[Sablevm-bugs] [ sablevm-Bugs-693916 ] dead code?
Brought to you by:
egagnon
Menu
▾
▴
[Sablevm-bugs] [ sablevm-Bugs-693916 ] dead code?
|
From: SourceForge.net <no...@so...> - 2003-02-28 04:55:40
|
Bugs item #693916, was opened at 2003-02-26 16:38 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=105523&aid=693916&group_id=5523 Category: Other Group: SableVM >Status: Closed >Resolution: Rejected Priority: 5 Submitted By: David Bélanger (davidbelanger) >Assigned to: Etienne M. Gagnon (egagnon) Summary: dead code? Initial Comment: File: global_alloc.m4.c See code at end. Unless nmemb can be negative, size will never be smaller than nmemb. So, if (size < nmemb) { _svmf_error_OutOfMemoryError (env); return JNI_ERR; } in the code below will never be executed. static jint _svmh_gzmalloc_instruction_preparation (_svmt_JNIEnv *env, size_t nmemb, _svmt_instruction_preparation ** ptr) { _svmt_instruction_preparation *tmp; size_t size = nmemb * sizeof (_svmt_instruction_preparation); if (size < nmemb) { _svmf_error_OutOfMemoryError (env); return JNI_ERR; } tmp = _svmf_calloc (1, size); if (tmp == NULL) { _svmf_error_OutOfMemoryError (env); return JNI_ERR; } *ptr = tmp; return JNI_OK; } David ---------------------------------------------------------------------- >Comment By: Etienne M. Gagnon (egagnon) Date: 2003-02-28 00:04 Message: Logged In: YES user_id=15365 The test if (size < nmemb) is used to detect overflow. This is because the C language does not provide an exception mechanism to detect overflow on integer multiplication. As we are dealing with unsigned members, the product will be smaller than nmemb on overflow. Now, is this likely to happen? No, but unless we make a formal proof that nmemb will never grow large enough to cause problesm, we need to keep the check (for security purposes). Etienne ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=105523&aid=693916&group_id=5523 |
