[vlc-devel] [PATCH 3/7] subsdec: fix potential unsigned overflow
Rémi Denis-Courmont
remi at remlab.net
Tue May 6 22:44:48 CEST 2014
Le mardi 6 mai 2014, 22:28:04 Felix Abecassis a écrit :
> > If psz_tag is the empty string the result is unchanged.
>
> Is it? Unsigned overflow is well defined but conversion of an out of
> range unsigned value to a signed value is implementation defined
> apparently.
Well yeah. In ISO, it is implementation-defined. GCC defines it to do the Right
Thing though, as, I believe, any other real-life C compiler:
* `The result of, or the signal raised by, converting an integer to a
signed integer type when the value cannot be represented in an
object of that type (C90 6.2.1.2, C99 6.3.1.3).'
For conversion to a type of width N, the value is reduced modulo
2^N to be within range of the type; no signal is raised.
You are allowed to be pedantic and ignore that GCC statement. But then,
converting to size_t to int is also implementation-defined as size_t may be
larger than int. So the patch does not really fix the theoretical problem.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list