Mention that S+T cannot overflow if S is the size of an existing

object and T is sufficiently small.
author: Paul Eggert <eggert@cs.ucla.edu> 2003-11-17 21:47:16 +0000
committer: Paul Eggert <eggert@cs.ucla.edu> 2003-11-17 21:47:16 +0000
commit: 9b1421e27185130c8a169af0d00bb9016d2dabb5 (patch)
tree: 40e699f8c5b0407d333544ae697fb078f31d5427 /README
parent: 67b2f1e283d23982a7b0b5eec7d546532bf0322f (diff)
download: gnulib-9b1421e27185130c8a169af0d00bb9016d2dabb5.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/README b/README
index fa26478e5c..ea528bd9b5 100644
--- a/README
+++ b/README
@@ -130,6 +130,11 @@ as well.  GNULib code makes the following additional assumptions:
    for all practical hosts with flat address spaces, but it is not
    always true for hosts with segmented address spaces.
 
+ * If an existing object has size S, and if T is sufficiently small
+   (e.g., 8 KiB), then S + T cannot overflow.  Overflow in this case
+   would mean that the rest of your program fits into T bytes, which
+   can't happen in realistic flat-address-space hosts.
+
  * Objects with all bits zero are treated as 0 or NULL.  For example,
    memset (A, 0, sizeof A) initializes an array A of pointers to NULL.
author	Paul Eggert <eggert@cs.ucla.edu>	2003-11-17 21:47:16 +0000
committer	Paul Eggert <eggert@cs.ucla.edu>	2003-11-17 21:47:16 +0000
commit	9b1421e27185130c8a169af0d00bb9016d2dabb5 (patch)
tree	40e699f8c5b0407d333544ae697fb078f31d5427 /README
parent	67b2f1e283d23982a7b0b5eec7d546532bf0322f (diff)
download	gnulib-9b1421e27185130c8a169af0d00bb9016d2dabb5.tar.gz