This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: vfprintf typing problem
On Sat, Mar 31, 2012 at 6:25 PM, David Miller <davem@davemloft.net> wrote:
> From: "Carlos O'Donell" <carlos@systemhalted.org>
> Date: Sat, 31 Mar 2012 18:02:43 -0400
>
>> On Sat, Mar 31, 2012 at 5:19 PM, David Miller <davem@davemloft.net> wrote:
>>> @@ -77,9 +77,11 @@ read_int (const UCHAR_T * *pstr)
>>> ? ? {
>>> ? ? ? retval *= 10;
>>> ? ? ? retval += **pstr - L_('0');
>>> + ? ? ?if (retval > INT_MAX)
>>> + ? ? ? return -1;
>>
>> Is this correct?
>>
>> If in the previous iteration we were less than INT_MAX, given the "*
>> 10 + [0-9]" we might wrap the unsigned int retval to a positive value
>> e.g. 429,496,729 * 10 + 6 = 0, and not detect the signed int overflow?
>>
>> What am I missing?
>
> Indeed, I need to check for overflow before the addition.
>
> Please review the patch with that fix implied :-)
Sorry, I should have said that the rest of the patch looks good to me.
Thanks for slogging through this.
Cheers,
Carlos.