Hi Wolfgang,
On Mon, Oct 21, 2013 at 3:55 PM, Wolfgang Denk wd@denx.de wrote:
Dear Michael,
In message CAPx6ZwHLn-VABzQOyAMF+T2VyQEc3MZDi1E_kdTVZG8OkJmBYA@mail.gmail.com you wrote:
it's possible that these checks could be simply optimised away. The
This is not hwat happens.
Actually, it is my understanding that the "if (p + len < p)" can be optimized away. This exact case is discussed in the LWN article "GCC and pointer overflows"[1].
No, this does not apply here. You miss a key point. We are not doing any pointer arithmetics here. We have:
int offset; unsigned int len;and then do:
if (((offset + len) < offset) ...)
We seem to have a misunderstanding, I did not mean to imply that the "offset + len" expression was undefined. I agree that it is fine. I was referring to this statement from Aaron's original email:
if (p + len < p)
Which is following:
const char *p; unsigned int len;
That is the statement which is utilizing pointer overflow. .
--001a1133769056575204e93035f1 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Can you please stop posting HTML? Thanks!
Sorry about that! Hopefully this message is correct.
Regards, Michael Pratt