Re: [Bug-gnulib] checking for overflow

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnulib] checking for overflow

From:	Bruno Haible
Subject:	Re: [Bug-gnulib] checking for overflow
Date:	Mon, 20 Oct 2003 13:45:26 +0200
User-agent:	KMail/1.5

Jim Meyering wrote:
> Did you mean to remove the part of my patch that would make
> vasnprintf fail when doubling the amount of space would
> result in overflow?

Yes, I removed it because your patch didn't address the overflow in
the other places: vasnprintf.c lines 123, 151, 163 etc. Either do the
checking entirely, or don't do it at all.

Now Paul is working on more overflow checks in many places. What I'm
missing here is a general policy.

  a) About the technical means: We could use gcc's flag -ftrapv (which
     should, starting with gcc-3.4, finally work). Or do we put the
     checking into the code, assuming that normal int opeations are
     modulo 2^32 ?

  b) Which places are considered dangerous? Only those where an overflow
     can easily happen when unintended, as in multiplication (xcalloc
     and friends)? Or does _any_ addition of a size_t to another size_t
     count as overflow opportunity?

Bruno

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-gnulib] vasnprintf.c: patch for inadequate snprintf on HPUX 10.20, Jim Meyering, 2003/10/19
- Re: [Bug-gnulib] vasnprintf.c: patch for inadequate snprintf on HPUX 10.20, Bruno Haible, 2003/10/20
  - Re: [Bug-gnulib] vasnprintf.c: patch for inadequate snprintf on HPUX 10.20, Jim Meyering, 2003/10/20
    - Re: [Bug-gnulib] checking for overflow, Bruno Haible <=
    - Re: [Bug-gnulib] checking for overflow, Paul Eggert, 2003/10/20

Prev by Date: [Bug-gnulib] addition: execute.h, execute.c, w32spawn.h
Next by Date: Re: [Bug-gnulib] checking for overflow
Previous by thread: Re: [Bug-gnulib] vasnprintf.c: patch for inadequate snprintf on HPUX 10.20
Next by thread: Re: [Bug-gnulib] checking for overflow
Index(es):
- Date
- Thread