1# Copyright 2024 The Chromium Project. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5# The set of path prefixes that should be checked for unsafe pointer usage (see 6# -Wunsafe-buffer-usage in Clang). 7# 8# *** 9# Paths should be written as relative to the root of the source tree with 10# unix-style path separators. Directory prefixes should end with `/`, such 11# as `base/`. 12# *** 13# 14# Lines that begin with `-` name path prefixes that will *not* be checked for 15# unsafe-buffer-usage. They are known to do unsafe things and should be 16# changed to use constructs like base::span or containers like base::HeapArray 17# and std::vector instead. See https://crbug.com/40285824 18# 19# Lines that begin with `+` name path prefixes that have no unsafe-buffer-usage 20# (or all such usage is annotated), and are protected against new unsafe pointer 21# behaviour by the compiler. 22# 23# By default, all files are checked for unsafe-buffer-usage unless they are 24# match a `-` path prefix line here. If a file matches both a `-` and `+` line, 25# the `+` line takes precedence and the file will be checked. 26# 27# To opt individual files out of checks, place `#pragma allow_unsafe_buffers` 28# anywhere in the (source or header) file, guarded by 29# `#ifdef UNSAFE_BUFFERS_BUILD`. These pragmas represent the technical debt and 30# security risk present in the file through unsafe pointer usage. 31# 32# *** 33# Recommended process for removing a `-dir/` line from this file: 34# 35# 1. Remove the `-dir/` line from this paths file. 36# a. Possibly add some subdirectories if needed to reduce scope, 37# like `-dir/sub_dir/`. 38# 2. Add `#pragma allow_unsafe_buffers` to every file in the directory that now 39# has a compilation error, with a TODO to the tracking bug for the 40# directory: 41# ``` 42# #ifdef UNSAFE_BUFFERS_BUILD 43# // TODO(crbug.com/ABC): Remove this and convert code to safer constructs. 44# #pragma allow_unsafe_buffers 45# #endif 46# ``` 47# 3. Work through the files in the directory, converting pointers to spans, or 48# to owning containers like HeapArray and vector. Remove the pragmas from 49# the files when there is no unsafe pointer usage left in each one. 50# 51# See `docs/unsafe_buffers.md`. 52 53-android_webview/ 54-apps/ 55-ash/ 56-base/allocator 57-base/third_party 58-build/ 59-build_overrides/ 60-buildtools/ 61-cc/ 62-chrome/ 63-chromecast/ 64-chromeos/ 65-clank/ 66-codelabs/ 67-components/ 68+components/discardable_memory 69-courgette/ 70-crypto/ 71-data/ 72-dbus/ 73-device/ 74-docs/ 75-extensions/ 76-fuchsia_web/ 77-gin/ 78-google_apis/ 79-google_update/ 80-gpu/ 81-headless/ 82-infra/ 83-internal/ 84-ios/ 85-ios_internal/ 86-ipc/ 87-media/ 88-mojo/ 89-native_client/ 90-native_client_sdk/ 91-net/third_party/ 92-ppapi/ 93-printing/ 94-remoting/ 95-rlz/ 96-sandbox/ 97-services/ 98-signing_keys/ 99-skia/ 100-sql/ 101-storage/ 102-testing/ 103-third_party/ 104-tools/ 105-ui/ 106+ui/views/ 107-url/ 108-v8/ 109-webkit/ 110 111# TODO(crbug.com/41497066#comment22) The Win SDK headers don't get categorized 112# as system headers when building with DEPOT_TOOLS_WIN_TOOLCHAIN=0 ? 113-Program Files (x86)/Windows Kits/ 114