Cleanup: SmallMemmove nullify should also be limited to 15 bytes

The current implementation correctly copies up to 15 bytes of data, but the nullify code clears up to 16 bytes, which was likely motivated by the assumption that the length indicator is always the last byte. This changes limits the nullify to 15 bytes as well removing this layout specific assumption from cord.h, making future platform specific internal layout changes easier to land. PiperOrigin-RevId: 477997741 Change-Id: Idcdfeca2a005139f97eafcc77111542d90b817af
2 years ago · ba78523573
parent 516c626692
commit ba78523573
1 changed files with 5 additions and 5 deletions
--- a/absl/strings/cord.h
+++ b/absl/strings/cord.h
@ -1013,17 +1013,17 @@ namespace cord_internal {

 // Fast implementation of memmove for up to 15 bytes. This implementation is
 // safe for overlapping regions. If nullify_tail is true, the destination is
-// padded with '\0' up to 16 bytes.
+// padded with '\0' up to 15 bytes.
 template <bool nullify_tail = false>
 inline void SmallMemmove(char* dst, const char* src, size_t n) {
  if (n >= 8) {
-    assert(n <= 16);
+    assert(n <= 15);
    uint64_t buf1;
    uint64_t buf2;
    memcpy(&buf1, src, 8);
    memcpy(&buf2, src + n - 8, 8);
    if (nullify_tail) {
-      memset(dst + 8, 0, 8);
+      memset(dst + 7, 0, 8);
    }
    memcpy(dst, &buf1, 8);
    memcpy(dst + n - 8, &buf2, 8);
@ -1034,7 +1034,7 @@ inline void SmallMemmove(char* dst, const char* src, size_t n) {
    memcpy(&buf2, src + n - 4, 4);
    if (nullify_tail) {
      memset(dst + 4, 0, 4);
-      memset(dst + 8, 0, 8);
+      memset(dst + 7, 0, 8);
    }
    memcpy(dst, &buf1, 4);
    memcpy(dst + n - 4, &buf2, 4);
@ -1045,7 +1045,7 @@ inline void SmallMemmove(char* dst, const char* src, size_t n) {
      dst[n - 1] = src[n - 1];
    }
    if (nullify_tail) {
-      memset(dst + 8, 0, 8);
+      memset(dst + 7, 0, 8);
      memset(dst + n, 0, 8);
    }
  }