bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-gnulib] Re: mbswidth vs. `int' overflow


From: Bruno Haible
Subject: [bug-gnulib] Re: mbswidth vs. `int' overflow
Date: Mon, 11 Apr 2005 13:43:37 +0200
User-agent: KMail/1.5

Jim Meyering wrote:
> I was looking for assurance that mbswidth would always return
> a non-negative value when called with flags == 0, e.g.,
>
>   int len = mbswidth (str, 0);

You can have this assurance only if strlen (str) < INT_MAX / 2.

> You can see that passing a string longer than INT_MAX to mbswidth
> can make that function return a negative number.

Already a string of size
     ceil (INT_MAX / 2)
can provoke this effect. Take for example a string of n times the byte 0xbe
in a locale with encoding IBM290. In this encoding, 0xbe is U+309B, which
has wcwidth 2. (I had to search a bit for this example: most CJK encodings
are designed in such a way that only characters of width 1 occupy only 1
byte, i.e. all double-width characters occupy 2 or more bytes.)

> I realize this is largely theoretical, but
> how about changing the spec to deal with it or at least adding
> a comment to acknowledge the risk?

I added a comment.

Bruno


*** mbswidth.c  8 Nov 2004 12:54:48 -0000       1.12
--- mbswidth.c  11 Apr 2005 11:29:13 -0000
***************
*** 1,5 ****
  /* Determine the number of screen columns needed for a string.
!    Copyright (C) 2000-2004 Free Software Foundation, Inc.
  
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
--- 1,5 ----
  /* Determine the number of screen columns needed for a string.
!    Copyright (C) 2000-2005 Free Software Foundation, Inc.
  
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
***************
*** 91,97 ****
     character string pointed to by STRING.  If a non-printable character
     occurs, and MBSW_REJECT_UNPRINTABLE is specified, -1 is returned.
     With flags = MBSW_REJECT_INVALID | MBSW_REJECT_UNPRINTABLE, this is
!    the multibyte analogue of the wcswidth function.  */
  int
  mbswidth (const char *string, int flags)
  {
--- 91,98 ----
     character string pointed to by STRING.  If a non-printable character
     occurs, and MBSW_REJECT_UNPRINTABLE is specified, -1 is returned.
     With flags = MBSW_REJECT_INVALID | MBSW_REJECT_UNPRINTABLE, this is
!    the multibyte analogue of the wcswidth function.
!    If STRING is not of length < INT_MAX / 2, integer overflow can occur.  */
  int
  mbswidth (const char *string, int flags)
  {
***************
*** 101,107 ****
  /* Returns the number of columns needed to represent the multibyte
     character string pointed to by STRING of length NBYTES.  If a
     non-printable character occurs, and MBSW_REJECT_UNPRINTABLE is
!    specified, -1 is returned.  */
  int
  mbsnwidth (const char *string, size_t nbytes, int flags)
  {
--- 102,109 ----
  /* Returns the number of columns needed to represent the multibyte
     character string pointed to by STRING of length NBYTES.  If a
     non-printable character occurs, and MBSW_REJECT_UNPRINTABLE is
!    specified, -1 is returned.
!    If NBYTES is not < INT_MAX / 2, integer overflow can occur.  */
  int
  mbsnwidth (const char *string, size_t nbytes, int flags)
  {





reply via email to

[Prev in Thread] Current Thread [Next in Thread]