Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a bunch of Implicit type narrowing warnings #4288

Open
wants to merge 11 commits into
base: develop
Choose a base branch
from
Open

Fix a bunch of Implicit type narrowing warnings #4288

wants to merge 11 commits into from

Conversation

melissalinkert
Copy link
Member

I can split up if easier to review, but just wanted to get the easy CodeQL warnings sorted out.

I wouldn't expect this to impact builds at all.

@melissalinkert
Change type of pixel scale factor to int
8125326 
This prevents an implicit type cast. The scale factor is 2 to an integer power,
which is always an integer, and gets multiplied by an int pixel value with
int result expected.
@melissalinkert
Rework image width calculation to have safer arithmetic
d1df90b
@melissalinkert
Change skipped byte counter type to long
d0359f3 
This makes more sense than int, since it's calculated from file positions.
@melissalinkert
Explicitly cast text box height to int
572bbd4 
This is just for drawing text on a test image, so rounding doesn't really matter
and we for sure do not need sub-pixel precision.
@melissalinkert
Check tile row count for integer overflow, then explicitly cast to int
3c44b13 
This prevents an implicit cast later on when calculating the array
offsets during tile copying.
@melissalinkert
Check decompressed byte count before casting to int
d8104fe
@melissalinkert
Explicitly cast powers of 2 to int
2862f71
@melissalinkert
Sanity check bit shift value before incrementing it
c6cce0a
@melissalinkert
One more explicit cast while bit shifting
4171cae
@melissalinkert
Prevent implicit type cast by using Short.MAX_VALUE
e44e4ec
@melissalinkert
Basic input validation for generating an index from a string
7f1979d 
This method gets used by FakeReader to count the number of rows in a plate
based on the well name, so input should be the well row label, e.g. "A", "AC".
@melissalinkert melissalinkert requested a review from sbesson March 6, 2025 21:55
sbesson
sbesson approved these changes Mar 11, 2025
View reviewed changes
Copy link
Member

@sbesson sbesson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The proposed changes add defensive checks in a couple of locations to prevent overflows replacing them when appropriate with FormatException with appropriate error messages.

So far no such overflow had been reported as an issue by the community and the nightly CI builds have been passing with this PR included. @melissalinkert do you have any specific functional testing in mind other than code review. Otherwise, this should be good to merge.

components/formats-bsd/src/loci/formats/ResourceNamer.java
@@ -139,8 +139,14 @@ public String getLetter() {
public static int alphabeticIndexCount(String index) {
int count = 0;
char[] letters = index.toCharArray();
if (letters.length > 6) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seeing the only place where this API is used is

bioformats/components/formats-bsd/src/loci/formats/in/FakeReader.java

Line 1389 in 105c899

rows = ResourceNamer.alphabeticIndexCount(elements[0]);
i.e. translating the well row into an index, it almost feels like this could be thrown with letters.length >3.

But generally agreed with the limit chosen here as the code would have resulted in an Integer overflow

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I debated being more restrictive, but chose the limit of 6 as it's public API and there's a chance that something external is using this method differently from FakeReader.

@melissalinkert
Copy link
Member Author

I didn't have any particular functional testing in mind beyond verifying that all builds pass. I don't know of data that would actually throw exceptions on any of the new overflow checks, but it seemed like a good idea to add now rather than later. None of the writers are impacted, so conversions shouldn't need to be tested either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbesson sbesson sbesson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@melissalinkert @sbesson