[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-gnulib] Re: mbswidth vs. `int' overflow
From: |
Bruno Haible |
Subject: |
[bug-gnulib] Re: mbswidth vs. `int' overflow |
Date: |
Mon, 11 Apr 2005 13:43:37 +0200 |
User-agent: |
KMail/1.5 |
Jim Meyering wrote:
> I was looking for assurance that mbswidth would always return
> a non-negative value when called with flags == 0, e.g.,
>
> int len = mbswidth (str, 0);
You can have this assurance only if strlen (str) < INT_MAX / 2.
> You can see that passing a string longer than INT_MAX to mbswidth
> can make that function return a negative number.
Already a string of size
ceil (INT_MAX / 2)
can provoke this effect. Take for example a string of n times the byte 0xbe
in a locale with encoding IBM290. In this encoding, 0xbe is U+309B, which
has wcwidth 2. (I had to search a bit for this example: most CJK encodings
are designed in such a way that only characters of width 1 occupy only 1
byte, i.e. all double-width characters occupy 2 or more bytes.)
> I realize this is largely theoretical, but
> how about changing the spec to deal with it or at least adding
> a comment to acknowledge the risk?
I added a comment.
Bruno
*** mbswidth.c 8 Nov 2004 12:54:48 -0000 1.12
--- mbswidth.c 11 Apr 2005 11:29:13 -0000
***************
*** 1,5 ****
/* Determine the number of screen columns needed for a string.
! Copyright (C) 2000-2004 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
--- 1,5 ----
/* Determine the number of screen columns needed for a string.
! Copyright (C) 2000-2005 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
***************
*** 91,97 ****
character string pointed to by STRING. If a non-printable character
occurs, and MBSW_REJECT_UNPRINTABLE is specified, -1 is returned.
With flags = MBSW_REJECT_INVALID | MBSW_REJECT_UNPRINTABLE, this is
! the multibyte analogue of the wcswidth function. */
int
mbswidth (const char *string, int flags)
{
--- 91,98 ----
character string pointed to by STRING. If a non-printable character
occurs, and MBSW_REJECT_UNPRINTABLE is specified, -1 is returned.
With flags = MBSW_REJECT_INVALID | MBSW_REJECT_UNPRINTABLE, this is
! the multibyte analogue of the wcswidth function.
! If STRING is not of length < INT_MAX / 2, integer overflow can occur. */
int
mbswidth (const char *string, int flags)
{
***************
*** 101,107 ****
/* Returns the number of columns needed to represent the multibyte
character string pointed to by STRING of length NBYTES. If a
non-printable character occurs, and MBSW_REJECT_UNPRINTABLE is
! specified, -1 is returned. */
int
mbsnwidth (const char *string, size_t nbytes, int flags)
{
--- 102,109 ----
/* Returns the number of columns needed to represent the multibyte
character string pointed to by STRING of length NBYTES. If a
non-printable character occurs, and MBSW_REJECT_UNPRINTABLE is
! specified, -1 is returned.
! If NBYTES is not < INT_MAX / 2, integer overflow can occur. */
int
mbsnwidth (const char *string, size_t nbytes, int flags)
{