On 02/02/2007 10:57 AM, Stefan Reinauer wrote:
I suggest comparing (rom + bytes - 1) > rom_end, because rom_end seems
to be the logical border we're checking for.
(rom + bytes - 1 > rom_end) equals to (rom + bytes > rom_end + 1)
provided that
[rom,rom_end+1) does not cross 0x7fffffff+1 and ptrdiff_t is signed,
or
[rom,rom_end+1) does not corss 0xffffffff+1 and ptrdiff_t is unsigned.
In linuxbios, [rom,rom_end+1) crosses neither boundary.
Strictly speaking, an exception for the first statement is when
ptrdiff_t is signed (which is our case);
rom+bytes-1 does not overflow and is 0x7fffffff;
rom+bytes does overflow and is 0x80000000;
rom_end is, for example, 0xffff0000.
Then,
(rom + bytes - 1 > rom_end) is true
(rom + bytes > rom_end + 1) is false
For this to happen rom must be within
[0x00000000-0x7fffffff], which is impossible.
Any way, you flavor is attached.
Regards,
Signed-off-by: Roman Kononov <[EMAIL PROTECTED]>
Index: src/stream/rom_stream.c
===================================================================
--- src/stream/rom_stream.c (revision 2542)
+++ src/stream/rom_stream.c (working copy)
@@ -116,7 +116,7 @@ byte_offset_t stream_skip(byte_offset_t
{
byte_offset_t bytes;
bytes = count;
- if ((rom + bytes) > rom_end) {
+ if (rom+bytes-1 > rom_end) {
printk_warning("%6d:%s() - overflowed source buffer\n",
__LINE__, __FUNCTION__);
bytes = 0;
--
linuxbios mailing list
[email protected]
http://www.openbios.org/mailman/listinfo/linuxbios
