From 34989e42d94f0b4f982117032f29ae3cce1e1a39 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Fri, 1 May 2015 16:04:32 -0700 Subject: Save 4 bytes per CFX_ByteString where intptr_t smaller than long. Also prevent theoretical roll-over where long smaller than intptr_t. See bug for discussion. BUG=pdfium:149 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1117413002 --- core/include/fxcrt/fx_string.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/core/include/fxcrt/fx_string.h b/core/include/fxcrt/fx_string.h index a7cf2e1c16..c98a77cfe1 100644 --- a/core/include/fxcrt/fx_string.h +++ b/core/include/fxcrt/fx_string.h @@ -7,6 +7,7 @@ #ifndef _FX_STRING_H_ #define _FX_STRING_H_ +#include // For intptr_t. #include #include "fx_memory.h" @@ -168,14 +169,17 @@ private: typedef const CFX_ByteStringC& FX_BSTR; #define FX_BSTRC(str) CFX_ByteStringC(str, sizeof str-1) #define FXBSTR_ID(c1, c2, c3, c4) ((c1 << 24) | (c2 << 16) | (c3 << 8) | (c4)) -struct CFX_StringData { - - long m_nRefs; +// To ensure ref counts do not overflow, consider the worst possible case: +// the entire address space contains nothing but pointers to this object. +// Since the count increments with each new pointer, the largest value is +// the number of pointers that can fit into the address space. The size of +// the address space itself is a good upper bound on it; we need not go +// larger. +struct CFX_StringData { + intptr_t m_nRefs; // Would prefer ssize_t, but no windows support. FX_STRSIZE m_nDataLength; - FX_STRSIZE m_nAllocLength; - FX_CHAR m_String[1]; }; class CFX_ByteString @@ -586,13 +590,9 @@ private: typedef const CFX_WideStringC& FX_WSTR; #define FX_WSTRC(wstr) CFX_WideStringC(wstr, FX_ArraySize(wstr) - 1) struct CFX_StringDataW { - - long m_nRefs; - + intptr_t m_nRefs; // Would prefer ssize_t, but no windows support. FX_STRSIZE m_nDataLength; - FX_STRSIZE m_nAllocLength; - FX_WCHAR m_String[1]; }; class CFX_WideString -- cgit v1.2.3