Browse by Tags
Sorry, but there are no more tags available to filter with.
- SafeInt Compiles on gcc!
-
[update 12-1-08] I now have it completely compiling on gcc, with a test harness that exercises every method of the class for every combination of types (all 15 of them). Version 3.0.12p is now moved to release status. Once I got SafeInt posted on CodePlex, Read More...
- Ptrdiff_t is evil
-
Well, not really, but here's a code problem that confounded some really smart devs – and it looks so simple! void IncPtr( unsigned int cElements ) { if( m_pMax - m_pCurrent > cElements ) m_pCurrent += cElements; else throw; } OK, so here's the question Read More...
- More on Checking Allocations
-
Seems my last post met with some objections – somewhat rightfully so, as I mischaracterized one of Tom's points – he never advocated just not checking for allocations, but instead to use an allocator that has a non-returning error handler – though it Read More...
- Checking Allocations & Potential for Int Mayhem
-
Must be synchronicity. I started out the day with a really interesting mail from Chris Wysopal talking about how allocations can go wrong, fun with signed int math, and the new[] operator. Once I got done responding to Chris, I then notice Robert Hensing's Read More...
- More Checking for Pointer Math
-
Someone pointed out that it isn't sufficient to check for whether the pointer math wrapped, but that we also need to check that the resulting pointer is in our buffer. They then came to the possibly erroneous conclusion that really all you had to do was Read More...
- Evil Compiler Tricks, and Checking for Pointer Math
-
My favorite programming geek hobby being integer overflows, this caught my eye – "gcc silently discards some wraparound checks" http://www.kb.cert.org/vuls/id/162289 Basically, what it says is that code which looks like this: ============ snip ============== Read More...
- MulDiv Mayhem
-
Here's another episode in my ongoing quest to stamp out integer overflows. MulDiv is a Windows API that was around before we had 64-bit integers as native types. MulDiv is defined like so: int MulDiv(int a, int b, int c) Ironically, the problem it's trying Read More...
- Unsafe String Handling with strncpy
-
I recently ran into a piece of code that looked like this: int len = cchIn; strncpy(dest, src, len - 1); This is bad, because strncpy is defined as so: char *strncpy( char * strDest , const char * strSource , size_t count ); The original complaint was Read More...
- Templatized Min/Max Solved!
-
I had some time to think about the overall problem, and had originally thought of a functional approach, like so: template <typename R, typename T, typename U> R Max(T t, U u); This has all the information we need to check for truncation on return, Read More...
- Templatized Min/Max is a bad idea!
-
Ah, back to nice geeky C++ programming topics, which is much more fun than angry customer topics… Some well-meaning soul wrote this: template<typename T, typename U> T TMax(T t, U u){ return t > u ? t : u; } Let me count the bugs – first of all, Read More...
- Safebool
-
My last post triggered a couple of responses and a URL I thought would be good to not get lost in the comments. Check out http://www.artima.com/cppsource/safebool.html . As I was saying a couple of posts ago, the right tool is usually situational. In Read More...
- C++ operator overloading trivia
-
Learned something interesting this week that I'll be working into SafeInt 3. It all started out because if you declare a SafeInt class instance, and then try to use it as an array index, the compiler can't figure out which of the several available integer Read More...
- Even More Cool Integer Tricks
-
OK, so this is just utterly geeky, and would really only come in handy if you're writing something like SafeInt – How to tell if a numeric template type is a bool at compile time: isBool = ((T)1 == (T)2) if type T is a bool, then this is true, else it's Read More...
- More Fun with Integers
-
Just a quick note this morning to share something I found while finishing up SafeInt 3.0. This is something more helpful with 64-bit porting than with general security, though it does have some security side effects. Warning - heavy C++ programming geek Read More...
