verify.h: don't accept non-constant expressions

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

verify.h: don't accept non-constant expressions

From:	Jim Meyering
Subject:	verify.h: don't accept non-constant expressions
Date:	Mon, 05 Sep 2005 19:07:18 +0200

I realized that verify and verify_expr would mistakenly accept an
invalid (non-constant) expression when compiled with gcc and when
the offending expression is within a function.

For example, without the change below, the following erroneous usage
would go undetected (i.e., would be successfully compiled) by gcc:

  #include "verify.h"
  static void foo (int n) { verify (n); }

With the fixed macros, gcc gives a compile-time diagnostic,
as we would expect:

  $ gcc -c verify-test.c
  verify-test.c: In function 'foo':
  verify-test.c:2: error: size of array 'verify_error_if_non_const__' is 
negative

I've applied this patch:

2005-09-05  Jim Meyering  <address@hidden>

        * verify.h (__builtin_constant_p) [__GNUC__ <= 2]: Define to 1.
        (verify_type__) [verify_error_if_non_const__]: New member/test,
        to help detect when verify or verify_expr is mistakenly passed
        a non-constant argument within a function.

Index: lib/verify.h
===================================================================
RCS file: /fetish/cu/lib/verify.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -u -r1.5 -r1.6
--- lib/verify.h        11 Jul 2005 23:28:09 -0000      1.5
+++ lib/verify.h        5 Sep 2005 16:57:40 -0000       1.6
@@ -24,13 +24,23 @@
 # define GL_CONCAT0(x, y) x##y
 # define GL_CONCAT(x, y) GL_CONCAT0 (x, y)
 
+/* If gcc predates 3.0, then disable the check below to ensure
+   that verify_type__'s argument is a constant expression.  */
+# if __GNUC__ <= 2
+#  defined __builtin_constant_p(R) 1
+# endif
+
 /* A type that is valid if and only if R is nonzero.
    R should be an integer constant expression.
    verify_type__ and verify_error_if_negative_size__ are symbols that
    are private to this header file.  */
 
 # define verify_type__(R) \
-    struct { int verify_error_if_negative_size__[(R) ? 1 : -1]; }
+    struct { \
+      /* Provoke a compile-time failure if R is a non-constant expression. */ \
+      int verify_error_if_non_const__[__builtin_constant_p (R) ? 1 : -1]; \
+      /* Provoke a compile-time failure if R is nonzero.  */ \
+      int verify_error_if_negative_size__[(R) ? 1 : -1]; }
 
 /* Verify requirement R at compile-time, as a declaration.
    R should be an integer constant expression.

[Prev in Thread]

Current Thread

[Next in Thread]

verify.h: don't accept non-constant expressions, Jim Meyering <=
- Re: verify.h: don't accept non-constant expressions, Paul Eggert, 2005/09/06
  - Re: verify.h: don't accept non-constant expressions, Jim Meyering, 2005/09/06

Prev by Date: Re: place for find bugs?
Next by Date: Re: colorize more file types with dircolors ?
Previous by thread: place for find bugs?
Next by thread: Re: verify.h: don't accept non-constant expressions
Index(es):
- Date
- Thread