultimate fix being to get rid of the macro in the first place.)
Change-Id: Ia4adc9f44c70ad1dfd608784cac39ee922c32175
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87556
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Diffstat (limited to 'editeng/source')
| -rw-r--r-- | editeng/source/accessibility/AccessibleParaManager.cxx | 35 | ||||
| -rw-r--r-- | editeng/source/editeng/editobj.cxx | 12 | ||||
| -rw-r--r-- | editeng/source/editeng/edtspell.cxx | 3 | ||||
| -rw-r--r-- | editeng/source/editeng/impedit2.cxx | 5 | ||||
| -rw-r--r-- | editeng/source/editeng/impedit3.cxx | 3 | ||||
| -rw-r--r-- | editeng/source/editeng/impedit4.cxx | 3 | ||||
| -rw-r--r-- | editeng/source/items/textitem.cxx | 3 | ||||
| -rw-r--r-- | editeng/source/outliner/outliner.cxx | 3 | ||||
| -rw-r--r-- | editeng/source/outliner/outlobj.cxx | 5 | ||||
| -rw-r--r-- | editeng/source/outliner/paralist.cxx | 10 | ||||
| -rw-r--r-- | editeng/source/outliner/paralist.hxx | 3 | ||||
| -rw-r--r-- | editeng/source/uno/unotext2.cxx | 3 |
12 files changed, 50 insertions, 38 deletions
diff --git a/editeng/source/accessibility/AccessibleParaManager.cxx b/editeng/source/accessibility/AccessibleParaManager.cxx index 737e07468096..2fb3006da7b7 100644 --- a/editeng/source/accessibility/AccessibleParaManager.cxx +++ b/editeng/source/accessibility/AccessibleParaManager.cxx @@ -23,6 +23,7 @@ #include <com/sun/star/uno/Any.hxx> #include <com/sun/star/uno/Reference.hxx> +#include <o3tl/safeint.hxx> #include <sal/log.hxx> #include <tools/debug.hxx> #include <com/sun/star/accessibility/XAccessible.hpp> @@ -62,7 +63,7 @@ namespace accessibility void AccessibleParaManager::SetNum( sal_Int32 nNumParas ) { - if( static_cast<size_t>(nNumParas) < maChildren.size() ) + if( o3tl::make_unsigned(nNumParas) < maChildren.size() ) Release( nNumParas, maChildren.size() ); maChildren.resize( nNumParas ); @@ -95,10 +96,10 @@ namespace accessibility void AccessibleParaManager::FireEvent( sal_Int32 nPara, const sal_Int16 nEventId ) const { - DBG_ASSERT( 0 <= nPara && maChildren.size() > static_cast<size_t>(nPara), + DBG_ASSERT( 0 <= nPara && maChildren.size() > o3tl::make_unsigned(nPara), "AccessibleParaManager::FireEvent: invalid index" ); - if( 0 <= nPara && maChildren.size() > static_cast<size_t>(nPara) ) + if( 0 <= nPara && maChildren.size() > o3tl::make_unsigned(nPara) ) { auto aChild( GetChild( nPara ).first.get() ); if( aChild.is() ) @@ -114,10 +115,10 @@ namespace accessibility bool AccessibleParaManager::IsReferencable( sal_Int32 nChild ) const { - DBG_ASSERT( 0 <= nChild && maChildren.size() > static_cast<size_t>(nChild), + DBG_ASSERT( 0 <= nChild && maChildren.size() > o3tl::make_unsigned(nChild), "AccessibleParaManager::IsReferencable: invalid index" ); - if( 0 <= nChild && maChildren.size() > static_cast<size_t>(nChild) ) + if( 0 <= nChild && maChildren.size() > o3tl::make_unsigned(nChild) ) { // retrieve hard reference from weak one return IsReferencable( GetChild( nChild ).first.get() ); @@ -130,10 +131,10 @@ namespace accessibility AccessibleParaManager::WeakChild AccessibleParaManager::GetChild( sal_Int32 nParagraphIndex ) const { - DBG_ASSERT( 0 <= nParagraphIndex && maChildren.size() > static_cast<size_t>(nParagraphIndex), + DBG_ASSERT( 0 <= nParagraphIndex && maChildren.size() > o3tl::make_unsigned(nParagraphIndex), "AccessibleParaManager::GetChild: invalid index" ); - if( 0 <= nParagraphIndex && maChildren.size() > static_cast<size_t>(nParagraphIndex) ) + if( 0 <= nParagraphIndex && maChildren.size() > o3tl::make_unsigned(nParagraphIndex) ) { return maChildren[ nParagraphIndex ]; } @@ -148,10 +149,10 @@ namespace accessibility SvxEditSourceAdapter& rEditSource, sal_Int32 nParagraphIndex ) { - DBG_ASSERT( 0 <= nParagraphIndex && maChildren.size() > static_cast<size_t>(nParagraphIndex), + DBG_ASSERT( 0 <= nParagraphIndex && maChildren.size() > o3tl::make_unsigned(nParagraphIndex), "AccessibleParaManager::CreateChild: invalid index" ); - if( 0 <= nParagraphIndex && maChildren.size() > static_cast<size_t>(nParagraphIndex) ) + if( 0 <= nParagraphIndex && maChildren.size() > o3tl::make_unsigned(nParagraphIndex) ) { // retrieve hard reference from weak one auto aChild( GetChild( nParagraphIndex ).first.get() ); @@ -318,14 +319,14 @@ namespace accessibility const uno::Any& rOldValue ) const { DBG_ASSERT( 0 <= nStartPara && 0 <= nEndPara && - maChildren.size() > static_cast<size_t>(nStartPara) && - maChildren.size() >= static_cast<size_t>(nEndPara) && + maChildren.size() > o3tl::make_unsigned(nStartPara) && + maChildren.size() >= o3tl::make_unsigned(nEndPara) && nEndPara >= nStartPara, "AccessibleParaManager::FireEvent: invalid index" ); if( 0 <= nStartPara && 0 <= nEndPara && - maChildren.size() > static_cast<size_t>(nStartPara) && - maChildren.size() >= static_cast<size_t>(nEndPara) && + maChildren.size() > o3tl::make_unsigned(nStartPara) && + maChildren.size() >= o3tl::make_unsigned(nEndPara) && nEndPara >= nStartPara ) { VectorOfChildren::const_iterator front = maChildren.begin(); @@ -359,13 +360,13 @@ namespace accessibility void AccessibleParaManager::Release( sal_Int32 nStartPara, sal_Int32 nEndPara ) { DBG_ASSERT( 0 <= nStartPara && 0 <= nEndPara && - maChildren.size() > static_cast<size_t>(nStartPara) && - maChildren.size() >= static_cast<size_t>(nEndPara), + maChildren.size() > o3tl::make_unsigned(nStartPara) && + maChildren.size() >= o3tl::make_unsigned(nEndPara), "AccessibleParaManager::Release: invalid index" ); if( 0 <= nStartPara && 0 <= nEndPara && - maChildren.size() > static_cast<size_t>(nStartPara) && - maChildren.size() >= static_cast<size_t>(nEndPara) ) + maChildren.size() > o3tl::make_unsigned(nStartPara) && + maChildren.size() >= o3tl::make_unsigned(nEndPara) ) { VectorOfChildren::iterator front = maChildren.begin(); VectorOfChildren::iterator back = front; diff --git a/editeng/source/editeng/editobj.cxx b/editeng/source/editeng/editobj.cxx index 80753a950c71..a0f46f0329ee 100644 --- a/editeng/source/editeng/editobj.cxx +++ b/editeng/source/editeng/editobj.cxx @@ -18,6 +18,8 @@ */ #include <memory> + +#include <o3tl/safeint.hxx> #include <sal/log.hxx> #include <editeng/fieldupdater.hxx> @@ -682,7 +684,7 @@ sal_Int32 EditTextObjectImpl::GetParagraphCount() const OUString EditTextObjectImpl::GetText(sal_Int32 nPara) const { - if (nPara < 0 || static_cast<size_t>(nPara) >= aContents.size()) + if (nPara < 0 || o3tl::make_unsigned(nPara) >= aContents.size()) return OUString(); return aContents[nPara]->GetText(); @@ -705,7 +707,7 @@ bool EditTextObjectImpl::HasOnlineSpellErrors() const void EditTextObjectImpl::GetCharAttribs( sal_Int32 nPara, std::vector<EECharAttrib>& rLst ) const { - if (nPara < 0 || static_cast<size_t>(nPara) >= aContents.size()) + if (nPara < 0 || o3tl::make_unsigned(nPara) >= aContents.size()) return; rLst.clear(); @@ -747,7 +749,7 @@ const SvxFieldItem* EditTextObjectImpl::GetField() const const SvxFieldData* EditTextObjectImpl::GetFieldData(sal_Int32 nPara, size_t nPos, sal_Int32 nType) const { - if (nPara < 0 || static_cast<size_t>(nPara) >= aContents.size()) + if (nPara < 0 || o3tl::make_unsigned(nPara) >= aContents.size()) return nullptr; const ContentInfo& rC = *aContents[nPara]; @@ -979,7 +981,7 @@ void EditTextObjectImpl::GetAllSections( std::vector<editeng::Section>& rAttrs ) void EditTextObjectImpl::GetStyleSheet(sal_Int32 nPara, OUString& rName, SfxStyleFamily& rFamily) const { - if (nPara < 0 || static_cast<size_t>(nPara) >= aContents.size()) + if (nPara < 0 || o3tl::make_unsigned(nPara) >= aContents.size()) return; const ContentInfo& rC = *aContents[nPara]; @@ -989,7 +991,7 @@ void EditTextObjectImpl::GetStyleSheet(sal_Int32 nPara, OUString& rName, SfxStyl void EditTextObjectImpl::SetStyleSheet(sal_Int32 nPara, const OUString& rName, const SfxStyleFamily& rFamily) { - if (nPara < 0 || static_cast<size_t>(nPara) >= aContents.size()) + if (nPara < 0 || o3tl::make_unsigned(nPara) >= aContents.size()) return; ContentInfo& rC = *aContents[nPara]; diff --git a/editeng/source/editeng/edtspell.cxx b/editeng/source/editeng/edtspell.cxx index e586a0d9d81f..db4fa899f34d 100644 --- a/editeng/source/editeng/edtspell.cxx +++ b/editeng/source/editeng/edtspell.cxx @@ -20,6 +20,7 @@ #include "impedit.hxx" #include <sal/log.hxx> +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <editeng/editview.hxx> #include <editeng/editeng.hxx> @@ -369,7 +370,7 @@ void WrongList::ClearWrongs( size_t nStart, size_t nEnd, { i->mnStart = nEnd; // Blanks? - while (i->mnStart < static_cast<size_t>(pNode->Len()) && + while (i->mnStart < o3tl::make_unsigned(pNode->Len()) && (pNode->GetChar(i->mnStart) == ' ' || pNode->IsFeature(i->mnStart))) { diff --git a/editeng/source/editeng/impedit2.cxx b/editeng/source/editeng/impedit2.cxx index 30e12bec9a56..805c043aa11f 100644 --- a/editeng/source/editeng/impedit2.cxx +++ b/editeng/source/editeng/impedit2.cxx @@ -50,6 +50,7 @@ #include <com/sun/star/system/XSystemShellExecute.hpp> #include <sal/log.hxx> +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <sot/exchange.hxx> #include <sot/formats.hxx> @@ -2850,14 +2851,14 @@ EditPaM ImpEditEngine::ImpInsertParaBreak( EditPaM& rPaM, bool bKeepEndingAttrib { // Correct only if really a word gets overlapped in the process of // Spell checking - if (elem.mnStart > static_cast<size_t>(nEnd)) + if (elem.mnStart > o3tl::make_unsigned(nEnd)) { pRWrongs->push_back(elem); editeng::MisspellRange& rRWrong = pRWrongs->back(); rRWrong.mnStart = rRWrong.mnStart - nEnd; rRWrong.mnEnd = rRWrong.mnEnd - nEnd; } - else if (elem.mnStart < static_cast<size_t>(nEnd) && elem.mnEnd > static_cast<size_t>(nEnd)) + else if (elem.mnStart < o3tl::make_unsigned(nEnd) && elem.mnEnd > o3tl::make_unsigned(nEnd)) elem.mnEnd = nEnd; } sal_Int32 nInv = nEnd ? nEnd-1 : nEnd; diff --git a/editeng/source/editeng/impedit3.cxx b/editeng/source/editeng/impedit3.cxx index 45205eaa2ab9..6ebd6fa49f48 100644 --- a/editeng/source/editeng/impedit3.cxx +++ b/editeng/source/editeng/impedit3.cxx @@ -65,6 +65,7 @@ #include <comphelper/processfactory.hxx> #include <rtl/ustrbuf.hxx> #include <sal/log.hxx> +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <comphelper/string.hxx> #include <comphelper/lok.hxx> @@ -3410,7 +3411,7 @@ void ImpEditEngine::Paint( OutputDevice* pOutDev, tools::Rectangle aClipRect, Po break; } - if(nStart < static_cast<size_t>(nIndex)) + if(nStart < o3tl::make_unsigned(nIndex)) { nStart = nIndex; } diff --git a/editeng/source/editeng/impedit4.cxx b/editeng/source/editeng/impedit4.cxx index c690b35cd302..6d94c5ef8026 100644 --- a/editeng/source/editeng/impedit4.cxx +++ b/editeng/source/editeng/impedit4.cxx @@ -33,6 +33,7 @@ #include "editobj2.hxx" #include <i18nlangtag/lang.h> #include <sal/log.hxx> +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <editxml.hxx> @@ -2234,7 +2235,7 @@ void ImpEditEngine::DoOnlineSpelling( ContentNode* pThisNodeOnly, bool bSpellAtC EditSelection aSel( aPaM, aPaM ); while ( aSel.Max().GetNode() == pNode ) { - if ( ( static_cast<size_t>(aSel.Min().GetIndex()) > nInvEnd ) + if ( ( o3tl::make_unsigned(aSel.Min().GetIndex()) > nInvEnd ) || ( ( aSel.Max().GetNode() == pLastNode ) && ( aSel.Max().GetIndex() >= pLastNode->Len() ) ) ) break; // Document end or end of invalid region diff --git a/editeng/source/items/textitem.cxx b/editeng/source/items/textitem.cxx index e7e3623f69eb..b24500387a61 100644 --- a/editeng/source/items/textitem.cxx +++ b/editeng/source/items/textitem.cxx @@ -22,6 +22,7 @@ #include <com/sun/star/frame/status/FontHeight.hpp> #include <math.h> #include <sal/log.hxx> +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <unotools/fontdefs.hxx> #include <unotools/intlwrapper.hxx> @@ -712,7 +713,7 @@ static sal_uInt32 lcl_GetRealHeight_Impl(sal_uInt32 nHeight, sal_uInt16 nProp, M default: break; } - nRet = (nDiff < 0 || nRet >= static_cast<unsigned short>(nDiff)) + nRet = (nDiff < 0 || nRet >= o3tl::make_unsigned(nDiff)) ? nRet - nDiff : 0; //TODO: overflow in case nDiff < 0 and nRet - nDiff > SAL_MAX_UINT32 diff --git a/editeng/source/outliner/outliner.cxx b/editeng/source/outliner/outliner.cxx index df08cebbc145..59a56189b2ab 100644 --- a/editeng/source/outliner/outliner.cxx +++ b/editeng/source/outliner/outliner.cxx @@ -47,6 +47,7 @@ #include <svl/itempool.hxx> #include <libxml/xmlwriter.h> #include <sal/log.hxx> +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <memory> @@ -361,7 +362,7 @@ sal_Int32 Outliner::GetBulletsNumberingStatus() const std::unique_ptr<OutlinerParaObject> Outliner::CreateParaObject( sal_Int32 nStartPara, sal_Int32 nCount ) const { if ( static_cast<sal_uLong>(nStartPara) + nCount > - static_cast<sal_uLong>(pParaList->GetParagraphCount()) ) + o3tl::make_unsigned(pParaList->GetParagraphCount()) ) nCount = pParaList->GetParagraphCount() - nStartPara; // When a new OutlinerParaObject is created because a paragraph is just being deleted, diff --git a/editeng/source/outliner/outlobj.cxx b/editeng/source/outliner/outlobj.cxx index 8530c5dda55c..48c7aa02ab08 100644 --- a/editeng/source/outliner/outlobj.cxx +++ b/editeng/source/outliner/outlobj.cxx @@ -26,6 +26,7 @@ #include <osl/diagnose.h> #include <o3tl/cow_wrapper.hxx> +#include <o3tl/safeint.hxx> #include <libxml/xmlwriter.h> OutlinerParaObjData::OutlinerParaObjData( std::unique_ptr<EditTextObject> pEditTextObject, const ParagraphDataVector& rParagraphDataVector, bool bIsEditDoc ) : @@ -169,7 +170,7 @@ sal_Int32 OutlinerParaObject::Count() const sal_Int16 OutlinerParaObject::GetDepth(sal_Int32 nPara) const { - if(0 <= nPara && static_cast<size_t>(nPara) < mpImpl->maParagraphDataVector.size()) + if(0 <= nPara && o3tl::make_unsigned(nPara) < mpImpl->maParagraphDataVector.size()) { return mpImpl->maParagraphDataVector[nPara].getDepth(); } @@ -186,7 +187,7 @@ const EditTextObject& OutlinerParaObject::GetTextObject() const const ParagraphData& OutlinerParaObject::GetParagraphData(sal_Int32 nIndex) const { - if(0 <= nIndex && static_cast<size_t>(nIndex) < mpImpl->maParagraphDataVector.size()) + if(0 <= nIndex && o3tl::make_unsigned(nIndex) < mpImpl->maParagraphDataVector.size()) { return mpImpl->maParagraphDataVector[nIndex]; } diff --git a/editeng/source/outliner/paralist.cxx b/editeng/source/outliner/paralist.cxx index 9bf4e555ea1f..4e03e24c2438 100644 --- a/editeng/source/outliner/paralist.cxx +++ b/editeng/source/outliner/paralist.cxx @@ -22,7 +22,7 @@ #include <editeng/outliner.hxx> #include <editeng/numdef.hxx> - +#include <o3tl/safeint.hxx> #include <osl/diagnose.h> #include <sal/log.hxx> #include <tools/debug.hxx> @@ -103,11 +103,11 @@ void ParagraphList::Append( std::unique_ptr<Paragraph> pPara) void ParagraphList::Insert( std::unique_ptr<Paragraph> pPara, sal_Int32 nAbsPos) { - SAL_WARN_IF( nAbsPos < 0 || (maEntries.size() < static_cast<size_t>(nAbsPos) && nAbsPos != EE_PARA_APPEND), + SAL_WARN_IF( nAbsPos < 0 || (maEntries.size() < o3tl::make_unsigned(nAbsPos) && nAbsPos != EE_PARA_APPEND), "editeng", "ParagraphList::Insert - bad insert position " << nAbsPos); SAL_WARN_IF( maEntries.size() >= EE_PARA_MAX_COUNT, "editeng", "ParagraphList::Insert - overflow"); - if (nAbsPos < 0 || maEntries.size() <= static_cast<size_t>(nAbsPos)) + if (nAbsPos < 0 || maEntries.size() <= o3tl::make_unsigned(nAbsPos)) Append( std::move(pPara) ); else maEntries.insert(maEntries.begin()+nAbsPos, std::move(pPara)); @@ -115,7 +115,7 @@ void ParagraphList::Insert( std::unique_ptr<Paragraph> pPara, sal_Int32 nAbsPos) void ParagraphList::Remove( sal_Int32 nPara ) { - if (nPara < 0 || maEntries.size() <= static_cast<size_t>(nPara)) + if (nPara < 0 || maEntries.size() <= o3tl::make_unsigned(nPara)) { SAL_WARN( "editeng", "ParagraphList::Remove - out of bounds " << nPara); return; @@ -126,7 +126,7 @@ void ParagraphList::Remove( sal_Int32 nPara ) void ParagraphList::MoveParagraphs( sal_Int32 nStart, sal_Int32 nDest, sal_Int32 _nCount ) { - OSL_ASSERT(static_cast<size_t>(nStart) < maEntries.size() && static_cast<size_t>(nDest) < maEntries.size()); + OSL_ASSERT(o3tl::make_unsigned(nStart) < maEntries.size() && o3tl::make_unsigned(nDest) < maEntries.size()); if ( (( nDest < nStart ) || ( nDest >= ( nStart + _nCount ) )) && nStart >= 0 && nDest >= 0 && _nCount >= 0 ) { diff --git a/editeng/source/outliner/paralist.hxx b/editeng/source/outliner/paralist.hxx index 7b78dfcd82b4..0b60ac78eb9c 100644 --- a/editeng/source/outliner/paralist.hxx +++ b/editeng/source/outliner/paralist.hxx @@ -27,6 +27,7 @@ #include <vector> #include <editeng/outliner.hxx> +#include <o3tl/safeint.hxx> #include <tools/link.hxx> class Paragraph; @@ -50,7 +51,7 @@ public: Paragraph* GetParagraph( sal_Int32 nPos ) const { - return 0 <= nPos && static_cast<size_t>(nPos) < maEntries.size() ? maEntries[nPos].get() : nullptr; + return 0 <= nPos && o3tl::make_unsigned(nPos) < maEntries.size() ? maEntries[nPos].get() : nullptr; } sal_Int32 GetAbsPos( Paragraph const * pParent ) const; diff --git a/editeng/source/uno/unotext2.cxx b/editeng/source/uno/unotext2.cxx index 72980c959a9c..4e1591e60acf 100644 --- a/editeng/source/uno/unotext2.cxx +++ b/editeng/source/uno/unotext2.cxx @@ -21,6 +21,7 @@ #include <initializer_list> +#include <o3tl/safeint.hxx> #include <vcl/svapp.hxx> #include <rtl/instance.hxx> @@ -94,7 +95,7 @@ sal_Bool SAL_CALL SvxUnoTextContentEnumeration::hasMoreElements() { SolarMutexGuard aGuard; if( mpEditSource && !maContents.empty() ) - return static_cast<unsigned>(mnNextParagraph) < maContents.size(); + return o3tl::make_unsigned(mnNextParagraph) < maContents.size(); else return false; } |