diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2005-07-05 06:31:46 +0000 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2005-07-05 06:31:46 +0000 |
| commit | 413a45b973fd56f4e3a551bb6754199e18894d8d (patch) | |
| tree | cc6e369609a57c8f8de4e0c911bee9e628a458cf /src/system.h | |
| parent | fed2b7273d0ed706ec56ed2c4159ba73dc558435 (diff) | |
| download | coreutils-413a45b973fd56f4e3a551bb6754199e18894d8d.tar.xz | |
(VERIFY_W_TYPEOF): Remove; no longer needed.
(DECIMAL_DIGIT_ACCUMULATE): Change last arg from T's maximum value
to T itself. All callers changed. Check that T is unsigned, and
that Accum is of type T. This fixes a bug in the unlikely case
where SIZE_MAX <= INT_MAX, and it no longer requires typeof to do
the proper validity checks.
Diffstat (limited to 'src/system.h')
| -rw-r--r-- | src/system.h | 33 |
1 files changed, 13 insertions, 20 deletions
diff --git a/src/system.h b/src/system.h index c513de32c..a22bfb04e 100644 --- a/src/system.h +++ b/src/system.h @@ -807,25 +807,18 @@ ptr_align (void const *ptr, size_t alignment) return (void *) (p1 - (size_t) p1 % alignment); } -/* With a compiler that supports the __typeof__ operator, ensure that - TYPEOF_REQUIREMENT is nonzero at compile time. If the compiler does - not support __typeof__, do nothing. */ -#if HAVE_TYPEOF -# define VERIFY_W_TYPEOF(typeof_requirement) verify_expr (typeof_requirement) -#else -# define VERIFY_W_TYPEOF(typeof_requirement) ((void) 0) -#endif - -/* If 10*Accum+Digit_val is larger than Type_max, then don't update Accum - and return zero to indicate it would overflow. Otherwise, set Accum to - that new value and return nonzero. With a compiler that provides the - __typeof__ operator, perform a compile-time check to verify that the - specified Type_max value is the same as the constant derived from the - type of Accum. */ -#define DECIMAL_DIGIT_ACCUMULATE(Accum, Digit_val, Type_max) \ +/* If 10*Accum + Digit_val is larger than the maximum value for Type, + then don't update Accum and return false to indicate it would + overflow. Otherwise, set Accum to that new value and return true. + Verify at compile-time that Type is Accum's type, and that Type is + unsigned. Accum must be an object, so that we can take its address. + Accum and Digit_val may be evaluated multiple times. */ + +#define DECIMAL_DIGIT_ACCUMULATE(Accum, Digit_val, Type) \ ( \ - /* Ensure that Type_max is the maximum value of Accum. */ \ - VERIFY_W_TYPEOF (TYPE_MAXIMUM (__typeof__ (Accum)) == (Type_max)), \ - ((Type_max) / 10 < Accum || Accum * 10 + (Digit_val) < Accum \ - ? 0 : ((Accum = Accum * 10 + (Digit_val)), 1)) \ + (void) (&(Accum) == (Type *) NULL), /* The type matches. */ \ + verify_expr (! TYPE_SIGNED (Type)), /* The type is unsigned. */ \ + (((Type) -1 / 10 < (Accum) \ + || (Type) ((Accum) * 10 + (Digit_val)) < (Accum)) \ + ? false : (((Accum) = (Accum) * 10 + (Digit_val)), true)) \ ) |