bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnulib] linebreak.c proposed patches for size-calculation overf

From: Bruno Haible
Subject: Re: [Bug-gnulib] linebreak.c proposed patches for size-calculation overflows
Date: Fri, 31 Oct 2003 13:38:35 +0100
User-agent: KMail/1.5 
Paul Eggert wrote:
> overflow problems in linebreak.c.

Thanks for looking into that.

> -              char *memory = malloc (n * sizeof (size_t) + m + m);
> 
> +          size_t two_m = 2 * m;
> +          size_t memory_size = n * sizeof (size_t) + two_m;
> +          if (n <= (size_t)(-1) / sizeof (size_t)
> +              && m <= two_m && two_m <= memory_size)
> +              char *memory = malloc (memory_size);

This is all correct, but it's getting unmaintainable. The xalloc_oversized
was a good start to keep the code clear. But here we need more macros or
inline functions.

Since I want to continue writing expressions as expressions, not broken
into statements, I imagine macros that let me write:

             bool overflow = false;
             size_t size = xsum3 (xtimes (n, sizeof (size_t), &overflow),
                                  m,
                                  m,
                                  &overflow);
             if (!overflow)
               {
                 char *memory = malloc (size);

What do you think? Other proposals how this code could be written in a
maintainable way?

Bruno
reply via email to
[Prev in Thread] Current Thread [Next in Thread]