On 07-10-2010 08:28, Jeffrey Walton wrote:
On Wed, Oct 6, 2010 at 8:45 PM, Darryl Miles
<darryl-mailingli...@netbauds.net> wrote:
[SNIP]
Oh, and stdint.h is not available with all compilers!
Isn't this an ANSI requirement, ah well, poor compiler users what standards
do they conform to then ?
Like the safer string functions (strcpy_s and friends) and TR 24731-1
which is now part of the C1X draft (Annex K)?
Don't tell me this MS nonsense is being standardized, It is a
pointy-haired conflation of replacing unsafe functions (such as plain strcpy
of an untrusted input) with functions that *can* be mishandled (such
as memcpy). Supplemented by non-solving of the real problems in current
safe functions such as strncpy (string not terminated if limit reached),
snprintf (ditto plus industry-wide disagreement on the correct return
value).
---
Anyway, the problem with stdint.h is that it was a late addition to ANSI
C, and may not have been in the original C89/C90 standard. Thus it
is not in compilers that conform to the older version of the standard.
limits.h is more commonly available and could be used with a bunch of
#if lines to determine which int type is most appropriate for any
specific size. I have seen such logic in various other crypto libraries
that don't have a "configure" step before compiling.
---
However my point in listing what I believe from experience to be safe
programming assumptions was that blindly using "int" or "long" where
the proper type would be "size_t", "ssize_t", "ptrdiff_t", "off_t" or
similar is certainly wrong.
Note that "size_t" and "ptrdiff_t" are in ANSI C89/C90 stdlib.h, while
"ssize_t" and "off_t" are not on all platforms and may thus need to be
abstracted to library specific types "ossl_ssize_t" and "ossl_off_t"
defined to the similar standard types where available or to
automatically selected base types where not.
For instance many UNIX-like platforms would simply do this:
#if SOME_CONDITION_IMPLYING_AVAILABILITY
typedef off_t ossl_off_t;
typedef ssize_t ossl_ssize_t;
#endif
Windows (all known variants) would do this:
#elif SOME_CONDITION_IMPLYING_WINDOWS
typedef __int64 ossl_off_t;
#if defined(__midl) && 501 < __midl
typedef __int3264 ossl_ssize_t;
// RPC type that can handle passing this between 32 and 64 bit
// programs in RPC calls.
#if defined(_WIN64)
typedef __int64 ossl_ssize_t;
#elif _MSC_VER >= 1300
typedef __w64 long ossl_ssize_t;
// __w64 tells type checker this will grow to __int64 on 64 bit
// and to adjust its warnings accordingly. This silences
// warnings about mixing with size_t and pointers while
// producing warnings about mixing with non-__w64 long/int.
#else
typedef long ossl_ssize_t:
#endif
#endif
DOS and OS/2 (using "large" or "huge" compile mode if 16 bit) would do
this:
#elif SOME_CONDITION_IMPLYING_DOSOROS2
typedef long ossl_off_t;
typedef long ossl_ssize_t;
#endif
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
