Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.lang.c > #83885

Re: c is unfinished

From Keith Thompson <kst-u@mib.org>
Newsgroups comp.lang.c
Subject Re: c is unfinished
Date 2016-03-14 08:43 -0700
Organization None to speak of
Message-ID <ln1t7dkquv.fsf@kst-u.example.com> (permalink)
References (2 earlier) <1457960250.6206.5.camel@openblox.org> <bac017d1-05e6-4435-8935-fb0b12d76dea@googlegroups.com> <3eb666fc-016e-4a79-957a-252d4a07804e@googlegroups.com> <1457965688.6206.7.camel@openblox.org> <d03708ed-0f5d-4e9b-8621-fbe79c4311cc@googlegroups.com>

Show all headers | View raw


Malcolm McLean <malcolm.mclean5@btinternet.com> writes:
> On Monday, March 14, 2016 at 2:28:38 PM UTC, John M. Harris, Jr. wrote:
>> What's a "try"? What's a "catch"? In C, you don't need to worry about
>> that silly stuff, you have return codes and errno, and libraries
>> generally have something like errno that they set, if return codes
>> aren't specific enough. Name collisions shouldn't happen in libraries,
>> so that's not something I've ever had to worry about.
>>
> Say we've got this code.
>
> IMAGE *createimage(int width, int height)
> {
>    IMAGE *answer;
>
>    answer = malloc(sizeof((MAGE));
>    answer->rgba = malloc(width * height * 4);
>    answer->width = width;
>    answer->height = height;
>    meset(answer->rgba, 0, width*height*4);
>    return answer;
> }
>
> pretty unexceptional (pun), routine code.
>
> But of course it's wrong. It doesn't handle out of memory errors,
> and, more insidiously, it doesn't handle width * height > INT_MAX.
>  
> (Quick question, what happens if we make the image dimensions size_t?)

Since size_t is an unsigned type, overflow of `width * height` would
have defined but undesirable behavior.  (Unless `size_t` is narrower
than `int` and `width * height` exceeds `INT_MAX`, but that's unlikely.)

Overflow is unlikely unless `size_t` is 16 bits (which would probably
imply a very old or small embedded system) or the image is *very* large,
several gigapixels.

You might avoid overflow by restricting width and height to "reasonable"
values.

> try catch together with automatic cleanup allows us to write the code 
> exactly like that, in the natural way, and have correct behaviour on 
> malicious input (and image dimensions is something that could well be
> derived from user input).

It depends on the language.

C++ has try and catch, but its behavior on integer overflow is the
same as C's.  Integer overflow doesn't throw an exception.

Ada has the equivalent of try/catch, and integer overflow does throw
(actually "raise") an exception.

-- 
Keith Thompson (The_Other_Keith) kst-u@mib.org  <http://www.ghoti.net/~kst>
Working, but not speaking, for JetHead Development, Inc.
"We must do something.  This is something.  Therefore, we must do this."
    -- Antony Jay and Jonathan Lynn, "Yes Minister"

Back to comp.lang.c | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread


Thread

c is unfinished fir <profesor.fir@gmail.com> - 2016-03-13 12:52 -0700
  Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-13 13:05 -0700
    Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-13 13:25 -0700
      Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-13 16:28 -0700
  Re: c is unfinished Les Cargill <lcargill99@comcast.com> - 2016-03-13 15:20 -0500
    Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-13 13:15 -0700
      Re: c is unfinished Les Cargill <lcargill99@comcast.com> - 2016-03-14 07:27 -0500
        Re: c is unfinished gazelle@shell.xmission.com (Kenny McCormack) - 2016-03-14 12:47 +0000
          Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 06:50 -0700
            Re: c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-14 07:04 -0700
        Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 07:23 -0700
  c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-13 14:17 -0700
    Re: c is unfinished "John M. Harris, Jr." <johnmh@openblox.org> - 2016-03-14 08:57 -0400
      Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 07:06 -0700
        Re: c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-14 07:23 -0700
          Re: c is unfinished "John M. Harris, Jr." <johnmh@openblox.org> - 2016-03-14 10:28 -0400
            Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 08:06 -0700
              Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 15:26 +0000
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 08:38 -0700
                Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 09:15 -0700
                Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 09:42 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 16:23 +0000
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 09:56 -0700
                Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 10:03 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 17:28 +0000
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 11:08 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 18:51 +0000
                Re: c is unfinished raltbos@xs4all.nl (Richard Bos) - 2016-03-14 22:10 +0000
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 16:26 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 23:55 +0000
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 22:44 -0700
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-15 08:59 +0100
                Re: c is unfinished supercat@casperkitty.com - 2016-03-15 07:23 -0700
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-15 15:31 +0100
                Re: c is unfinished supercat@casperkitty.com - 2016-03-15 08:02 -0700
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-16 08:11 +0100
                Re: c is unfinished supercat@casperkitty.com - 2016-03-16 08:33 -0700
                Re: c is unfinished Ian Collins <ian-news@hotmail.com> - 2016-03-15 09:40 +1300
                Re: c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-14 14:01 -0700
                Re: c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-14 15:33 -0700
                Re: c is unfinished gazelle@shell.xmission.com (Kenny McCormack) - 2016-03-14 23:07 +0000
                Re: c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-14 16:27 -0700
                Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 19:37 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 21:07 +0000
                Re: c is unfinished Ian Collins <ian-news@hotmail.com> - 2016-03-15 10:16 +1300
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 22:05 +0000
                Re: c is unfinished Öö Tiib <ootiib@hot.ee> - 2016-03-14 15:30 -0700
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 15:39 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 23:00 +0000
                Re: c is unfinished Öö Tiib <ootiib@hot.ee> - 2016-03-14 18:09 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-15 08:14 +0000
                Re: c is unfinished Öö Tiib <ootiib@hot.ee> - 2016-03-15 13:51 -0700
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-15 10:01 +0100
                Re: c is unfinished Öö Tiib <ootiib@hot.ee> - 2016-03-15 17:07 -0700
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-16 08:26 +0100
                Re: c is unfinished Öö Tiib <ootiib@hot.ee> - 2016-03-16 13:28 -0700
                Re: c is unfinished Philip Lantz <prl@canterey.us> - 2016-03-15 20:03 -0700
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-16 08:52 +0100
                Re: c is unfinished Ian Collins <ian-news@hotmail.com> - 2016-03-16 20:39 +1300
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-16 09:14 +0100
                Re: c is unfinished Ian Collins <ian-news@hotmail.com> - 2016-03-16 22:40 +1300
                Re: c is unfinished David Brown <david.brown@hesbynett.no> - 2016-03-16 12:46 +0100
                Re: c is unfinished Ian Collins <ian-news@hotmail.com> - 2016-03-15 14:53 +1300
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-15 08:17 +0000
                Re: c is unfinished Ian Collins <ian-news@hotmail.com> - 2016-03-15 21:19 +1300
                Re: c is unfinished Öö Tiib <ootiib@hot.ee> - 2016-03-14 15:16 -0700
                Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 19:03 -0700
              Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 08:32 -0700
              Re: c is unfinished Keith Thompson <kst-u@mib.org> - 2016-03-14 08:43 -0700
              Re: c is unfinished Ben Bacarisse <ben.usenet@bsb.me.uk> - 2016-03-14 16:14 +0000
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 10:01 -0700
                Re: c is unfinished Richard Heathfield <rjh@cpax.org.uk> - 2016-03-14 17:30 +0000
                Re: c is unfinished Keith Thompson <kst-u@mib.org> - 2016-03-14 10:57 -0700
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 11:32 -0700
                Re: c is unfinished Keith Thompson <kst-u@mib.org> - 2016-03-14 12:12 -0700
                Re: c is unfinished Ben Bacarisse <ben.usenet@bsb.me.uk> - 2016-03-14 19:21 +0000
                Re: c is unfinished raltbos@xs4all.nl (Richard Bos) - 2016-03-14 22:16 +0000
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 15:34 -0700
                Re: c is unfinished Robert Wessel <robertwessel2@yahoo.com> - 2016-03-14 20:15 -0500
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 22:05 -0700
                Re: c is unfinished Keith Thompson <kst-u@mib.org> - 2016-03-14 22:34 -0700
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 16:17 -0700
                Re: c is unfinished Ben Bacarisse <ben.usenet@bsb.me.uk> - 2016-03-15 01:10 +0000
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 12:03 -0700
                Re: c is unfinished Ben Bacarisse <ben.usenet@bsb.me.uk> - 2016-03-14 19:08 +0000
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 13:01 -0700
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 13:28 -0700
                Re: c is unfinished Keith Thompson <kst-u@mib.org> - 2016-03-14 14:25 -0700
                Re: c is unfinished supercat@casperkitty.com - 2016-03-14 14:40 -0700
                Re: c is unfinished Malcolm McLean <malcolm.mclean5@btinternet.com> - 2016-03-14 14:44 -0700
                Re: c is unfinished raltbos@xs4all.nl (Richard Bos) - 2016-03-14 22:44 +0000
                Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-14 19:26 -0700
      Re: c is unfinished "Rick C. Hodgin" <rick.c.hodgin@gmail.com> - 2016-03-14 07:09 -0700
  Re: c is unfinished Jens Stuckelberger <Jens_Stuckelberger@nowhere.net> - 2016-03-13 23:34 +0000
    Re: c is unfinished fir <profesor.fir@gmail.com> - 2016-03-13 16:40 -0700
  Re: c is unfinished supercat@casperkitty.com - 2016-03-14 09:33 -0700

csiph-web