On Mon, 11 Jan 2010, Andrey Chernov wrote:
On Mon, Jan 11, 2010 at 02:29:03PM +1100, Bruce Evans wrote:
3) errno should be EOVERFLOW, see other owerflow checks in the stdio.
There are none. I (we?) intentionally didn't set errno when the correct
F.e. see fseek()/fseeko() stdio checks, as P
On Mon, Jan 11, 2010 at 02:29:03PM +1100, Bruce Evans wrote:
> calloc() has the same overflow bug, if any. Standards seem to require
> fread and calloc to work even if the multiplication would occur, though
> they cannot work in most cases where the multiplication would occur,
> even if the overfl
On Mon, Jan 11, 2010 at 02:29:03PM +1100, Bruce Evans wrote:
> >> 3) errno should be EOVERFLOW, see other owerflow checks in the stdio.
>
> There are none. I (we?) intentionally didn't set errno when the correct
F.e. see fseek()/fseeko() stdio checks, as POSIX says:
[EOVERFLOW] For fseek(), the
On Sun, 10 Jan 2010, Colin Percival wrote:
Andrey Chernov wrote:
On Sun, Jan 10, 2010 at 02:30:30PM +, Colin Percival wrote:
...
2) fp->_flags |= __SERR;
This flag is for errors in the file stream, not for errors in
the arguments. Please back that line out.
I agree.
Quoting fread(3):
On Mon, Jan 11, 2010 at 12:06:18AM +0100, Jilles Tjoelker wrote:
> > I picked EINVAL because this is the code used by read(2) and write(2) if
> > they
> > are passed nbytes > INT_MAX. It would seem odd to use one error code for a
> > number of bytes between INT_MAX and SIZE_MAX and then switch to
On Sun, Jan 10, 2010 at 02:18:58PM -0800, Colin Percival wrote:
> Andrey Chernov wrote:
> > On Sun, Jan 10, 2010 at 02:30:30PM +, Colin Percival wrote:
> >> + if (((count | size) > 0x) &&
> >> + (count > SIZE_MAX / size)) {
> >> + errno = EINVAL;
> >> + fp->_flags |=
Andrey Chernov wrote:
> On Sun, Jan 10, 2010 at 02:30:30PM +, Colin Percival wrote:
>> +if (((count | size) > 0x) &&
>> +(count > SIZE_MAX / size)) {
>> +errno = EINVAL;
>> +fp->_flags |= __SERR;
>> +return (0);
>> +}
>
> 1) I don't think
On Sun, Jan 10, 2010 at 02:30:30PM +, Colin Percival wrote:
> + * Check for integer overflow. As an optimization, first check that
> + * at least one of {count, size} is at least 2^16, since if both
> + * values are less than that, their product can't possible overflow
> +
Author: cperciva
Date: Sun Jan 10 14:30:30 2010
New Revision: 201999
URL: http://svn.freebsd.org/changeset/base/201999
Log:
Give a less silly response to a silly request.
Prior to this commit, fread/fwrite calls with size * nmemb > SIZE_MAX
were handled by reading or writing (size_t)(size
