This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Dynamic growable arrays for internal use
On 05/05/2017 08:23 AM, Florian Weimer wrote:
You just have to be careful with pointer differences.
Not just with pointer differences, but also in index and size calculations.
Although the problem is in the calling code not in the module itself, it
is a common problem, and unfortunately it can lead to serious issues
that are not easily detected because unsigned arithmetic is well-defined
to wrap around. In practice, just saying "callers must be careful" is
not good enough.
As no realistic user of this module should need to allocate objects
containing more than PTRDIFF_MAX bytes, it is a reasonable engineering
decision for it to reject such objects in the interest of overall glibc
reliability.