Hi Patrick,
It is the reason why it should be updated. The checks in
IS_SAFE_STRUCT_SIZE are performed with the cast: (size_t)(a). If the
cast is omitted here, it may yield a different result.
What if ‘a’ is a signed integer with negative value?
Regards,
Alexey
On 08/11/2022 15:25, Patrick Chen wrote:
But you forgot that (IS_SAFE_STRUCT_SIZE((a), (m), (n)) ?
((func)((a) + (size_t)(m) * (size_t)(n))) : FAILURE_RESULT) is not the
same equivalence to (IS_SAFE_STRUCT_SIZE((a), (m), (n)) ?
((func)((size_t)(a) + (size_t)(m) * (size_t)(n))) : FAILURE_RESULT)
because of the ((func)((size_t)(a) + (size_t)(m) * (size_t)(n))
Le mar. 8 nov. 2022 à 14:59, Alexey Ivanov <[email protected]> a écrit :
On Mon, 7 Nov 2022 22:04:55 GMT, Alexander Zuev
<[email protected]> wrote:
<SNIP>
To be safe, `a` should also be cast.
And `IS_SAFE_STRUCT_SIZE` should also be updated to pass
`(size_t)(m) * (size_t)(n)` to `IS_SAFE_SIZE_ADD` instead of `(m)
* (n)`.
-------------
PR: https://git.openjdk.org/jdk/pull/11030
