Fix unsafe buffer usage in native_widget_mac_nswindow.mm

Minor

提交哈希: 1334f2366c0eb9108d6099404ef160cce90a3a7d

提交时间: 2025-08-04 16:07:50+00:00

影响等级: Minor

生成工具: webview2-upstream-sentry

📋 摘要

This submission fixes unsafe buffer usage issues in the native_widget_mac_nswindow.mm file. The main changes include: 1) removing the UNSAFE_BUFFERS_BUILD preprocessor directive and #pragma allow_unsafe_buffers at the beginning of the file; 2) in the reallySaveRestorableState method, replacing the unsafe std::vector constructor that uses pointer arithmetic with the safer base::apple::NSDataToSpan() and base::span::copy_from() methods to copy data from the NSData object. This change is intended to improve the memory safety of the code and prevent potential buffer overflow or out-of-bounds access issues.

🎯 影响分析

This change has a positive impact on WebView2Mac. Although the core of the change is to improve memory safety, it does not alter the external interface or core functionality of the NativeWidgetMacNSWindow class. Since WebView2Mac inherits from remote_cocoa::NativeWidgetNSWindowBridge via HostingNSWindowBridge and relies on NativeWidgetMacNSWindow for window management, this security fix will enhance the stability and safety of WebView2Mac when handling window state restoration data. The reallySaveRestorableState method is responsible for saving the window’s restorable state data, which is important for WebView2Mac’s window lifecycle management. Safer buffer operations can reduce the risk of crashes caused by memory errors and improve overall stability. This change does not affect the functional features or performance of WebView2Mac.

受影响的类:

NativeWidgetMacNSWindow remote_cocoa::NativeWidgetNSWindowBridge