Bug: Truncation casts in array_view/com_array and elsewhere?

microsoft / cppwinrt

C++/WinRT

MIT License

1.64k stars 236 forks source link

Bug: Truncation casts in array_view/com_array and elsewhere? #1347

Closed jonwis closed 11 months ago

jonwis commented 1 year ago

Version

2.0.220131.2

Summary

See #1343 where we noticed a bunch of places that convert from a size_t to an ABI-friendly uint32_t via static_cast. Each instance probably needs to be analyzed and replaced with a WINRT_ASSERT or WINRT_VERIFY or some form of "checked conversion cast" method.

Reproducible example

No response

Expected behavior

No response

Actual behavior

No response

Additional comments

No response

github-actions[bot] commented 12 months ago

This issue is stale because it has been open 10 days with no activity. Remove stale label or comment or this will be closed in 5 days.

JaiganeshKumaran commented 11 months ago

Seems like both WINRT_ASSERT and WINRT_VERIFY are only for debug mode. We should probably throw or abort instead, as the size of a collection can vary at run-time.