Skip to content

path.d: add overflow checks #4713

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dlang-bot merged 1 commit into from
May 20, 2017
Merged

path.d: add overflow checks #4713

dlang-bot merged 1 commit into from
May 20, 2017

Conversation

@WalterBright
Copy link
Member

@WalterBright WalterBright commented Aug 4, 2016

No description provided.

@WalterBright
Copy link
Member Author

WalterBright commented Aug 5, 2016

This uncovered a latent bug, too. errno wasn't being set.

@9il 9il added the overflow label Aug 5, 2016
schveiguy
schveiguy reviewed Aug 5, 2016
View reviewed changes
std/path.d
if (errno != ERANGE)
if (errno != ERANGE &&
// On FreeBSD and OSX, errno can be left at 0 instead of set to ERANGE
errno != 0)
Copy link
Member

@schveiguy schveiguy Aug 5, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this check come inside the if clause above? I mean, I didn't think errno had any specified meaning if your return from the syscall was 0. It's always "if this returns nonzero, check errno".

Copy link
Member Author

@WalterBright WalterBright May 20, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The idea is to have a "not enough memory" error result in increasing the memory size, and that is different from some other error.

@MartinNowak MartinNowak mentioned this pull request Aug 8, 2016
Closed
@quickfur
Copy link
Member

quickfur commented Mar 28, 2017

ping @WalterBright

Can we move forward with this PR please?

MetaLang
MetaLang reviewed Mar 28, 2017
View reviewed changes
std/path.d
import core.checkedint : mulu;
bool overflow;
extra_memory_size = mulu(extra_memory_size, 2, overflow);
if (overflow) assert(0);
Copy link
Member

@MetaLang MetaLang Mar 28, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was going to leave a comment about how there should be an assert message, but is the message even printed when using assert(0)?

Copy link
Contributor

@JackStouffer JackStouffer Mar 28, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes

Copy link
Member

@jmdavis jmdavis Mar 28, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The message is printed if not built with -release, because in that case, assert(0) is compiled in like any assertion would be and throws an AssertError. However, with -release, when assertions are compiled out, it becomes a HLT instruction, and there is no message.

Copy link
Member

@MetaLang MetaLang Mar 28, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a better solution here than just halting the program when there's an overflow? We're talking about people's programs potentially crashing and there being no indication as to what happened.

Copy link
Contributor

@JackStouffer JackStouffer Mar 28, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, you could throw an exception, or you could throw a static error singleton as Andrei has proposed before. Both come with their own problems.

Copy link
Contributor

@JackStouffer JackStouffer Mar 28, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Andrei kind of halted Walter's addition of overflow checks with his checked int module because he believed that was the right way to do things. I don't really see why these need to be stopped in the mean time though

@dlang-bot dlang-bot merged commit fcf17a6 into dlang:master May 20, 2017
@WalterBright WalterBright deleted the path-overflow branch May 20, 2017 21:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmdavis jmdavis jmdavis left review comments

@andralex andralex andralex approved these changes

+2 more reviewers

@JackStouffer JackStouffer JackStouffer left review comments

@MetaLang MetaLang MetaLang left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Merge:auto-merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@WalterBright @quickfur @andralex @jmdavis @schveiguy @JackStouffer @MetaLang @9il @dlang-bot