<<< Date Index >>>     <<< Thread Index >>>

Re: [PATCH 4 of 9] Fix comparison signedness warnings



Am 07.08.2010, 07:46 Uhr, schrieb Michael Elkins:

Alternate version with addition check to make sure cast is safe.

# HG changeset patch
# User Matthias Andree <matthias.andree@xxxxxx>
# Date 1281124373 -7200
# Branch HEAD
# Node ID f6590ddfaf4f1317b85345156a62397f1b530213
# Parent  12ffab6683cd85ed8407683ef377f20798d126b4
Fix comparison signedness warnings.

diff -r 12ffab6683cd -r f6590ddfaf4f buffy.c
--- a/buffy.c   Fri Aug 06 21:52:36 2010 +0200
+++ b/buffy.c   Fri Aug 06 21:52:53 2010 +0200
@@ -456,13 +456,11 @@
    BUFFY *tmp;
    char path[_POSIX_PATH_MAX];
    char buffylist[2*STRING];
-  int pos;
-  int first;
+  size_t pos = 0;
+  int first = 1;
   int have_unnotified = BuffyNotify;
-  pos = 0;
-  first = 1;
    buffylist[0] = 0;
pos += strlen (strncat (buffylist, _("New mail in "), sizeof (buffylist) - 1 - pos)); /* __STRNCAT_CHECKED__ */
    for (tmp = Incoming; tmp; tmp = tmp->next)
@@ -474,7 +472,7 @@
      strfcpy (path, tmp->path, sizeof (path));
      mutt_pretty_mailbox (path, sizeof (path));
-    if (!first && pos + strlen (path) >= COLS - 7)
+ if (!first && (COLS - 7 >= 0) && (pos + strlen (path) >= (size_t)COLS - 7))

Good catch. I was assuming that. Depending on compiler, it will be more efficient to write COLS >= 7 :)

Would something like

/* compare the first size_t argument a to the signed-typed argument b */
#define SIZET_GE(a, b)  ((b) >= 0 && (a) >= (size_t)(b))
#define SIZET_GT(a, b)  ((b) >= 0 && (a) > (size_t)(b))

be useful? That would allow writing:

        if (!first && SIZET_GE(pos + strlen(path), COLS - 7))

(C sometimes sucks because it's too close to the bits, meaning it's sometimes painfully low-level to get every corner case safe. I say that as someone who's been using C for two decades now.)

--
Matthias Andree