[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnulib] checking for overflow

From: Bruno Haible
Subject: Re: [Bug-gnulib] checking for overflow
Date: Mon, 20 Oct 2003 13:45:26 +0200
User-agent: KMail/1.5

Jim Meyering wrote:
> Did you mean to remove the part of my patch that would make
> vasnprintf fail when doubling the amount of space would
> result in overflow?

Yes, I removed it because your patch didn't address the overflow in
the other places: vasnprintf.c lines 123, 151, 163 etc. Either do the
checking entirely, or don't do it at all.

Now Paul is working on more overflow checks in many places. What I'm
missing here is a general policy.

  a) About the technical means: We could use gcc's flag -ftrapv (which
     should, starting with gcc-3.4, finally work). Or do we put the
     checking into the code, assuming that normal int opeations are
     modulo 2^32 ?

  b) Which places are considered dangerous? Only those where an overflow
     can easily happen when unintended, as in multiplication (xcalloc
     and friends)? Or does _any_ addition of a size_t to another size_t
     count as overflow opportunity?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]