This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Refactor malloc (x * sizeof (t) to XNMALLOC (x, t).
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: KOSAKI Motohiro <kosaki dot motohiro at gmail dot com>, libc-alpha at sourceware dot org
- Date: Thu, 31 Oct 2013 20:33:02 -0700
- Subject: Re: [PATCH] Refactor malloc (x * sizeof (t) to XNMALLOC (x, t).
- Authentication-results: sourceware.org; auth=none
- References: <20131031164614 dot GA28117 at domone dot podge> <5272C4B7 dot 10104 at cs dot ucla dot edu> <5272C83C dot 1050102 at gmail dot com>
KOSAKI Motohiro wrote:
>> inline void *
>> nmalloc (size_t n, size_t s)
>> {
>> return malloc (n <= SIZE_MAX / s ? n * s : SIZE_MAX);
>
> I'm worry about this. Rounding down to SIZE_DOWN is sometime dangerous.
> How about return NULL instead?
This code assumes that malloc (SIZE_MAX) returns NULL,
which is a safe assumption with glibc. If glibc were
changed so that malloc (SIZE_MAX) could return non-NULL,
then indeed nmalloc would have to return NULL (and set errno)
when the arguments are out of range. I assume that
the above code is more efficient (though this should
probably be measured....).