diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2019-01-20 14:27:57 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-20 14:27:57 +0000 |
| commit | 86b522bdefafc0c4fda7d79e67ede7595de7544c (patch) | |
| tree | 69a3f87144c16f17afd66c623509d48991f5fdfa | |
| parent | b5a3ef3cc6b73813e85e0bb4c7afcdbb6c8ee220 (diff) | |
| parent | 75444d97fd5bc13be922714f2977a483c5303286 (diff) | |
| download | libgit2-86b522bdefafc0c4fda7d79e67ede7595de7544c.tar.gz | |
Merge pull request #4945 from libgit2/ethomson/fix-intrinsics
Add/multiply with overflow tweaks
| -rw-r--r-- | src/integer.h | 54 |
1 files changed, 32 insertions, 22 deletions
diff --git a/src/integer.h b/src/integer.h index 30528db59..10b109737 100644 --- a/src/integer.h +++ b/src/integer.h @@ -42,34 +42,44 @@ GIT_INLINE(int) git__is_int(long long p) return p == (long long)r; } -/** - * Sets `one + two` into `out`, unless the arithmetic would overflow. - * @return true if the result fits in a `uint64_t`, false on overflow. - */ -GIT_INLINE(bool) git__add_uint64_overflow(uint64_t *out, uint64_t one, uint64_t two) -{ - if (UINT64_MAX - one < two) - return true; - *out = one + two; - return false; -} - /* Use clang/gcc compiler intrinsics whenever possible */ -#if (SIZE_MAX == ULONG_MAX) && __has_builtin(__builtin_uaddl_overflow) -# define git__add_sizet_overflow(out, one, two) \ - __builtin_uaddl_overflow(one, two, out) -# define git__multiply_sizet_overflow(out, one, two) \ - __builtin_umull_overflow(one, two, out) -#elif (SIZE_MAX == UINT_MAX) && __has_builtin(__builtin_uadd_overflow) +#if (__has_builtin(__builtin_add_overflow) || \ + (defined(__GNUC__) && (__GNUC__ >= 5))) + +# if (SIZE_MAX == UINT_MAX) +# define git__add_sizet_overflow(out, one, two) \ + __builtin_uadd_overflow(one, two, out) +# define git__multiply_sizet_overflow(out, one, two) \ + __builtin_umul_overflow(one, two, out) +# elif (SIZE_MAX == ULONG_MAX) +# define git__add_sizet_overflow(out, one, two) \ + __builtin_uaddl_overflow(one, two, out) +# define git__multiply_sizet_overflow(out, one, two) \ + __builtin_umull_overflow(one, two, out) +# elif (SIZE_MAX == ULLONG_MAX) +# define git__add_sizet_overflow(out, one, two) \ + __builtin_uaddll_overflow(one, two, out) +# define git__multiply_sizet_overflow(out, one, two) \ + __builtin_umulll_overflow(one, two, out) +# else +# error compiler has add with overflow intrinsics but SIZE_MAX is unknown +# endif + +/* Use Microsoft's safe integer handling functions where available */ +#elif defined(_MSC_VER) + +# include <intsafe.h> + # define git__add_sizet_overflow(out, one, two) \ - __builtin_uadd_overflow(one, two, out) + (SizeTAdd(one, two, out) != S_OK) # define git__multiply_sizet_overflow(out, one, two) \ - __builtin_umul_overflow(one, two, out) + (SizeTMult(one, two, out) != S_OK) + #else /** * Sets `one + two` into `out`, unless the arithmetic would overflow. - * @return true if the result fits in a `size_t`, false on overflow. + * @return false if the result fits in a `size_t`, true on overflow. */ GIT_INLINE(bool) git__add_sizet_overflow(size_t *out, size_t one, size_t two) { @@ -81,7 +91,7 @@ GIT_INLINE(bool) git__add_sizet_overflow(size_t *out, size_t one, size_t two) /** * Sets `one * two` into `out`, unless the arithmetic would overflow. - * @return true if the result fits in a `size_t`, false on overflow. + * @return false if the result fits in a `size_t`, true on overflow. */ GIT_INLINE(bool) git__multiply_sizet_overflow(size_t *out, size_t one, size_t two) { |