Topic: Safe version of malloc wrapper using C++11 to
Author: Christopher <christopherhallock@gmail.com>
Date: Sat, 1 Nov 2014 09:52:33 -0700 (PDT)
Raw View
------=_Part_211_811095036.1414860753153
Content-Type: text/plain; charset=UTF-8
This is just one example of the broad hazard of C++ having value-changing
implicit conversions between signed and unsigned integer types. This
behavior was inherited from C and (presumably) can't be changed because
doing so would break everything. Fortunately, GCC and Clang can be
configured to warn about such cases with option -Wsign-conversion, and MSVC
warns about it if warning C4365 is enabled.
--
---
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
Visit this group at http://groups.google.com/a/isocpp.org/group/std-proposals/.
------=_Part_211_811095036.1414860753153
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">This is just one example of the broad hazard of C++ having=
value-changing implicit conversions between signed and unsigned integer ty=
pes. This behavior was inherited from C and (presumably) can't be changed b=
ecause doing so would break everything. Fortunately, GCC and Clang can be c=
onfigured to warn about such cases with option <span style=3D"font-family: =
courier new,monospace;">-Wsign-conversion</span>, and MSVC warns about it i=
f warning C4365 is enabled.<br></div>
<p></p>
-- <br />
<br />
--- <br />
You received this message because you are subscribed to the Google Groups &=
quot;ISO C++ Standard - Future Proposals" group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:std-proposals+unsubscribe@isocpp.org">std-proposa=
ls+unsubscribe@isocpp.org</a>.<br />
To post to this group, send email to <a href=3D"mailto:std-proposals@isocpp=
..org">std-proposals@isocpp.org</a>.<br />
Visit this group at <a href=3D"http://groups.google.com/a/isocpp.org/group/=
std-proposals/">http://groups.google.com/a/isocpp.org/group/std-proposals/<=
/a>.<br />
------=_Part_211_811095036.1414860753153--
.
Author: Thiago Macieira <thiago@macieira.org>
Date: Sat, 01 Nov 2014 10:21:21 -0700
Raw View
On Saturday 01 November 2014 05:58:20 Mantosh Kumar wrote:
> *malloc()* is still very important function in C program while writing low
> level library .However we know that this function can create all sorts of
> problem if you are not aware of some of its internal concepts. The argument
> type of *malloc()* is of *size_t* type which is typedef of some unsigned.
> Now if our program passes the argument to malloc() by *signed int* variable
> and if it becomes some negative value due to some reason, we are in big big
> trouble. Because under this situation, system would interpreted as requests
> for huge amounts of space, which will often fail.
Under what condition does does a positive signed int become negative while
undergoing type promotion to an unsigned type?
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Software Architect - Intel Open Source Technology Center
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
--
---
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
Visit this group at http://groups.google.com/a/isocpp.org/group/std-proposals/.
.
Author: Douglas Boffey <douglas.boffey@gmail.com>
Date: Sat, 1 Nov 2014 14:26:56 -0700 (PDT)
Raw View
------=_Part_760_523222566.1414877216406
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
So, if you want ten characters, and you type
char *buffer =3D my_malloc(10);
it should fail? I know this is covered by case 3, but *at the very least*,=
=20
a check should be made for constants.
test.cpp: In function =E2=80=98void check_unsigned()=E2=80=99:
test.cpp:9:17: error: =E2=80=98Is_unsigned_number=E2=80=99 was not declared=
in this scope
static_assert(Is_unsigned_number<T>(), "Non Unsigned Type Data Passed")=
;
^
test.cpp:9:37: error: expected primary-expression before =E2=80=98>=E2=80=
=99 token
static_assert(Is_unsigned_number<T>(), "Non Unsigned Type Data Passed")=
;
^
test.cpp:9:39: error: expected primary-expression before =E2=80=98)=E2=80=
=99 token
static_assert(Is_unsigned_number<T>(), "Non Unsigned Type Data Passed")=
;
^
--=20
---=20
You received this message because you are subscribed to the Google Groups "=
ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
Visit this group at http://groups.google.com/a/isocpp.org/group/std-proposa=
ls/.
------=_Part_760_523222566.1414877216406
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">So, if you want ten characters, and you type<br><br><div c=
lass=3D"prettyprint" style=3D"background-color: rgb(250, 250, 250); border-=
color: rgb(187, 187, 187); border-style: solid; border-width: 1px; word-wra=
p: break-word;"><code class=3D"prettyprint"><div class=3D"subprettyprint"><=
span style=3D"color: #008;" class=3D"styled-by-prettify">char</span><span s=
tyle=3D"color: #000;" class=3D"styled-by-prettify"> </span><span style=3D"c=
olor: #660;" class=3D"styled-by-prettify">*</span><span style=3D"color: #00=
0;" class=3D"styled-by-prettify">buffer </span><span style=3D"color: #660;"=
class=3D"styled-by-prettify">=3D</span><span style=3D"color: #000;" class=
=3D"styled-by-prettify"> my_malloc</span><span style=3D"color: #660;" class=
=3D"styled-by-prettify">(</span><span style=3D"color: #066;" class=3D"style=
d-by-prettify">10</span><span style=3D"color: #660;" class=3D"styled-by-pre=
ttify">);</span><span style=3D"color: #000;" class=3D"styled-by-prettify"><=
br><br></span></div></code></div><br>it should fail? I know this is c=
overed by case 3, but <i>at the very least</i>, a check should be made for =
constants.<br><br><span style=3D"font-family: courier new,monospace;">test.=
cpp: In function =E2=80=98void check_unsigned()=E2=80=99:<br>test.cpp:9:17:=
error: =E2=80=98Is_unsigned_number=E2=80=99 was not declared in this scope=
<br> static_assert(Is_unsigned_number<T>(), "Non Unsigned=
Type Data Passed");<br> &nb=
sp; ^<br>test.cpp:9:37: err=
or: expected primary-expression before =E2=80=98>=E2=80=99 token<br>&nbs=
p; static_assert(Is_unsigned_number<T>(), "Non Unsigned Type&nb=
sp; Data Passed");<br>  =
; &n=
bsp;  =
; ^<br>test.cpp:9:39: error: expected primary-expression before=
=E2=80=98)=E2=80=99 token<br> static_assert(Is_unsigned_number=
<T>(), "Non Unsigned Type Data Passed");<br> &=
nbsp; &nbs=
p; &=
nbsp; ^</span><br><br=
></div>
<p></p>
-- <br />
<br />
--- <br />
You received this message because you are subscribed to the Google Groups &=
quot;ISO C++ Standard - Future Proposals" group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:std-proposals+unsubscribe@isocpp.org">std-proposa=
ls+unsubscribe@isocpp.org</a>.<br />
To post to this group, send email to <a href=3D"mailto:std-proposals@isocpp=
..org">std-proposals@isocpp.org</a>.<br />
Visit this group at <a href=3D"http://groups.google.com/a/isocpp.org/group/=
std-proposals/">http://groups.google.com/a/isocpp.org/group/std-proposals/<=
/a>.<br />
------=_Part_760_523222566.1414877216406--
.