Bruno Haible wrote: > Jim Meyering wrote: >> Nice and thorough work. Thanks for covering almost all of the >> remaining cases. > > OK, here's a proposed patch, for inttostr. If that works fine, I'll continue > with the *sprintf variants in libunistring. > > > 2010-10-17 Jim Meyering <meyer...@redhat.com> > Bruno Haible <br...@clisp.org> > > Add bounds checking to the inttostr() and similar functions. > * lib/anytostr.c (_GL_NO_FORTIFY): Define. > Include <stdlib.h>. > (anytostr_chk): New function. > * lib/inttostr.h (_GL_STRINGIFY, _GL_CONCAT): New macros. > (imaxtostr_chk, inttostr_chk, offtostr_chk, uinttostr_chk, > umaxtostr_chk): New declarations. > (_GL_pointed_object_size, _GL_ASM_SYMBOL_PREFIX): New macros. > (_GL_DEFINE_INTTOSTR_FUNCS): New macro. > (imaxtostr, inttostr, offtostr, uinttostr, umaxtostr): Redefine as > macros with bounds checking. > * lib/verify.h (_GL_CONCAT): Ensure no redefinition. > * m4/inttostr.m4 (gl_PREREQ_INTTOSTR): Require gl_ASM_SYMBOL_PREFIX. > * modules/inttostr (Files): Add m4/asm-underscore.m4. > * modules/inttostr-tests (Files): Add tests/test-inttostr2.c. > * tests/test-inttostr2.c: New file.
That looks fine, and passed when used in coreutils. Thanks again. For the record, it'd help me test things like this if you were to post git format-patch output. The patch you posted does not take care of automatically adding new files like test-inttostr2.c, whereas with format-patch output, my applying it via "git am FILE" would have "git add"ed it. As it was, my first round of testing failed because I didn't take the extra manual step of git-adding that file temporarily to my gnulib directory before git syncsub && git commit && bootstrap in coreutils.
