This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: vfprintf typing problem

From: David Miller <davem at davemloft dot net>
To: carlos at systemhalted dot org
Cc: eggert at cs dot ucla dot edu, libc-alpha at sourceware dot org
Date: Sat, 31 Mar 2012 18:25:38 -0400 (EDT)
Subject: Re: vfprintf typing problem
References: <4F76925D.5060000@cs.ucla.edu><20120331.171937.1599131964016505444.davem@davemloft.net><CADZpyizqQWqsCqCkb8+yX+VGAQt4Zq8dCpVQDhzd-8-_YGzG7A@mail.gmail.com>

From: "Carlos O'Donell" <carlos@systemhalted.org>
Date: Sat, 31 Mar 2012 18:02:43 -0400

> On Sat, Mar 31, 2012 at 5:19 PM, David Miller <davem@davemloft.net> wrote:
>> @@ -77,9 +77,11 @@ read_int (const UCHAR_T * *pstr)
>> ? ? {
>> ? ? ? retval *= 10;
>> ? ? ? retval += **pstr - L_('0');
>> + ? ? ?if (retval > INT_MAX)
>> + ? ? ? return -1;
> 
> Is this correct?
> 
> If in the previous iteration we were less than INT_MAX, given the "*
> 10 + [0-9]" we might wrap the unsigned int retval to a positive value
> e.g. 429,496,729 * 10 + 6 = 0, and not detect the signed int overflow?
> 
> What am I missing?

Indeed, I need to check for overflow before the addition.

Please review the patch with that fix implied :-)

Follow-Ups:
- Re: vfprintf typing problem
  - From: Carlos O'Donell

References:
- Re: vfprintf typing problem
  - From: Paul Eggert
- Re: vfprintf typing problem
  - From: David Miller
- Re: vfprintf typing problem
  - From: Carlos O'Donell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]