From: Matthieu Moy <Matthieu.Moy@grenoble-inp.fr>
To: Max Kirillov <max@max630.net>
Cc: Junio C Hamano <gitster@pobox.com>,
git@vger.kernel.org, Karthik Nayak <karthik.188@gmail.com>,
Christian Couder <christian.couder@gmail.com>,
Michael Haggerty <mhagger@alum.mit.edu>
Subject: Re: [PATCH] strtoul_ui: actually report error in case of negative input
Date: Wed, 16 Sep 2015 08:08:43 +0200 [thread overview]
Message-ID: <vpq1tdy99qs.fsf@anie.imag.fr> (raw)
In-Reply-To: <20150916042037.GB7806@wheezy.local> (Max Kirillov's message of "Wed, 16 Sep 2015 07:20:38 +0300")
Max Kirillov <max@max630.net> writes:
> On Tue, Sep 15, 2015 at 08:50:03AM +0200, Matthieu Moy wrote:
>> --- a/git-compat-util.h
>> +++ b/git-compat-util.h
>> @@ -814,6 +814,9 @@ static inline int strtoul_ui(char const *s, int base, unsigned int *result)
>> char *p;
>>
>> errno = 0;
>> + /* negative values would be accepted by strtoul */
>> + if (strchr(s, '-'))
>> + return -1;
>> ul = strtoul(s, &p, base);
>> if (errno || *p || p == s || (unsigned int) ul != ul)
>> return -1;
>>
>> What do you think?
>
> Explicit rejection of '-' is of course useful addition.
>
> I still find "(unsigned int) ul != ul" bad. As far as I
> understand it makes no sense for i386.
Nothing would make sense here for i386: there's no case where you want
to reject anything on this architecture. Well, you may have expected
strtoul to reject big numbers, but it did not and it's too late.
> And even for 64-bit it's too obscure. In form of "(ul & 0xffffffffL)
> == 0" it would be more clear.
I disagree. "(unsigned int) ul != ul" reads immediately as "if casting
ul to unsigned int changes its value", regardless of sizeof(int). This
is exactly what the check is doing.
> Or just make explicit comparison with intended limit, like I did.
What you really want is to compare with UINT_MAX which would not make
sense on 32 bits architectures.
--
Matthieu Moy
http://www-verimag.imag.fr/~moy/
prev parent reply other threads:[~2015-09-16 6:09 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-13 22:00 [PATCH] strtoul_ui: actually report error in case of negative input Max Kirillov
2015-09-14 6:30 ` Matthieu Moy
2015-09-14 20:26 ` Max Kirillov
2015-09-15 6:50 ` Matthieu Moy
2015-09-16 1:17 ` Junio C Hamano
2015-09-16 4:20 ` Max Kirillov
2015-09-16 6:08 ` Matthieu Moy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=vpq1tdy99qs.fsf@anie.imag.fr \
--to=matthieu.moy@grenoble-inp.fr \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=karthik.188@gmail.com \
--cc=max@max630.net \
--cc=mhagger@alum.mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.