From: Max Kirillov <max@max630.net>
To: Matthieu Moy <Matthieu.Moy@grenoble-inp.fr>
Cc: Max Kirillov <max@max630.net>, Junio C Hamano <gitster@pobox.com>,
git@vger.kernel.org, Karthik Nayak <karthik.188@gmail.com>,
Christian Couder <christian.couder@gmail.com>,
Michael Haggerty <mhagger@alum.mit.edu>
Subject: Re: [PATCH] strtoul_ui: actually report error in case of negative input
Date: Wed, 16 Sep 2015 07:20:38 +0300 [thread overview]
Message-ID: <20150916042037.GB7806@wheezy.local> (raw)
In-Reply-To: <vpq4miwfa78.fsf@anie.imag.fr>
On Tue, Sep 15, 2015 at 08:50:03AM +0200, Matthieu Moy wrote:
> I think it would be better to just return a long to avoid needless
> limitations, but changing the argument to "long" would interfer with
> in-flight topics. Not worth the trouble.
Sure.
>
> One potential issue with your patch is that you're forbidding the
> interval [2^31, 2^32[ which was previously allowed, both on 32 and 64
> bits. I'm not sure whether we have a use for this in the codebase.
As far as I could see it was used only for file modes. Which
does not need that big numbers.
> This alternative patch is rather ugly to, but I think it is less
> limiting and does not have the "large negative wrapped to positive"
> issue:
>
> --- a/git-compat-util.h
> +++ b/git-compat-util.h
> @@ -814,6 +814,9 @@ static inline int strtoul_ui(char const *s, int base, unsigned int *result)
> char *p;
>
> errno = 0;
> + /* negative values would be accepted by strtoul */
> + if (strchr(s, '-'))
> + return -1;
> ul = strtoul(s, &p, base);
> if (errno || *p || p == s || (unsigned int) ul != ul)
> return -1;
>
> What do you think?
Explicit rejection of '-' is of course useful addition.
I still find "(unsigned int) ul != ul" bad. As far as I
understand it makes no sense for i386. And even for 64-bit
it's too obscure. In form of "(ul & 0xffffffffL) == 0" it
would be more clear. Or just make explicit comparison with
intended limit, like I did.
Well, actually I don't have strong preferences as long as
"make -C t" does not alarm me with things I did not break.
Maybe somebody else will comment more.
--
Max
next prev parent reply other threads:[~2015-09-16 4:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-13 22:00 [PATCH] strtoul_ui: actually report error in case of negative input Max Kirillov
2015-09-14 6:30 ` Matthieu Moy
2015-09-14 20:26 ` Max Kirillov
2015-09-15 6:50 ` Matthieu Moy
2015-09-16 1:17 ` Junio C Hamano
2015-09-16 4:20 ` Max Kirillov [this message]
2015-09-16 6:08 ` Matthieu Moy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150916042037.GB7806@wheezy.local \
--to=max@max630.net \
--cc=Matthieu.Moy@grenoble-inp.fr \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=karthik.188@gmail.com \
--cc=mhagger@alum.mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).