Fix 64 bit truncation on display_item.h

Assign the derived size after the SECURITY_DCHECKS to make it clear we never expect this to exceed the size reserved. BUG=879657 Change-Id: I1bb9f8724b9605499286935002a45508e58f2b04 Reviewed-on: https://chromium-review.googlesource.com/c/1347577Reviewed-by: Robert Flack <flackr@chromium.org> Commit-Queue: Dave Tapuska <dtapuska@chromium.org> Cr-Commit-Position: refs/heads/master@{#611381}

Fix 64 bit truncation on display_item.h
Assign the derived size after the SECURITY_DCHECKS to make it clear we never expect this to exceed the size reserved. BUG=879657 Change-Id: I1bb9f8724b9605499286935002a45508e58f2b04 Reviewed-on: https://chromium-review.googlesource.com/c/1347577Reviewed-by: Robert Flack <flackr@chromium.org> Commit-Queue: Dave Tapuska <dtapuska@chromium.org> Cr-Commit-Position: refs/heads/master@{#611381}
2c03896d · Dave Tapuska · Commit Bot · 0a00b236 · 2c03896d
Commit 2c03896d authored Nov 27, 2018 by Dave Tapuska Committed by Commit Bot Nov 27, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

third_party/blink/renderer/platform/graphics/paint/display_item.h ...rty/blink/renderer/platform/graphics/paint/display_item.h +1 -1

No files found.
--- a/third_party/blink/renderer/platform/graphics/paint/display_item.h
+++ b/third_party/blink/renderer/platform/graphics/paint/display_item.h
@@ -152,7 +152,6 @@ class PLATFORM_EXPORT DisplayItem {
        visual_rect_(client.VisualRect()),
        outset_for_raster_effects_(client.VisualRectOutsetForRasterEffects()),
        type_(type),
-        derived_size_(derived_size),
        fragment_(0),
        is_cacheable_(client.IsCacheable()),
        is_tombstone_(false) {
@@ -160,6 +159,7 @@ class PLATFORM_EXPORT DisplayItem {
    // If it doesn't, enlarge |derived_size_| and fix this assert.
    SECURITY_DCHECK(derived_size < (1 << 8));
    SECURITY_DCHECK(derived_size >= sizeof(*this));
+    derived_size_ = static_cast<unsigned>(derived_size);
  }
  virtual ~DisplayItem() = default;