Bug 1277377 - prevent unsafe C-style cast in Vector (r=waldo)
authorLuke Wagner <luke@mozilla.com>
Thu, 02 Jun 2016 14:38:02 -0500
changeset 300284 8a30acee45af528007141458f1314d818654a52a
parent 300283 0df235f3ea95d90cc8101c4dadc291ac521d05a6
child 300285 8203279f09e3a5eaba76d38cf614f79aff35561f
push id19512
push usercbook@mozilla.com
push dateFri, 03 Jun 2016 10:40:46 +0000
treeherderfx-team@0ef7cc6b42c7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerswaldo
bugs1277377
milestone49.0a1
Bug 1277377 - prevent unsafe C-style cast in Vector (r=waldo) MozReview-Commit-ID: L0bTDSBHOeY
mfbt/Vector.h
--- a/mfbt/Vector.h
+++ b/mfbt/Vector.h
@@ -158,17 +158,22 @@ struct VectorImpl
  */
 template<typename T, size_t N, class AP>
 struct VectorImpl<T, N, AP, true>
 {
   template<typename... Args>
   MOZ_NONNULL(1)
   static inline void new_(T* aDst, Args&&... aArgs)
   {
-    *aDst = T(Forward<Args>(aArgs)...);
+    // Explicitly construct a local object instead of using a temporary since
+    // T(args...) will be treated like a C-style cast in the unary case and
+    // allow unsafe conversions. Both forms should be equivalent to an
+    // optimizing compiler.
+    T temp(Forward<Args>(aArgs)...);
+    *aDst = temp;
   }
 
   static inline void destroy(T*, T*) {}
 
   static inline void initialize(T* aBegin, T* aEnd)
   {
     /*
      * You would think that memset would be a big win (or even break even)