1  // Copyright 2022 Google LLC
 2  //
 3  // Redistribution and use in source and binary forms, with or without
 4  // modification, are permitted provided that the following conditions are
 5  // met:
 6  //
 7  //     * Redistributions of source code must retain the above copyright
 8  // notice, this list of conditions and the following disclaimer.
 9  //     * Redistributions in binary form must reproduce the above
10  // copyright notice, this list of conditions and the following disclaimer
11  // in the documentation and/or other materials provided with the
12  // distribution.
13  //     * Neither the name of Google LLC nor the names of its
14  // contributors may be used to endorse or promote products derived from
15  // this software without specific prior written permission.
16  //
17  // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18  // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19  // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20  // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
21  // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22  // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23  // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24  // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25  // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26  // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27  // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28  
29  // safe_math.h: Helpful math functions.
30  #ifndef SAFE_MATH_H__
31  #define SAFE_MATH_H__
32  
33  #include <utility>
34  
35  namespace google_breakpad {
36  
37  // Adds `a` and `b`, returning a pair of:
38  // - The result after any truncation.
39  // - Whether an overflow/underflow occurred.
40  template <typename T>
41  std::pair<T, bool> AddWithOverflowCheck(T a, T b) {
42  #ifdef _WIN32
43    // Since C++11, unsigned overflow is well-defined; do everything unsigned,
44    // assuming 2's complement.
45    if (std::is_unsigned<T>::value) {
46      T result = a + b;
47      // Since we're adding two values >= 0, having a smaller value implies
48      // overflow.
49      bool overflow = result < a;
50      return {result, overflow};
51    }
52  
53    using TUnsigned = typename std::make_unsigned<T>::type;
54    T result = TUnsigned(a) + TUnsigned(b);
55    bool overflow;
56    if ((a >= 0) == (b >= 0)) {
57      if (a >= 0) {
58        overflow = result < a;
59      } else {
60        overflow = result > a;
61      }
62    } else {
63      // If signs are different, it's impossible for overflow to happen.
64      overflow = false;
65    }
66    return {result, overflow};
67  #else
68    T result;
69    bool overflow = __builtin_add_overflow(a, b, &result);
70    return {result, overflow};
71  #endif
72  }
73  
74  template <typename T>
75  T AddIgnoringOverflow(T a, T b) {
76    return AddWithOverflowCheck(a, b).first;
77  }
78  
79  }  // namespace google_breakpad
80  
81  #endif  // SAFE_MATH_H__