> -----Original Message----- > From: Sherif Ramadan [mailto:theanomaly...@gmail.com] > Sent: Friday, August 21, 2015 12:00 PM > To: Anatol Belski <anatol....@belski.net> > Cc: Dmitry Stogov <dmi...@php.net>; Xinchen Hui <xinche...@zend.com>; > Nikita Popov <nikita....@gmail.com>; Pierre Joye <pierre....@gmail.com>; > Bob Weinand <bobw...@hotmail.com>; Jakub Zelenka <bu...@php.net>; Matt > Wilmas <php_li...@realplain.com>; PHP Internals <internals@lists.php.net> > Subject: Re: [PHP-DEV] Overflow checks and integral vars comparison > > I think you're a little optimistic about how effective these macros would be > for > overflow checks. Also, if we're talking ANSI C or C99, then size_t is always > unsigned, and as far as I know GCC 2.4 always treats it as such. > If we're trying to stick to C here anyway. > > As far as architecture specific stuff I would much rather rely on using the > built-in > GCC overflow checks here https://gcc.gnu.org/onlinedocs/gcc/Integer- > Overflow-Builtins.html > Yes, this is a good idea as a further extension of such mechanics. However you're talking about a different topic that I've proposed now. > ... as they are much safer and likely going to be far more performant than > doing > all these casts everywhere. Not to mention the fact that you can actually > catch > the overflow at the actual arithmetic level, where it's safe, and hopefully > be able > to rely on the ISA's overflow or carry bits. If we're trying to detect > overflows or > wraps after the fact, you don't add much in the way of security. For example, > I'm not at all sure how (zlong) < (zend_long)INT_MIN will ever detect an > overflow. > What I'm talking about is detecting whether a variable of zend_long or size_t is in the safe range to be passed to a signature requiring int. This is quite a minimalistic start in this direction.
Also please remember that there is not only GCC in the world. It is quite another topic to implement overflow checks portable ways, some intrinsics can be here of some help, too. But rather than hitting quite a global thing, I'd rather start on what is simple and is for sure an issue at least with some dependency libs. Regards Anatol -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
