[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] signed integer overflow undefined behavior

From: Paul Eggert
Subject: Re: [PATCH] signed integer overflow undefined behavior
Date: Fri, 13 Dec 2013 14:01:58 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0

On 12/12/2013 10:12 PM, Eric Lubin wrote:
> he disregards the fact that integer overflow is undefined in C
No, it's listed in FIXME comments:

/* FIXME: Check for arithmetic overflow in all cases, not just
   some of them.  */
/* FIXME: It also assumes that signed integer overflow silently wraps around,
   but this is not true any more with recent versions of GCC 4.  */

The patch you sent in doesn't look right, as it appears to assume
that time_t is the same width as 'long'.  Also, it incorrectly assumes
that t0, t1, t2, and t3 are nonnegative.  Furthermore, it'd be better to use the
rather than try to reinvent that wheel.

I should mention that the code is riddled with problems in this area,
e.g., apply_relative_time doesn't even check for overflow.  It'd be nice
if someone had the time to fix all this.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]