[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: oops? read/write vs type of length parameter

From: Eli Zaretskii
Subject: Re: oops? read/write vs type of length parameter
Date: Mon, 11 Apr 2011 05:44:17 -0400

> From: Jim Meyering <address@hidden>
> Date: Mon, 11 Apr 2011 10:55:35 +0200
> Cc: Eli Zaretskii <address@hidden>
> In http://bzr.savannah.gnu.org/lh/emacs/trunk/revision/103883
> you adjusted the signatures of emacs_read and emacs_write.
>   - extern int emacs_read (int, char *, unsigned int);
>   - extern int emacs_write (int, const char *, unsigned int);
>   + extern ssize_t emacs_read (int, char *, ssize_t);
>   + extern ssize_t emacs_write (int, const char *, ssize_t);

Yes, that's part of my on-going effort to allow editing of files
larger than 2GB.  With that revision, I can finally visit such a large
file, modify it, and save it to disk :-)

> It's good to see that you corrected the return type to be wider
> (ssize_t) and still signed, just like "int".

That's what its callers expect: the return value can be positive or

> However, did you really intend to make the buffer length parameters signed?
> I would have expected those to be of type size_t, not ssize_t.

We call these functions with an argument of type EMACS_INT, which can
be negative.  I don't want it to wind up as a large positive value
inside these functions, I'd rather the functions fail instead.  Note
that emacs_write is careful enough to check the sign of that argument,
and if we want a similar guard in emacs_read, we can easily add that.

Is there a problem with that?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]