Fix conversions from 32-bit pointers to signed 64-bit integers.

In case the address is a negative 32-bit integer (greater than 0x80000000), it
is converted into 64-bit preserving the sign so all the leading bits are set.
This results in an invalid 64-bit address.

The conversion must be done via an unsigned 32-bit integer (uintptr_t).

BUG=409826

Review URL: https://codereview.chromium.org/533173002

Cr-Commit-Position: refs/heads/master@{#293140}

1 files changed, 3 insertions, 2 deletions

diff --git a/base/android/linker/linker_jni.cc b/base/android/linker/linker_jni.cc
index 4eb774b..79dd201 100644
--- a/base/android/linker/linker_jni.cc
+++ b/base/android/linker/linker_jni.cc
@@ -452,7 +452,8 @@ static bool PostForLaterExecution(crazy_callback_t* callback_request,
   LOG_INFO("%s: Calling back to java with handler %p, opaque %p",
            __FUNCTION__, callback->handler, callback->opaque);
 
-  jlong arg = static_cast<jlong>(reinterpret_cast<intptr_t>(callback));
+  jlong arg = static_cast<jlong>(reinterpret_cast<uintptr_t>(callback));
+
   env->CallStaticVoidMethod(
       s_java_callback_bindings.clazz, s_java_callback_bindings.method_id, arg);
 
@@ -570,7 +571,7 @@ jlong GetRandomBaseLoadAddress(JNIEnv* env, jclass clazz, jlong bytes) {
   }
   munmap(address, bytes);
   LOG_INFO("%s: Random base load address is %p\n", __FUNCTION__, address);
-  return static_cast<jlong>(reinterpret_cast<intptr_t>(address));
+  return static_cast<jlong>(reinterpret_cast<uintptr_t>(address));
 }
 
 const JNINativeMethod kNativeMethods[] = {