[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ft-devel] Outline n_points are int16 so overflow is possible becaus
From: |
mpsuzuki |
Subject: |
Re: [ft-devel] Outline n_points are int16 so overflow is possible because missing check |
Date: |
Wed, 8 Jul 2009 00:13:59 +0900 |
Dear John,
On Tue, 07 Jul 2009 15:14:45 +0200
John Tytgat <address@hidden> wrote:
>address@hidden wrote:
>> [...]
>> BTW, the path construction of Adobe PostScript language
>> restricts the number of points to 1500 (so, PS Type3 font
>> has this limitation). It's far smaller than font description
>> languages in above.
>That's not true (anymore) for a long time (decade ?). You can have
>paths with much more points in Adobe's PostScript 3 implementation and I
>assume Ghostscript as well. But that's not relevant for your FT
>observation.
Thank you for correction of my misunderstanding.
I was refering PLRM3, but the referred page was
describing the limitation of language level 1.
>> [...]
>> I've checked the Embedded Linux Kernel System (ELKS,
>> 16-bit kernel based on Linux) by Bruce's C compiler (bcc),
>>
>> (int) ( (short) 0x7FFF + (short) 0x7FFF ) < 0x7FFF
>>
>> is true. On 32-bit Linux kernel with gcc, it is false.
>> Therfore, a cast to larger type before summation is
>> required. How do you think of following patch?
>>
>Note that signed integer overflow is *not* defined in C, so this is
>compiler (setting) depending. gcc uses this liberty to make the best
>choice for optimisation and code generation. unsigned integer overflow
>is defined (as wrapping around).
Also thank you for note. I was not going to exclude the
possibility to overlook the overflow on ILP32 systems
by the experiment (just I wanted to show an example of
overlooked overflow on 16-bit system), but I was not
aware of the different definition of overflow: unsigned
is defined but signed is undefined. Thank you very much.
Regards,
mpsuzuki