On 4/7/21 4:00 AM, Marc Nieper-Wißkirchen wrote:
That's why I am wondering whether it makes sense to have an xsize module
that uses idx_t instead of size_t.
It might, yes. I use intprops.h for this sort of thing, but perhaps a
stripped-down header would be appropriate.
I am planning to
Hi Bruno,
thanks for replying so quickly.
Let's assume I have a procedure
void *foo_create (size_t n)
{
void *foo = malloc (a + n * b);
if (foo == NULL) ...;
...
return foo;
}
I want 'foo_create' to handle possible overflows. To me, it seems that
should use the xsize module for this
Hi Marc,
> What is the relationship between these two modules? Both try to minimize
> subtle bugs due to overflow.
These two modules, and the wraparound/overflow checking macros of 'intprops'
[1], are attempts to catch integer overflow.
The three approaches differ in terms of coding effort and
What is the relationship between these two modules? Both try to minimize
subtle bugs due to overflow.
However, both approaches cannot be easily combined as xsize expects
unsigned integers while idx is a signed one.
What is the suggested use of these modules for new code?
Thanks,
Marc
