This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] [BZ 20628] make mallinfo saturating

From: Paul Eggert <eggert at cs dot ucla dot edu>
To: DJ Delorie <dj at redhat dot com>
Cc: carlos at redhat dot com, libc-alpha at sourceware dot org
Date: Wed, 5 Oct 2016 23:34:07 -0700
Subject: Re: [PATCH] [BZ 20628] make mallinfo saturating
Authentication-results: sourceware.org; auth=none
References: <xnponep7vh.fsf@greed.delorie.com>

DJ Delorie wrote:

Paul Eggert <eggert@cs.ucla.edu> writes:

These don't look right, as INTERNAL_SIZE_T might not be wider than int,


In which case, the values we're adding up won't overflow because memory
is limited to an int-sized address space.

I don't see how that follows. If INTERNAL_SIZE_T and int are both 32 bits, then(INTERNAL_SIZE_T)(SUM) + (INTERNAL_SIZE_T)(ADD) is a 32-bit unsigned addition.This addition can overflow and wrap around, but the code doesn't check for thatoverflow.

Also, if SUM is INT_MIN


"Assumes ADD and SUM are positive."


That assumption is incorrect, since SUM can be INT_MIN after a wraparound overflow.

Follow-Ups:
- Re: [PATCH] [BZ 20628] make mallinfo saturating
  - From: DJ Delorie
- Re: [PATCH] [BZ 20628] make mallinfo saturating
  - From: DJ Delorie

References:
- Re: [PATCH] [BZ 20628] make mallinfo saturating
  - From: DJ Delorie

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]