[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] strftime: don't assume a byte count fits in 'int'
From: |
Paul Eggert |
Subject: |
[PATCH] strftime: don't assume a byte count fits in 'int' |
Date: |
Mon, 21 Mar 2011 00:01:37 -0700 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8 |
* lib/strftime.c (add): Don't assume first arg fits in 'int'. I
found this problem by static analysis, using gcc -Wstrict-overflow
(GCC 4.5.2, x86-64). This reported an optimization that depended
on an integer overflow having undefined behavior, but it turns out
that the argument is a size, which might not fit in 'int' anyway,
2011-03-20 Paul Eggert <address@hidden>
---
ChangeLog | 9 +++++++++
lib/strftime.c | 10 +++++-----
2 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 168a6e9..3b24b8b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
2011-03-20 Paul Eggert <address@hidden>
+ strftime: don't assume a byte count fits in 'int'
+ * lib/strftime.c (add): Don't assume first arg fits in 'int'. I
+ found this problem by static analysis, using gcc -Wstrict-overflow
+ (GCC 4.5.2, x86-64). This reported an optimization that depended
+ on an integer overflow having undefined behavior, but it turns out
+ that the argument is a size, which might not fit in 'int' anyway,
+
+2011-03-20 Paul Eggert <address@hidden>
+
stdio: don't require ignore_value around fwrite
This patch works around libc bug 11959
diff --git a/lib/strftime.c b/lib/strftime.c
index 0a02b50..95d5bee 100644
--- a/lib/strftime.c
+++ b/lib/strftime.c
@@ -172,15 +172,15 @@ extern char *tzname[];
#define add(n, f) \
do \
{ \
- int _n = (n); \
- int _delta = width - _n; \
- int _incr = _n + (_delta > 0 ? _delta : 0); \
- if ((size_t) _incr >= maxsize - i) \
+ size_t _n = (n); \
+ size_t _incr = _n < width ? width : _n; \
+ if (_incr >= maxsize - i) \
return 0; \
if (p) \
{ \
- if (digits == 0 && _delta > 0) \
+ if (digits == 0 && _n < width) \
{ \
+ size_t _delta = width - _n; \
if (pad == L_('0')) \
memset_zero (p, _delta); \
else \
--
1.7.4
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [PATCH] strftime: don't assume a byte count fits in 'int',
Paul Eggert <=