-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ineffective overflow checks #220
Comments
Can you indicate which line(s) of code you are referring to? |
Here is an example. The positive signed integer variable Lines 368 to 371 in 93a88b4
At a glance I see the following additional instances of this problem. There may be more. Lines 539 to 543 in 93a88b4
Lines 558 to 563 in 93a88b4
|
Fair enough. The simplest "solution" here is just to remove the checks entirely. (They are pretty pointless on 64-bit machines anywhere where integer overflow cannot really happen here in practice.) The counter-argument is that leaving them in is relatively harmless, and may catch some overflows on 32-bit machines depending on the compiler. |
If you decide to keep the checks as they are, I would suggest to comment the
with
which is a correct check if and only if |
utf8proc tries to respond to signed integer overflow after the overflow has already occurred. Because signed integer overflow is Undefined Behaviour in C, the compiler can replace the overflow branch by whatever it wants. An optimising compiler will typically elide it.
The text was updated successfully, but these errors were encountered: