Re: CVS update: subversion/subversion/libsvn_wc propdump.c

On Tue, Jul 18, 2000 at 09:23:19PM -0000, kfogel@tigris.org wrote:
>...
> +/* kff todo: there's that pesky size_t to long int conversion
> + * happening again. Must ask Jim or Greg; I think I don't fully
> + * understand arithmetic type conversion in C...
> */
> static size_t /* Returns number of bytes in result. */
> size_t_into_string (char *buf, size_t num)

Not much you can do other than wing it. sizeof(int) could be larger or
smaller than sizeof(size_t). (probably small if not equal)

autoconf magic would be needed to find the right type for num_to_string()
which is at least as large as size_t. IMO, just make num_to_string use a
"long" and forget about overflows.

If you really want to be safe, then add this code to size_t_into_string:

  if (num != (long)num) PUNT;

If sizeof(size_t) > sizeof(long), then you could get a truncation. The
resulting long would then be casted back up to size_t length and the
comparison would be made. If they are unequal, then a trunc occurred.

If sizeof(size_t) < sizeof(long), then the LHS would be converted up and the
explicit cast on the RHS would also convert up. No chance for truncation
errors.

Even better, add AC_CHECK_SIZE(long) and AC_CHECK_SIZE(size_t) into
configure.in. Add a #if SIZEOF_LONG != SIZEOF_SIZE_T around the runtime
check. [ not sure if I got all those macros right, but you see the point ]

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/