This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [COMMIT PATCH] More invalid pointer to pointer conversions.
On 03/13/2013 05:55 PM, Pedro Alves wrote:
> On 03/13/2013 05:38 PM, Tom Tromey wrote:
>
>> Pedro> - displacement = strtol (tmp, (char **) &tmp, 10);
>> Pedro> + displacement = strtol (tmp, &endp, 10);
>> Pedro> + tmp = endp;
>>
>> I saw this in Keith's patch, too, and I was wondering if we should have
>> a strtol_const convenience function.
>
> Yeah, I wondered the same. I don't mind either way, actually.
>
> ( Read, I don't want it enough to add it myself :-) )
>
One thought occurred to me now though.
Every place that is doing:
char *tmp;
long l = strtol (tmp, &tmp, 0);
or:
(const)? char *tmp;
char *endp;
displacement = strtol (tmp, &endp, 10);
tmp = endp;
or the potential:
const char *tmp;
long l = strtol_const (tmp, &tmp, 0);
all suffer from the same problem -- they're not
really checking for strtol junk input / overflow.
That'd always go:
l = strtol (tmp, &endp, 10);
// --> here <--
tmp = endp;
Given that for proper error handling you always need
a separate endp, strtol_const doesn't feel like it adds
much if anything in practice.
Perhaps instead we should either fix all the strtol
call sites for error handling, or even come up with
(a) throwing variant(s). See e.g.,
xml_parse_unsigned_integer and gdb_xml_parse_ulongest
for possible interfaces. (I note ERANGE handling is
missing there too).
--
Pedro Alves