2 new commits in plan9port:
https://bitbucket.org/rsc/plan9port/commits/3cd53e993790/
changeset: 3cd53e993790
user: xiw
date: 2013-03-19 19:35:16
summary: libsec: avoid undefined C
gcc compiles `p + length < p' into 'length < 0' since pointer overflow is undefined behavior in C. This breaks the check against a large `length'.
Use `length > pend - p' instead.
There's no need to check `length < 0' since `length' is from length_decode() and should be non-negative.
===
Try the simplified code.
void bar(void);
void foo(unsigned char *p, int length)
{
if (p + length < p)
bar();
}
$ gcc -S -o - t.c -O2
...
foo:
.LFB0:
.cfi_startproc
testl %esi, %esi
js .L4
rep
ret
.L4:
jmp bar
.cfi_endproc
Clearly `p' is not used at all.
R=rsc
CC=plan9port.codebot
https://codereview.appspot.com/7231069
Committer: Russ Cox <
r...@swtch.com>
affected #: 1 file
https://bitbucket.org/rsc/plan9port/commits/1bd8b25173d5/
changeset: 1bd8b25173d5
user: xiw
date: 2013-03-19 19:36:50
summary: rc: avoid undefined C
There are two bugs in pdec() on INT_MIN:
* wrong output.
`n = 1-n' should be `n = -1-n' when n is INT_MIN.
* infinite loop.
gcc optimizes `if(n>=0)' into `if(true)' because `-INT_MIN' (signed integer overflow) is undefined behavior in C, and gcc assumes the negation of a negative number must be positive. The resulting binary keeps printing '-' forever given INT_MIN.
Try the simplified pdec.c below.
$ gcc pdec.c
$ ./a.out -
2147483648
--214748364*
$ gcc pdec.c -O2
$ ./a.out -
2147483648
<infinite loop>
$ gcc pdec.c -O2 -D__PATCH__
$ ./a.out -
2147483648
-
2147483648
=== pdec.c ===
#include <stdio.h>
#include <stdlib.h>
#include <limits.h>
#define io void
void pchr(io *f, int c)
{
putchar(c);
}
void pdec(io *f, int n)
{
if(n<0){
#ifndef __PATCH__
n=-n;
if(n>=0){
pchr(f, '-');
pdec(f, n);
return;
}
/* n is two's complement minimum integer */
n = 1-n;
#else
if(n!=INT_MIN){
pchr(f, '-');
pdec(f, -n);
return;
}
/* n is two's complement minimum integer */
n = -(INT_MIN+1);
#endif
pchr(f, '-');
pdec(f, n/10);
pchr(f, n%10+'1');
return;
}
if(n>9)
pdec(f, n/10);
pchr(f, n%10+'0');
}
int main(int argc, char **argv)
{
int n = atoi(argv[1]);
pdec(NULL, n);
putchar('\n');
}
R=rsc
CC=plan9port.codebot
https://codereview.appspot.com/7241055
Committer: Russ Cox <
r...@swtch.com>
affected #: 1 file
Repository URL:
https://bitbucket.org/rsc/plan9port/
--
This is a commit notification from
bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.