Add safe_cast (RIPD-1702):

This change ensures that no overflow can occur when casting between enums and integral types.
2025-12-06 17:27:55 +00:00 · 2018-12-21 17:13:58 -05:00
parent 494724578a
commit 148bbf4e8f
35 changed files with 213 additions and 86 deletions
--- a/src/ripple/conditions/impl/Fulfillment.cpp
+++ b/src/ripple/conditions/impl/Fulfillment.cpp
@@ -17,6 +17,7 @@
 */
 //==============================================================================

+#include <ripple/basics/safe_cast.h>
 #include <ripple/conditions/Condition.h>
 #include <ripple/conditions/Fulfillment.h>
 #include <ripple/conditions/impl/PreimageSha256.h>
@@ -116,31 +117,32 @@ Fulfillment::deserialize(

    std::unique_ptr<Fulfillment> f;

-    switch (static_cast<Type>(p.tag))
+    using TagType = decltype(p.tag);
+    switch (p.tag)
    {
-    case Type::preimageSha256:
+    case safe_cast<TagType>(Type::preimageSha256):
        f = PreimageSha256::deserialize(Slice(s.data(), p.length), ec);
        if (ec)
            return {};
        s += p.length;
        break;

-    case Type::prefixSha256:
+    case safe_cast<TagType>(Type::prefixSha256):
        ec = error::unsupported_type;
        return {};
        break;

-    case Type::thresholdSha256:
+    case safe_cast<TagType>(Type::thresholdSha256):
        ec = error::unsupported_type;
        return {};
        break;

-    case Type::rsaSha256:
+    case safe_cast<TagType>(Type::rsaSha256):
        ec = error::unsupported_type;
        return {};
        break;

-    case Type::ed25519Sha256:
+    case safe_cast<TagType>(Type::ed25519Sha256):
        ec = error::unsupported_type;
        return {};

--- a/src/ripple/conditions/impl/error.cpp
+++ b/src/ripple/conditions/impl/error.cpp
@@ -17,6 +17,7 @@
 */
 //==============================================================================

+#include <ripple/basics/safe_cast.h>
 #include <ripple/conditions/impl/error.h>
 #include <system_error>
 #include <string>
@@ -41,7 +42,7 @@ public:
    std::string
    message(int ev) const override
    {
-        switch (static_cast<error>(ev))
+        switch (safe_cast<error>(ev))
        {
        case error::unsupported_type:
            return "Specification: Requested type not supported.";
@@ -136,7 +137,7 @@ std::error_code
 make_error_code(error ev)
 {
    return std::error_code {
-        static_cast<std::underlying_type<error>::type>(ev),
+        safe_cast<std::underlying_type<error>::type>(ev),
        detail::get_cryptoconditions_error_category()
    };
 }