On Thu, Apr 18, 2024 at 1:16 PM Ruediger Pluem <rpl...@apache.org> wrote: > > On 4/18/24 12:37 AM, minf...@apache.org wrote: > > Author: minfrin > > Date: Wed Apr 17 22:37:07 2024 > > New Revision: 1917082 > > > > URL: http://svn.apache.org/viewvc?rev=1917082&view=rev > > Log: > > apr_buffer: Add explicit casts on all potentially narrowing conversions > > to apr_size_t. Define the maximum buffer size as APR_SIZE_MAX/2. > > > > Modified: > > apr/apr/trunk/buffer/apr_buffer.c > > > > Modified: apr/apr/trunk/buffer/apr_buffer.c > > URL: > > http://svn.apache.org/viewvc/apr/apr/trunk/buffer/apr_buffer.c?rev=1917082&r1=1917081&r2=1917082&view=diff > > ============================================================================== > > --- apr/apr/trunk/buffer/apr_buffer.c (original) > > +++ apr/apr/trunk/buffer/apr_buffer.c Wed Apr 17 22:37:07 2024 > > @@ -28,12 +28,13 @@ > > #include "apr_strings.h" > > #include "apr_private.h" > > > > +#define APR_BUFFER_MAX APR_SIZE_MAX/2 > > Why no longer APR_OFF_MAX?
Indeed at least APR_BUFFER_MAX and buf->size of should be of the same signedness. But let me plead again for a much simpler ->size of type apr_size_t, checked against APR_BUFFER_MAX=APR_SIZE_MAX/2 wherever an apr_buffer_t is initialized, using the high bit of ->size for string vs plain buffer, and then getting rid of off_t/ssize_t plus all the fancy signed arithmetics in the apr_buffer code (we don't care about the sizeof(off_t) or anything like that anymore).. Currently apr_buffer_str_make(mystring, strlen(mystring)) is UB, the API is just broken IMHO. Regards; Yann.
