qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 1/2] hmp: expr_unary(): check for overflow in st

From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH 1/2] hmp: expr_unary(): check for overflow in strtoul()/strtoull()
Date: Fri, 27 Apr 2012 09:22:46 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120329 Thunderbird/11.0.1 
On 04/27/2012 07:26 AM, Luiz Capitulino wrote:
>>>>> The test n == ULLONG_MAX is redundant.
>>>>
>>>> But harmless.
>>>
>>> Yes, and I prefer to comply to the standard (as there's no strong
>>> reason not to do so).
>>
>> What standard?
> 
> http://pubs.opengroup.org/onlinepubs/009695399/functions/strtoul.html

Which says that ERANGE is only possible if the return is ULLONG_MAX, but
since it also says that errno is unchanged on success, and that errno
must be ERANGE on overflow, it is sufficient to check errno==ERANGE
without having to also check the return value as a way to detect
overflow.  The only possible difference it might make to check the
return value first is that you can filter out an errno check for all
other return values, and on platforms where 'errno' evaluates to a macro
that invokes a function in order to access a thread-local, then avoiding
an errno comparison on the common case of no overflow is a potentially
worthwhile micro-optimization.

Again, all this conversation just goes to strengthen my claim that the
strtol() UI is evil, and that the only decent way to do
string-to-integer processing is to wrap it in a nicer interface, so that
it becomes easier to audit just the wrapper instead of all callers for
compliance with all the subtle details.

-- 
Eric Blake   address@hidden    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]