[issue1621] Do not assume signed integer overflow behavior
Antti Haapala
report at bugs.python.org
Sun Jul 10 09:05:56 EDT 2016
Antti Haapala added the comment:
One common case where signed integer overflow has been assumed has been the wraparound/overflow checks like in http://bugs.python.org/issue27473
I propose that such commonly erroneous tasks such as overflow checks be implemented as common macros in CPython as getting them right is not quite easy (http://c-faq.com/misc/sd26.html); it would also make the C code more self-documenting.
Thus instead of writing
if (va.len > PY_SSIZE_T_MAX - vb.len) {
one would write something like
if (PY_SSIZE_T_SUM_OVERFLOWS(va.len, vb.len)) {
and the mere fact that such a macro *wasn't* used there would signal about possible problems with the comparison.
----------
nosy: +ztane
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1621>
_______________________________________
More information about the Python-bugs-list
mailing list