[ads] General code health

[tmancey]

Resolves brave/brave-browser#43838

Submitter Checklist:

• I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally:
  • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
  • npm run presubmit wiki, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

[github-actions]

_{reported by reviewdog 🐶}
[semgrep] Checking if an unsigned variable is negative makes no sense and is usually a good indication that something is probably wrong with the code.

Source: https://github.com/0xdea/semgrep-rules/blob/main/c/incorrect-unsigned-comparison.yaml


Cc @thypon @kdenhartog

[tmancey]

Fixed.

[tmancey]

Fixed

[github-actions]

[puLL-Merge] - brave/brave-core@27587

Here's my review of the changes:

Description

This PR refactors integer types in Brave Ads code to use size_t instead of int for container sizes and array indices. This is a good practice since sizes and indices are always non-negative, and size_t is the proper type for array indexing and size operations. The PR also contains some cleanup of challenge bypass ristretto test utilities and constants.

Changes

Changes

By filename:

1. account/ad_events/ad_event_test_util.*:

• Changed int parameters to size_t for count-related functions
• Updated tests to use size_t literals with 'U' suffix

2. account/confirmation_tokens/confirmation_tokens_test_util.*:

• Switched to size_t for token counts
• Added random token generation capability
• Updated test constants with new deterministic test values

3. account/issuers/*:

• Refactored maximum token issuer public keys parameter to use size_t
• Updated related tests to compare against size_t values

4. account/tokens/*:

• Modernized token utilities to use size_t for sizes and counts
• Added proper type declarations for token lists
• Improved test data organization

5. Various feature files:

• Changed int parameters to size_t for:
  • Maximum ads per hour/day
  • Token counts
  • Queue sizes
  • History limits
  • Page visit caps

sequenceDiagram
    participant Client
    participant TokenGenerator
    participant BatchDLEQProof
    participant TokenIssuer
    
    Client->>TokenGenerator: Request token generation (size_t count)
    TokenGenerator-->>Client: Return raw tokens
    Client->>TokenIssuer: Request token signing
    TokenIssuer->>BatchDLEQProof: Generate proof
    BatchDLEQProof-->>Client: Return signed tokens
    Client->>Client: Store tokens (size_t max)

Loading

Security Hotspots

1. Token Verification: The change in verification signatures and blinded tokens requires careful verification that token validation still works correctly to prevent token forgery.

2. Array Bounds: The change from int to size_t for array indices needs careful testing to avoid potential integer overflow issues in boundary conditions.

Let me know if you would like me to elaborate on any part of the review.