|
From: | Paul Eggert |
Subject: | Re: checking against signed integer overflow |
Date: | Sat, 5 Dec 2020 17:40:31 -0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 |
On 12/5/20 1:42 PM, Bruno Haible wrote:
How about adding a macro #define SAFE_INT_MULTIPLY(a, b, result) \ ! INT_MULTIPLY_WRAPV (a, b, result) and documenting it as a safe way to do integer multiplication, regardless of compiler options in effect?
Sure, we can do that. I prefer the name INT_MULTIPLY_OK though, as it's shorter, it fits better with intprops.h's naming conventions, and "SAFE" is a little misleading (the macro is not safe when, for example, its last argument is a null pointer). I installed the attached patch to do that; if you're not a fan we can always revert it.
Your reaction to the *_WRAPV names just goes to show how bad I am with marketing....
0001-intprops-Add-INT_ADD_OK-etc.patch
Description: Text Data
[Prev in Thread] | Current Thread | [Next in Thread] |