[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-gnulib] proposed vasnprintf patches for address arithmetic and
From: |
Bruno Haible |
Subject: |
Re: [Bug-gnulib] proposed vasnprintf patches for address arithmetic and stack overflow |
Date: |
Mon, 24 Nov 2003 12:47:40 +0100 |
User-agent: |
KMail/1.5 |
Paul Eggert wrote:
> 2003-11-20 Paul Eggert <address@hidden>
>
> Remove dependency on ssize_t in vasnprintf; this removes a few
> minor arbitrary limits, and simplifies the code.
>
> * printf-parse.h: Do not include <sys/types.h>.
> * printf-parse.c: Likewise.
> * printf-parse.h (NO_ARG_INDEX): New macro.
> (char_directive): Use size_t, not ssize_t.
> * vasnprintf.c (VASNPRINTF): Likewise.
> * printf-parse.c (PRINTF_PARSE): Likewise.
> Remove overflow tests that are now unnecessary.
> * printf-parse.c (SSIZE_MAX): Remove.
Thanks, I've applied your patch, with only a minor modification:
rename NO_ARG_INDEX into ARG_NONE. (More systematic naming of
special values, like FLAG_ZERO.) Will be commited tomorrow.
> we have the same problem with ssize_t. There is no guarantee
> that ssize_t is the same width as size_t either.
Maybe in POSIX theory. But in Unix reality? I cannot imagine anyone
choosing sizeof (ssize_t) != sizeof (size_t).
> ssize_t is a POSIX notion, not a C-language notion. It is meant for
> POSIX calls like 'read', not for pointer arithmetic. It shouldn't be
> used to implement C-language notions like vasnprintf, as these
> functions are fundamentally C-language functions and are independent
> of POSIX.
The implementation of a functionality can always use more things than
the standard defining the functionality. For example, the implementation
of malloc() [ISO C] uses mmap() [POSIX], and the implementation of xmalloc()
[ANSI C extension] uses gettext() [which uses POSIX read(), mmap()].
Bruno
Re: [Bug-gnulib] proposed vasnprintf patches for address arithmetic and stack overflow, Bruno Haible, 2003/11/18