Author ztane
Recipients Jeffrey.Walton, alex, alexandre.vassalotti, christian.heimes, deadshort, dmalcolm, donmez, fweimer, gregory.p.smith, gvanrossum, jcea, jwilk, loewis, mark.dickinson, matejcik, nnorwitz, pitrou, python-dev, vstinner, ztane
Date 2016-07-10.13:05:56
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1468155956.8.0.0898850628094.issue1621@psf.upfronthosting.co.za>
In-reply-to
Content
One common case where signed integer overflow has been assumed has been the wraparound/overflow checks like in http://bugs.python.org/issue27473 

I propose that such commonly erroneous tasks such as overflow checks be implemented as common macros in CPython as getting them right is not quite easy (http://c-faq.com/misc/sd26.html); it would also make the C code more self-documenting.

Thus instead of writing

     if (va.len > PY_SSIZE_T_MAX - vb.len) {
  
one would write something like
    
    if (PY_SSIZE_T_SUM_OVERFLOWS(va.len, vb.len)) {

and the mere fact that such a macro *wasn't* used there would signal about possible problems with the comparison.
History
Date User Action Args
2016-07-10 13:05:57ztanesetrecipients: + ztane, gvanrossum, loewis, nnorwitz, gregory.p.smith, jcea, mark.dickinson, pitrou, vstinner, christian.heimes, alexandre.vassalotti, donmez, matejcik, jwilk, alex, dmalcolm, python-dev, deadshort, fweimer, Jeffrey.Walton
2016-07-10 13:05:56ztanesetmessageid: <1468155956.8.0.0898850628094.issue1621@psf.upfronthosting.co.za>
2016-07-10 13:05:56ztanelinkissue1621 messages
2016-07-10 13:05:56ztanecreate