On 05/06/2013 05:56 PM, Jason Merrill wrote:
On 05/06/2013 08:46 AM, Florian Weimer wrote:
On 05/06/2013 02:39 PM, Jason Merrill wrote:
On 05/06/2013 05:46 AM, Florian Weimer wrote:
Nice, this is simpler than expected. However, it makes the call sites
even more bloated.
Hmm, perhaps the checking should be wrapped in an inline function, so
that the inliner can decide whether or not to expand it at the call
site...
Or we could call __cxa_vec_new[23] and rely on the check there
True. The problem with using those is the indirect calls to the
(possibly inline) constructors, though it might be worth doing
conditionally. Would you be interested in working on that change?
Yes, but it's probably better if you commit your patch right away.
(in most
cases—for new T[a][b], we'd still need a separate overflow check).
But new T[a][b] is ill-formed, so we don't need to handle that case.
I meant with one of a or b as a constant (I can't remember which it is).
We still have to perform one multiplication inline, to get the total
number of elements, and that needs overflow checking as well.
--
Florian Weimer / Red Hat Product Security Team
