Hello,
In the info reader, as part of an effort to avoid comparison of signed
and unsigned integers, and also to have a clearer code, I am considering
setting SEARCH_BINDING start and end offsets to size_t instead of long.
Indeed, this should be a bug if they are negative (although there were
places in the code where they could become negative temporarily, before
being reset to 0 right after, which I modified).
However, there is a risk to go through 0 if there is an incorrect
substraction. This was the case in the code I modified with this
commit, s.start could become -1:
https://git.savannah.gnu.org/cgit/texinfo.git/commit/?id=1c9c2b6347742a1446e97d23034cfef98d8f23a7
I realized that there was a bug because I had set SEARCH_BINDING start
and end offsets to size_t, which lead s.start becoming the max size_t
value (and to a segfault), I had not seen it while reviewing the code
for such possibilities.
Keeping long could hide some bugs of offsets becoming negative, but also
be more robust in face of those bugs if it does not matter much that the
offsets become negative.
Any advice?
I attach the patch that would set SEARCH_BINDING start and end offsets
to size_t.
--
Pat
diff --git a/info/search.h b/info/search.h
index 79f8d0bd42..f6e77ebdba 100644
--- a/info/search.h
+++ b/info/search.h
@@ -34,8 +34,8 @@
typedef struct {
char *buffer; /* The buffer of text to search. */
- long start; /* Offset of the start of the search. */
- long end; /* Offset of the end of the searh. */
+ size_t start; /* Offset of the start of the search. */
+ size_t end; /* Offset of the end of the search. */
int flags; /* Flags controlling the type of search. */
} SEARCH_BINDING;
