From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS22989 209.51.188.0/24 X-Spam-Status: No, score=-4.2 required=3.0 tests=AWL,BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id 14EBD1F8C6 for ; Sun, 29 Aug 2021 17:26:07 +0000 (UTC) Received: from localhost ([::1]:48410 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mKOZJ-0004Vr-PX for normalperson@yhbt.net; Sun, 29 Aug 2021 13:26:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45846) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mKOZF-0004VW-P6 for bug-gnulib@gnu.org; Sun, 29 Aug 2021 13:26:01 -0400 Received: from zimbra.cs.ucla.edu ([131.179.128.68]:54072) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mKOZC-0003Pd-JC for bug-gnulib@gnu.org; Sun, 29 Aug 2021 13:26:01 -0400 Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id AE5CB160059; Sun, 29 Aug 2021 10:25:55 -0700 (PDT) Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id IHmWVIMcq8Ja; Sun, 29 Aug 2021 10:25:54 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id BBB87160083; Sun, 29 Aug 2021 10:25:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id fwWeplYBTUZk; Sun, 29 Aug 2021 10:25:54 -0700 (PDT) Received: from [192.168.1.9] (cpe-172-91-119-151.socal.res.rr.com [172.91.119.151]) by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id 99B54160059; Sun, 29 Aug 2021 10:25:54 -0700 (PDT) To: Bruno Haible References: <20210827222756.530247-1-eggert@cs.ucla.edu> <22573827.hxa6pUQ8Du@omega> <4040691.xgJ6IN8ObU@omega> From: Paul Eggert Organization: UCLA Computer Science Department Subject: Re: [PATCH] base32, base64: prefer signed to unsigned integers Message-ID: <760438a6-836b-3a90-fb2c-cfc09da59908@cs.ucla.edu> Date: Sun, 29 Aug 2021 10:25:54 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <4040691.xgJ6IN8ObU@omega> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=131.179.128.68; envelope-from=eggert@cs.ucla.edu; helo=zimbra.cs.ucla.edu X-Spam_score_int: -47 X-Spam_score: -4.8 X-Spam_bar: ---- X-Spam_report: (-4.8 / 5.0 requ) BAYES_00=-1.9, NICE_REPLY_A=-0.58, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: bug-gnulib@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Gnulib discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: bug-gnulib@gnu.org Errors-To: bug-gnulib-bounces+normalperson=yhbt.net@gnu.org Sender: "bug-gnulib" On 8/29/21 3:16 AM, Bruno Haible wrote: > There may be invocations out there, of this > function, with an argument between SIZE_MAX/2 and SIZE_MAX-1. Changing > such calls to be undefined behaviour means that these invocations now > need debugging in the packages that contain them. Luckily these calls are not present in practical code (as opposed to=20 artificial test cases). > IMO, it would be better to have code like this in base64_encode_alloc: >=20 > if (inlen < 0) > /* This argument is invalid, since the API change from 2021-08-28. = */ > abort (); Another possibility would be to treat inlen < 0 the same as integer=20 overflow. I could go either way.