On 15-09-17 11:34 AM, Matthieu Moy wrote:
> Marc Branchaud writes:
>
>>> --- a/git-compat-util.h
>>> +++ b/git-compat-util.h
>>> @@ -814,6 +814,9 @@ static inline int strtoul_ui(char const *s, int base,
>>> unsigned int *result)
>>> char *p;
>>>
>>> errno = 0;
On 15-09-17 10:37 AM, Matthieu Moy wrote:
> strtoul_ui uses strtoul to get a long unsigned, then checks that casting
> to unsigned does not lose information and return the casted value.
>
> On 64 bits architecture, checking that the cast does not change the value
> catches most errors, but when
Marc Branchaud writes:
>> --- a/git-compat-util.h
>> +++ b/git-compat-util.h
>> @@ -814,6 +814,9 @@ static inline int strtoul_ui(char const *s, int base,
>> unsigned int *result)
>> char *p;
>>
>> errno = 0;
>> +/* negative values would be accepted by
Matthieu Moy writes:
> This patch catches negative values before it's too late, i.e. before
> calling strtoul. We still silently accept very large integers that wrap
> to a valid "unsigned int".
Is the last statement correct? A very large long uint that wrap to
uint would
strtoul_ui uses strtoul to get a long unsigned, then checks that casting
to unsigned does not lose information and return the casted value.
On 64 bits architecture, checking that the cast does not change the value
catches most errors, but when sizeof(int) == sizeof(long) (e.g. i386),
the check
5 matches
Mail list logo