From: "René Scharfe" <l.s.r@web.de>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: Junio C Hamano <gitster@pobox.com>,
Johannes Schindelin via GitGitGadget <gitgitgadget@gmail.com>,
git@vger.kernel.org
Subject: Re: [PATCH 4/4] config: avoid calling `labs()` on too-large data type
Date: Sat, 22 Jun 2019 12:03:24 +0200 [thread overview]
Message-ID: <0dd77efa-a8f5-9f3c-6057-d6fddfc23563@web.de> (raw)
In-Reply-To: <nycvar.QRO.7.76.6.1906212024010.44@tvgsbejvaqbjf.bet>
Am 21.06.19 um 20:35 schrieb Johannes Schindelin:
> Hi René,
>
> On Thu, 20 Jun 2019, René Scharfe wrote:
>
>> Subject: [PATCH] config: simplify unit suffix handling
>>
>> parse_unit_factor() checks if a K, M or G is present after a number and
>> multiplies it by 2^10, 2^20 or 2^30, respectively. One of its callers
>> checks if the result is smaller than the number alone to detect
>> overflows. The other one passes 1 as the number and does multiplication
>> and overflow check itself in a similar manner.
>>
>> This works, but is inconsistent, and it would break if we added support
>> for a bigger unit factor. E.g. 16777217T expands to 2^64 + 2^40, which
>> is too big for a 64-bit number. Modulo 2^64 we get 2^40 == 1TB, which
>> is bigger than the raw number 16777217 == 2^24 + 1, so the overflow
>> would go undetected by that method.
>>
>> Move the multiplication out of parse_unit_factor() and rename it to
>> get_unit_factor() to signify its reduced functionality. This partially
>
> I do not necessarily think that the name `get_unit_factor()` is better,
> given that we still parse the unit factor. I'd vote for keeping the
> original name.
get_unit_factor() is the original name from before c8deb5a146.
> However, what _does_ make sense is to change that function to _really_
> only parse the unit factor. That is, I would keep the exact signature, I
> just would not multiply `*val` by the unit factor, I would overwrite it by
> the unit factor instead.
So the patch is too big. Its narrative of "let's restore the original
code, but keep the good features added since" is not carrying the
weight of its many changes.
> At least that is what I would have expected, reading the name
> `parse_unit_factor()`.
Hence the renaming. :)
When I read parse_unit_factor() without any context then I expect it to
work in the middle of a string, telling the caller how many characters
were recognized. It would then be usable with different units, e.g.
for "17KB" just as well as for "100Mbps".
We don't need such a generic function here, of course.
>> reverts c8deb5a146 ("Improve error messages when int/long cannot be
>> parsed from config", 2007-12-25), but keeps the improved error messages.
>> Use a return value of 0 to signal an invalid suffix.
>
> This comment should probably become a code comment above the function.
You mean just the last sentence, right? For an exported function I'd
agree, but for this short helper I'm not so sure and would rather not
bother the reader with easily inferable facts.
>> Signed-off-by: Rene Scharfe <l.s.r@web.de>
>
> What, no accent?
I prefer a recognizable simplified version to a butchered one. Perhaps
the world is ready for Unicode now? I still get weirdly transformed
characters on letters and parcels, so I'm cautious. Testing the waters
with the sender name setting in my MUA for some time now..
>> diff --git a/config.c b/config.c
>> index 01c6e9df23..61a8bbb5cd 100644
>> --- a/config.c
>> +++ b/config.c
>> @@ -834,51 +834,46 @@ static int git_parse_source(config_fn_t fn, void *data,
>> return error_return;
>> }
>>
>> -static int parse_unit_factor(const char *end, uintmax_t *val)
>> +static uintmax_t get_unit_factor(const char *end)
>
> It has been a historical wart that the parameter was called `end`. Maybe
> that could be fixed, "while at it"?
I was tempted to do that, and am a bit proud of having resisted that
one. I try to avoid "what at it" these days -- if it's worth doing
that other thing then it can live in its own patch.
But the name "end" is arguably good, as it signifies that the function
only works with unit factors at the end of strings.
>>
>> errno = 0;
>> val = strtoumax(value, &end, 0);
>> if (errno == ERANGE)
>> return 0;
>> - oldval = val;
>> - if (!parse_unit_factor(end, &val)) {
>> + factor = get_unit_factor(end);
>> + if (!factor) {
>
> Again, here I would strongly suggest the less intrusive change (with a
> more intuitive outcome):
>
> - oldval = val;
> - if (!parse_unit_factor(end, &val)) {
> + if (!parse_unit_factor(end, &factor)) {
>
>> errno = EINVAL;
>> return 0;
>> }
>> - if (val > max || oldval > val) {
>> + if (unsigned_mult_overflows(factor, val) ||
>> + factor * val > max) {
I'll split that out, then we can discuss it separately.
René
next prev parent reply other threads:[~2019-06-22 10:03 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-13 11:49 [PATCH 0/4] Support building with GCC v8.x/v9.x Johannes Schindelin via GitGitGadget
2019-06-13 11:49 ` [PATCH 1/4] poll (mingw): allow compiling with GCC 8 and DEVELOPER=1 Johannes Schindelin via GitGitGadget
2019-06-13 11:49 ` [PATCH 2/4] kwset: allow building with GCC 8 Johannes Schindelin via GitGitGadget
2019-06-13 16:11 ` Junio C Hamano
2019-06-14 9:53 ` SZEDER Gábor
2019-06-14 10:00 ` [RFC/PATCH v1 0/4] compat/obstack: update from upstream SZEDER Gábor
2019-06-14 10:00 ` [PATCH v1 1/4] " SZEDER Gábor
2019-06-14 10:00 ` [PATCH v1 2/4] SQUASH??? compat/obstack: fix portability issues SZEDER Gábor
2019-06-14 10:00 ` [PATCH v1 3/4] SQUASH??? compat/obstack: fix build errors with Clang SZEDER Gábor
2019-06-14 10:00 ` [PATCH v1 4/4] compat/obstack: fix some sparse warnings SZEDER Gábor
2019-06-14 17:57 ` [RFC/PATCH v1 0/4] compat/obstack: update from upstream Jeff King
2019-06-14 18:19 ` Junio C Hamano
2019-06-14 20:30 ` Ramsay Jones
2019-06-14 21:24 ` Ramsay Jones
2019-06-17 18:36 ` SZEDER Gábor
2019-06-14 16:12 ` [PATCH 2/4] kwset: allow building with GCC 8 Junio C Hamano
2019-06-17 18:26 ` SZEDER Gábor
2019-06-14 22:09 ` Ævar Arnfjörð Bjarmason
2019-06-14 22:55 ` Can we just get rid of kwset & obstack in favor of optimistically using PCRE v2 JIT? Ævar Arnfjörð Bjarmason
2019-06-14 23:19 ` Ævar Arnfjörð Bjarmason
2019-06-20 10:35 ` Jeff King
2019-06-15 9:01 ` Carlo Arenas
2019-06-15 19:15 ` brian m. carlson
2019-06-15 22:14 ` Ævar Arnfjörð Bjarmason
2019-06-26 0:03 ` [RFC/PATCH 0/7] grep: move from kwset to optional PCRE v2 Ævar Arnfjörð Bjarmason
2019-06-26 14:02 ` Johannes Schindelin
2019-06-27 9:16 ` Johannes Schindelin
2019-06-27 16:27 ` Ævar Arnfjörð Bjarmason
2019-06-27 18:21 ` Johannes Schindelin
2019-06-27 23:39 ` [PATCH v2 0/9] " Ævar Arnfjörð Bjarmason
2019-06-28 7:23 ` Ævar Arnfjörð Bjarmason
2019-06-28 16:10 ` Junio C Hamano
2019-07-01 21:20 ` [PATCH v3 00/10] " Ævar Arnfjörð Bjarmason
2019-07-01 21:31 ` Junio C Hamano
2019-07-02 11:10 ` Ævar Arnfjörð Bjarmason
2019-07-02 12:32 ` Johannes Schindelin
2019-07-02 19:57 ` Junio C Hamano
2019-07-03 10:08 ` Johannes Schindelin
2019-07-03 10:25 ` Johannes Schindelin
2019-07-03 11:27 ` Johannes Schindelin
2019-07-01 21:20 ` [PATCH v3 01/10] log tests: test regex backends in "--encode=<enc>" tests Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 02/10] grep: don't use PCRE2?_UTF8 with "log --encoding=<non-utf8>" Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 03/10] t4210: skip more command-line encoding tests on MinGW Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 04/10] grep: inline the return value of a function call used only once Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 05/10] grep tests: move "grep binary" alongside the rest Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 06/10] grep tests: move binary pattern tests into their own file Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 07/10] grep: make the behavior for NUL-byte in patterns sane Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 08/10] grep: drop support for \0 in --fixed-strings <pattern> Ævar Arnfjörð Bjarmason
2019-07-01 21:20 ` [PATCH v3 09/10] grep: remove the kwset optimization Ævar Arnfjörð Bjarmason
2019-07-01 21:21 ` [PATCH v3 10/10] grep: use PCRE v2 for optimized fixed-string search Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 1/9] log tests: test regex backends in "--encode=<enc>" tests Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 2/9] grep: don't use PCRE2?_UTF8 with "log --encoding=<non-utf8>" Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 3/9] grep: inline the return value of a function call used only once Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 4/9] grep tests: move "grep binary" alongside the rest Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 5/9] grep tests: move binary pattern tests into their own file Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 6/9] grep: make the behavior for NUL-byte in patterns sane Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 7/9] grep: drop support for \0 in --fixed-strings <pattern> Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 8/9] grep: remove the kwset optimization Ævar Arnfjörð Bjarmason
2019-06-27 23:39 ` [PATCH v2 9/9] grep: use PCRE v2 for optimized fixed-string search Ævar Arnfjörð Bjarmason
2019-06-26 0:03 ` [RFC/PATCH 1/7] grep: inline the return value of a function call used only once Ævar Arnfjörð Bjarmason
2019-06-26 0:03 ` [RFC/PATCH 2/7] grep tests: move "grep binary" alongside the rest Ævar Arnfjörð Bjarmason
2019-06-26 14:05 ` Johannes Schindelin
2019-06-26 18:13 ` Junio C Hamano
2019-06-26 0:03 ` [RFC/PATCH 3/7] grep tests: move binary pattern tests into their own file Ævar Arnfjörð Bjarmason
2019-06-26 0:03 ` [RFC/PATCH 4/7] grep: make the behavior for \0 in patterns sane Ævar Arnfjörð Bjarmason
2019-06-27 2:03 ` brian m. carlson
2019-06-26 0:03 ` [RFC/PATCH 5/7] grep: drop support for \0 in --fixed-strings <pattern> Ævar Arnfjörð Bjarmason
2019-06-26 16:14 ` Junio C Hamano
2019-06-26 0:03 ` [RFC/PATCH 6/7] grep: remove the kwset optimization Ævar Arnfjörð Bjarmason
2019-06-26 0:03 ` [RFC/PATCH 7/7] grep: use PCRE v2 for optimized fixed-string search Ævar Arnfjörð Bjarmason
2019-06-26 14:13 ` Johannes Schindelin
2019-06-26 18:45 ` Junio C Hamano
2019-06-27 9:31 ` Johannes Schindelin
2019-06-27 18:45 ` Johannes Schindelin
2019-06-27 19:06 ` Junio C Hamano
2019-06-28 10:56 ` Johannes Schindelin
2019-06-13 11:49 ` [PATCH 3/4] winansi: simplify loading the GetCurrentConsoleFontEx() function Johannes Schindelin via GitGitGadget
2019-06-13 11:49 ` [PATCH 4/4] config: avoid calling `labs()` on too-large data type Johannes Schindelin via GitGitGadget
2019-06-13 16:13 ` Junio C Hamano
2019-06-16 6:48 ` René Scharfe
2019-06-16 8:24 ` René Scharfe
2019-06-16 14:01 ` René Scharfe
2019-06-16 22:26 ` Junio C Hamano
2019-06-20 19:58 ` René Scharfe
2019-06-20 21:07 ` Junio C Hamano
2019-06-21 18:35 ` Johannes Schindelin
2019-06-22 10:03 ` René Scharfe [this message]
2019-06-22 10:03 ` [PATCH v2 1/3] config: use unsigned_mult_overflows to check for overflows René Scharfe
2019-06-22 10:03 ` [PATCH v2 2/3] config: don't multiply in parse_unit_factor() René Scharfe
2019-06-22 10:03 ` [PATCH v2 3/3] config: simplify parsing of unit factors René Scharfe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0dd77efa-a8f5-9f3c-6057-d6fddfc23563@web.de \
--to=l.s.r@web.de \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).