Tim Peters wrote:
> Given that, the assert() in question looks fine to me:
>
> if (_db_errmsg[0] && bytes_left < (sizeof(errTxt) - 4)) {
> bytes_left = sizeof(errTxt) - bytes_left - 4 - 1;
> assert(bytes_left >= 0);
>
> We can't get into the block unless
>
> bytes_left < sizeof(errTxt) - 4
>
> is true. Subtracting bytes_left from both sides, then swapping LHS and RHS:
>
> sizeof(errTxt) - bytes_left - 4 > 0
>
> which implies
>
> sizeof(errTxt) - bytes_left - 4 >= 1
>
> Subtracting 1 from both sides:
>
> sizeof(errTxt) - bytes_left - 4 - 1 >= 0
>
> And since the LHS of that is the new value of bytes_left, it must be true that
>
> bytes_left >= 0
>
> Either that, or the original author (and me, just above) made an error
> in analyzing what must be true at this point.
You omitted to state an assumption that sizeof(errTxt) >= 4, since size_t
(and the constant 4) are unsigned. Also bytes_left must initially be nonnegative
so that the subexpression 'sizeof(errTxt) - bytes_left' cannot overflow.
--
David Hopwood <[EMAIL PROTECTED]>
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
