On 03/03/16 14:21, Bernd Schmidt wrote:
On 03/02/2016 06:22 PM, Mike Stump wrote:
So, check for overflow, or better use unsigned values that are large
enough to never overflow. With no possibility for overflow, you can
then retest the bug and see if there are any other failure modes and
fix those.
What C standard can we assume for libiberty? I was looking@patching this and
discovered that SIZE_MAX is defined only for C99, so I'm leaning towards
retaining the ints and using INT_MAX.
Retaining INT_MAX should be ok in this case, since that should allow pretty
large mangled strings. As far as I know, the only users of libiberty are GDB
and GCC, and GDB only because they have not completely moved to gnulib yet. GCC
is C++, GDB assumes C90 but it is moving to C++ anyway, so it could be bumped
to SIZE_MAX later.
However, it would be much better to add to libiberty something like gnulib's
x2realloc and x2nrealloc and use that because:
* It is more concise.
* Avoid duplication.
* libiberty should be replaced by gnulib eventually
* error-handling is shared with xrealloc, which gives both more consistency and
more flexibility.
Of course, there is an even better fix: Add to the GCC repository enough gnulib
modules to use directly the x2realloc from gnulib, make the demangler use that.
GDB is already using some gnulib modules, so it should not be a problem for
them. It is a bit more work in the short term, but re-implementing function by
function a lower quality implementation of the whole gnulib seems much worse in
the long run.
Cheers,
Manuel.
