diff options
author | Monty <xiphmont@xiph.org> | 2010-06-04 06:01:33 +0000 |
---|---|---|
committer | Monty <xiphmont@xiph.org> | 2010-06-04 06:01:33 +0000 |
commit | 67133192afc14bdb97518840579baad722c9c304 (patch) | |
tree | b88eb7342a8ba6c8be5a02912e742724c1bcb35f /include/ogg/os_types.h | |
parent | e64842ca0c77b39fafc4522ba5c22618ab9e01c4 (diff) | |
download | ogg-git-67133192afc14bdb97518840579baad722c9c304.tar.gz |
Two cleanups of buffer LONG_MAX overflow hardening:
GCC optimizes out the overflow check due to the overflow check reyling on overflow;
reimplement using type-based TYPE_MAX macro
Correct an accidental assignment-during-check that wasn't a bug, but was
semantically incorrect and rightly triggered a compilation warning.
svn path=/trunk/ogg/; revision=17270
Diffstat (limited to 'include/ogg/os_types.h')
-rw-r--r-- | include/ogg/os_types.h | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/include/ogg/os_types.h b/include/ogg/os_types.h index 4d4315d..cefd04f 100644 --- a/include/ogg/os_types.h +++ b/include/ogg/os_types.h @@ -24,6 +24,19 @@ #define _ogg_realloc realloc #define _ogg_free free +/* get non-brittle portable type-based MIN/MAX. Assumes 2's-complement + math */ +#define TYPE_HALF_MAX_SIGNED(type) \ + ((typeof(type))1 << (sizeof(type)*8-2)) +#define TYPE_MAX_SIGNED(type) \ + (TYPE_HALF_MAX_SIGNED(type) - 1 + TYPE_HALF_MAX_SIGNED(type)) +#define TYPE_MIN_SIGNED(type) \ + (-1 - TYPE_MAX_SIGNED(type)) +#define TYPE_MIN(type) \ + ((typeof(type))-1 < 1?TYPE_MIN_SIGNED(type):(typeof(type))0) +#define TYPE_MAX(type) \ + ((typeof(type))~TYPE_MIN(type)) + #if defined(_WIN32) # if defined(__CYGWIN__) |