From e6c342016d0aaf459c19f00607023330553b8446 Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Tue, 11 Nov 2003 07:06:53 +0000 Subject: Update from gnulib. --- lib/xalloc.h | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/xalloc.h b/lib/xalloc.h index 72400e04a..571e53c04 100644 --- a/lib/xalloc.h +++ b/lib/xalloc.h @@ -21,6 +21,9 @@ # define XALLOC_H_ # include +# if HAVE_STDINT_H +# include +# endif # ifndef __attribute__ # if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 8) || __STRICT_ANSI__ @@ -62,8 +65,20 @@ char *xstrdup (const char *str); /* Return 1 if an array of N objects, each of size S, cannot exist due to size arithmetic overflow. S must be positive and N must be nonnegative. This is a macro, not an inline function, so that it - works correctly even when SIZE_MAX < N. */ -# define xalloc_oversized(n, s) ((size_t) -1 / (s) < (n)) + works correctly even when SIZE_MAX < N. + + By gnulib convention, SIZE_MAX represents overflow in size + calculations, so the conservative dividend to use here is + SIZE_MAX - 1, since SIZE_MAX might represent an overflowed value. + However, malloc (SIZE_MAX) fails on all known hosts where + PTRDIFF_MAX < SIZE_MAX, so do not bother to test for + exactly-SIZE_MAX allocations on such hosts; this avoids a test and + branch when S is known to be 1. */ +# if defined PTRDIFF_MAX && PTRDIFF_MAX < SIZE_MAX +# define xalloc_oversized(n, s) (SIZE_MAX / (s) < (n)) +# else /* SIZE_MAX might not be defined, so avoid (SIZE_MAX - 1). */ +# define xalloc_oversized(n, s) ((size_t) -2 / (s) < (n)) +# endif /* These macros are deprecated; they will go away soon, and are retained temporarily only to ease conversion to the functions described above. */ -- cgit v1.2.3-54-g00ecf