unofficial mirror of guile-devel@gnu.org 
 help / color / mirror / Atom feed
* [PATCH 1/1] fports: handle revealed as unsigned everywhere and check range
@ 2020-09-20  1:58 Rob Browning
  0 siblings, 0 replies; only message in thread
From: Rob Browning @ 2020-09-20  1:58 UTC (permalink / raw)
  To: guile-devel

The type is currently unsigned int, so respect that everywhere, and
range check the adjustments.  Note that this changes the ABI of
scm_revealed_count().

---

 If we don't want to change the ABI, then I imagine we could leave
 both scm_revealed_count and the data structure the same, and add some
 additional complexity to make sure we always stick within the
 intersection of the int and unsigned int domains on the current
 platform.

 libguile/fports.c | 14 ++++++++------
 libguile/fports.h |  2 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/libguile/fports.c b/libguile/fports.c
index 4a3c30b88..0a71638e7 100644
--- a/libguile/fports.c
+++ b/libguile/fports.c
@@ -494,7 +494,7 @@ fport_input_waiting (SCM port)
 /* Find a port in the table and return its revealed count.
    Also used by the garbage collector.
  */
-int
+unsigned int
 scm_revealed_count (SCM port)
 {
   return SCM_REVEALED (port);
@@ -507,7 +507,7 @@ SCM_DEFINE (scm_port_revealed, "port-revealed", 1, 0, 0,
 {
   port = SCM_COERCE_OUTPORT (port);
   SCM_VALIDATE_OPFPORT (1, port);
-  return scm_from_int (scm_revealed_count (port));
+  return scm_from_uint (scm_revealed_count (port));
 }
 #undef FUNC_NAME
 
@@ -518,12 +518,12 @@ SCM_DEFINE (scm_set_port_revealed_x, "set-port-revealed!", 2, 0, 0,
 	    "The return value is unspecified.")
 #define FUNC_NAME s_scm_set_port_revealed_x
 {
-  int r;
+  unsigned int r;
 
   port = SCM_COERCE_OUTPORT (port);
   SCM_VALIDATE_OPFPORT (1, port);
 
-  r = scm_to_int (rcount);
+  r = scm_to_uint (rcount);
   SCM_REVEALED (port) = r;
 
   return SCM_UNSPECIFIED;
@@ -537,12 +537,14 @@ SCM_DEFINE (scm_adjust_port_revealed_x, "adjust-port-revealed!", 2, 0, 0,
 	    "The return value is unspecified.")
 #define FUNC_NAME s_scm_adjust_port_revealed_x
 {
-  int a;
+  unsigned int a;
 
   port = SCM_COERCE_OUTPORT (port);
   SCM_VALIDATE_OPFPORT (1, port);
 
-  a = scm_to_int (addend);
+  a = scm_to_uint (addend);
+  if (UINT_MAX - a > SCM_REVEALED (port))
+    scm_out_of_range (FUNC_NAME, addend);
   SCM_REVEALED (port) += a;
 
   return SCM_UNSPECIFIED;
diff --git a/libguile/fports.h b/libguile/fports.h
index 3a895775f..aed76ba20 100644
--- a/libguile/fports.h
+++ b/libguile/fports.h
@@ -65,7 +65,7 @@ SCM_API SCM scm_file_port_p (SCM obj);
 
 \f
 /* Revealed counts.  */
-SCM_API int scm_revealed_count (SCM port);
+SCM_API unsigned int scm_revealed_count (SCM port);
 SCM_API SCM scm_port_revealed (SCM port);
 SCM_API SCM scm_set_port_revealed_x (SCM port, SCM rcount);
 SCM_API SCM scm_adjust_port_revealed_x (SCM port, SCM addend);
-- 
2.26.1




^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2020-09-20  1:58 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-20  1:58 [PATCH 1/1] fports: handle revealed as unsigned everywhere and check range Rob Browning

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).