From 67133192afc14bdb97518840579baad722c9c304 Mon Sep 17 00:00:00 2001
From: Monty <xiphmont@xiph.org>
Date: Fri, 4 Jun 2010 06:01:33 +0000
Subject: Two cleanups of buffer LONG_MAX overflow hardening:

GCC optimizes out the overflow check due to the overflow check reyling on overflow;
reimplement using type-based TYPE_MAX macro

Correct an accidental assignment-during-check that wasn't a bug, but was
semantically incorrect and rightly triggered a compilation warning.


svn path=/trunk/ogg/; revision=17270
---
 include/ogg/os_types.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'include')

diff --git a/include/ogg/os_types.h b/include/ogg/os_types.h
index 4d4315d..cefd04f 100644
--- a/include/ogg/os_types.h
+++ b/include/ogg/os_types.h
@@ -24,6 +24,19 @@
 #define _ogg_realloc realloc
 #define _ogg_free    free
 
+/* get non-brittle portable type-based MIN/MAX. Assumes 2's-complement
+   math */
+#define TYPE_HALF_MAX_SIGNED(type) \
+  ((typeof(type))1 << (sizeof(type)*8-2))
+#define TYPE_MAX_SIGNED(type) \
+  (TYPE_HALF_MAX_SIGNED(type) - 1 + TYPE_HALF_MAX_SIGNED(type))
+#define TYPE_MIN_SIGNED(type) \
+  (-1 - TYPE_MAX_SIGNED(type))
+#define TYPE_MIN(type) \
+  ((typeof(type))-1 < 1?TYPE_MIN_SIGNED(type):(typeof(type))0)
+#define TYPE_MAX(type) \
+  ((typeof(type))~TYPE_MIN(type))
+
 #if defined(_WIN32) 
 
 #  if defined(__CYGWIN__)
-- 
cgit v1.2.1