On 06/27/2012 04:29 AM, Peter Maydell wrote: > Add field32() and field64() functions which extract a particular > bit field from a word and return it. Based on an idea by Jia Liu. >
> +static inline uint64_t field64(uint64_t value, int start, int length)
> +{
> + assert(start >= 0 && start <= 63 && length > 0 && start + length <= 64);
You're failing to account for wraparound:
field64(value, 63, MAX_INT)
gives undefined behavior in the addition, and even on (most) platforms
where it silently wraps around to a negative number, you have then
missed triggering the assert and proceed to do more unefined behavior
with a negative shift. You can solve that, and use one less conjunct,
by using:
assert(start >= 0 && length > 0 && (unsigned) start + length <= 64);
Same comment for field32().
--
Eric Blake ebl...@redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
