[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Compilation warnings
- From: roberto@... (Roberto Ierusalimschy)
- Date: Mon, 22 Oct 2007 22:44:40 -0200
> > Warning : implicit arithmetic conversion from 'int' to 'unsigned int'
> > lstring.c line 65 h = lmod(h, tb->size);
>
> Here, 'h' really shouldn't be reused. Indexing with ints vs.
> unsigned ints makes a difference on some platforms.
I am afraid I missed you here.
> > Warning : implicit arithmetic conversion from 'unsigned long' to 'long'
> > lstrlib.c line 31 lua_pushinteger(L, l);
> >
> > Warning : implicit arithmetic conversion from 'long' to 'unsigned long'
> > lstrlib.c line 50 lua_pushlstring(L, s+start-1, end-start+1);
> >
> > Warning : implicit arithmetic conversion from 'unsigned long' to 'long'
> > lstrlib.c line 112 if ((size_t)pose > l) pose = l;
>
> These look like potential security holes on first inspection. But
> I don't think it's possible to create a string bigger than half
> the virtual address space (e.g. >2GB on a 32 bit OS) in the first
> place. So a few casts should silence them.
The 'long' and 'unsigned long' reported here are actually ptrdiff_t
and size_t. If the compiler allows a string bigger than half the
virtual address space, it is its problem to provide a ptrdiff_t large
enough to count those sizes.
> > Warning : implicit arithmetic conversion from 'unsigned long' to 'long'
> > lstrlib.c line 651 int max_s = aL_optinteger(L, ( 4), ( srcl+1)));
>
> This is a real bug, because sizeof(size_t) may be larger than
> sizeof(int), e.g. on a 64 bit OS.
That is true. Thanks!
-- Roberto