Bug 281919

Summary:	WebCore::DecodedHTMLEntity::span() should use std::span::first()
Product:	WebKit	Reporter:	David Kilzer (:ddkilzer) <ddkilzer>
Component:	WebCore Misc.	Assignee:	David Kilzer (:ddkilzer) <ddkilzer>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	Other
Hardware:	Unspecified
OS:	Unspecified
See Also:	https://bugs.webkit.org/show_bug.cgi?id=281892 https://bugs.webkit.org/show_bug.cgi?id=281917

David Kilzer (:ddkilzer)

Reported 2024-10-22 14:22:56 PDT

WebCore::DecodedHTMLEntity::span() should use std::span::first(). This code currently avoids bounds checking of `m_characters` when creating std::span: ``` constexpr std::span<const UChar> span() const { return { m_characters.data(), m_length }; } ``` Found by std::span clang static analysis checker under development.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2024-10-22 14:25:53 PDT

<rdar://problem/138431470>

David Kilzer (:ddkilzer)

Comment 2 2024-10-22 14:32:15 PDT

Pull request: https://github.com/WebKit/WebKit/pull/35585

EWS

Comment 3 2024-10-22 19:40:04 PDT

Committed 285583@main (b8b9ecf63b67): <https://commits.webkit.org/285583@main> Reviewed commits have been landed. Closing PR #35585 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.