[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-gnulib] xalloc.h proposed fix to detect potential ptrdiff_t ove
From: |
Bruno Haible |
Subject: |
Re: [Bug-gnulib] xalloc.h proposed fix to detect potential ptrdiff_t overflow |
Date: |
Mon, 24 Nov 2003 12:55:26 +0100 |
User-agent: |
KMail/1.5 |
Paul Eggert wrote:
> > malloc() has nothing to do with ptrdiff_t.
>
> The problem here is not malloc itself, but it is strongly related to
> malloc, as the problem occurs in programs that subtract pointers that
> point into malloced buffers.
It also occurs to programs that subtract pointers that point into
mmap()ed memory.
> > This means that ptrdiff_t is ill-defined by design
>
> That is not something that we can fix in a library by defining a new
> type. It is a defect of the C language. There are two plausible ways
> to program around the defect. We can either rewrite all our programs
> to avoid all subtraction of pointers into arrays that might be large;
> or we can fix our storage allocator so that problem cannot happen.
I opt for the first alternative.
> We don't have time to scan all of gnulib,
> coreutils, tar, diffutils, etc., looking for all instances of pointer
> subtraction to see whether there's a problem.
A gcc warning would help here, right? (I'm serious. Since we have a flaw
in the C language, the right place to help working around it is GCC.)
Bruno