Bob Proulx wrote:
> > Compiling GNU gettext with a C++ compiler revealed a bug: an assignment
> > between an 'int' variable and an 'enum' variable that was not intended.
>
> Although I am sure it was not intended, what bad consequences would
> have resulted from the enum and int mixup?
msgfmt, on a PO file containing messages extracted from an awk program, could
have reported unwarranted errors.
> I have been seeing lots and lots of casts being added to the code. I
> think that is much more dangerous than a potential enum issue.
Can you explain what you find dangerous about a cast?
Before these patches, you could write
int *array = xmalloc (new_size * sizeof (short)),
and the C compiler would accept it without complaints.
You could also write
int *array = (int *) xmalloc (new_size * sizeof (short)),
and both the C and C++ compiler would accept it without complaints.
Furthermore, either way, there was no check against arithmetic overflow
in the multiplication.
Now you are encouraged to write
int *array = XNMALLOC (new_size, short),
and both the C and C++ compiler will shout at you. Plus, arithmetic overflow
in the multiplication is caught.
Which of the three styles do you find the least dangerous?
Bruno
