Merge #9472 from justinmk/pvs-warnings2

This commit is contained in:
Justin M. Keyes 2019-01-10 08:56:38 +01:00 committed by GitHub
commit 6d8b5989bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 63 additions and 7 deletions

View File

@ -248,6 +248,16 @@ int main(void)
} }
" HAVE_EXECINFO_BACKTRACE) " HAVE_EXECINFO_BACKTRACE)
check_c_source_compiles("
int main(void)
{
int a;
__builtin_add_overflow(a, a, &a);
__builtin_sub_overflow(a, a, &a);
return 0;
}
" HAVE_BUILTIN_ADD_OVERFLOW)
if(MSVC) if(MSVC)
# XXX: /W4 gives too many warnings. #3241 # XXX: /W4 gives too many warnings. #3241
add_definitions(/W3 -D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE) add_definitions(/W3 -D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE)

View File

@ -121,4 +121,34 @@
((enum { ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(e)) }) 0) ((enum { ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(e)) }) 0)
#endif #endif
/// @def STRICT_ADD
/// @brief Adds (a + b) and stores result in `c`. Aborts on overflow.
///
/// Requires GCC 5+ and Clang 3.8+
/// https://clang.llvm.org/docs/LanguageExtensions.html
/// https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html
///
/// Alternative for compilers without __builtin_xx_overflow ?
/// https://stackoverflow.com/a/44830670/152142
///
/// @param MAX Maximum value of the narrowest type of operand.
/// Not used if compiler supports __builtin_add_overflow.
#if HAVE_BUILTIN_ADD_OVERFLOW
# define STRICT_ADD(a, b, c, t) \
do { if (__builtin_add_overflow(a, b, c)) { abort(); } } while (0)
#else
# define STRICT_ADD(a, b, c, t) \
do { *(c) = (t)(a + b); } while (0)
#endif
/// @def STRICT_SUB
/// @brief Subtracts (a - b) and stores result in `c`. Aborts on overflow.
#if HAVE_BUILTIN_ADD_OVERFLOW
# define STRICT_SUB(a, b, c, t) \
do { if (__builtin_sub_overflow(a, b, c)) { abort(); } } while (0)
#else
# define STRICT_SUB(a, b, c, t) \
do { *(c) = (t)(a - b); } while (0)
#endif
#endif // NVIM_ASSERT_H #endif // NVIM_ASSERT_H

View File

@ -4,6 +4,7 @@
#include <stdbool.h> #include <stdbool.h>
#include <inttypes.h> #include <inttypes.h>
#include "nvim/assert.h"
#include "nvim/cursor.h" #include "nvim/cursor.h"
#include "nvim/charset.h" #include "nvim/charset.h"
#include "nvim/fold.h" #include "nvim/fold.h"
@ -170,7 +171,9 @@ static int coladvance2(
if (line[idx] == NUL) { if (line[idx] == NUL) {
/* Append spaces */ /* Append spaces */
int correct = wcol - col; int correct = wcol - col;
char_u *newline = xmallocz((size_t)(idx + correct)); size_t newline_size;
STRICT_ADD(idx, correct, &newline_size, size_t);
char_u *newline = xmallocz(newline_size);
memcpy(newline, line, (size_t)idx); memcpy(newline, line, (size_t)idx);
memset(newline + idx, ' ', (size_t)correct); memset(newline + idx, ' ', (size_t)correct);
@ -187,14 +190,17 @@ static int coladvance2(
if (-correct > csize) if (-correct > csize)
return FAIL; return FAIL;
newline = xmallocz((size_t)(linelen - 1 + csize)); size_t n;
STRICT_ADD(linelen - 1, csize, &n, size_t);
newline = xmallocz(n);
// Copy first idx chars // Copy first idx chars
memcpy(newline, line, (size_t)idx); memcpy(newline, line, (size_t)idx);
// Replace idx'th char with csize spaces // Replace idx'th char with csize spaces
memset(newline + idx, ' ', (size_t)csize); memset(newline + idx, ' ', (size_t)csize);
// Copy the rest of the line // Copy the rest of the line
memcpy(newline + idx + csize, line + idx + 1, STRICT_SUB(linelen, idx, &n, size_t);
(size_t)(linelen - idx - 1)); STRICT_SUB(n, 1, &n, size_t);
memcpy(newline + idx + csize, line + idx + 1, n);
ml_replace(pos->lnum, newline, false); ml_replace(pos->lnum, newline, false);
changed_bytes(pos->lnum, idx); changed_bytes(pos->lnum, idx);

View File

@ -6,6 +6,7 @@
#include <stdbool.h> #include <stdbool.h>
#include "nvim/ascii.h" #include "nvim/ascii.h"
#include "nvim/assert.h"
#include "nvim/indent.h" #include "nvim/indent.h"
#include "nvim/eval.h" #include "nvim/eval.h"
#include "nvim/charset.h" #include "nvim/charset.h"
@ -204,7 +205,12 @@ int set_indent(int size, int flags)
// after the if (!curbuf->b_p_et) below. // after the if (!curbuf->b_p_et) below.
if (orig_char_len != -1) { if (orig_char_len != -1) {
assert(orig_char_len + size - ind_done + line_len >= 0); assert(orig_char_len + size - ind_done + line_len >= 0);
newline = xmalloc((size_t)(orig_char_len + size - ind_done + line_len)); size_t n; // = orig_char_len + size - ind_done + line_len
size_t n2;
STRICT_ADD(orig_char_len, size, &n, size_t);
STRICT_ADD(ind_done, line_len, &n2, size_t);
STRICT_SUB(n, n2, &n, size_t);
newline = xmalloc(n);
todo = size - ind_done; todo = size - ind_done;
// Set total length of indent in characters, which may have been // Set total length of indent in characters, which may have been
@ -226,7 +232,9 @@ int set_indent(int size, int flags)
} else { } else {
todo = size; todo = size;
assert(ind_len + line_len >= 0); assert(ind_len + line_len >= 0);
newline = xmalloc((size_t)(ind_len + line_len)); size_t newline_size;
STRICT_ADD(ind_len, line_len, &newline_size, size_t);
newline = xmalloc(newline_size);
s = newline; s = newline;
} }
@ -392,7 +400,9 @@ int copy_indent(int size, char_u *src)
// and the rest of the line. // and the rest of the line.
line_len = (int)STRLEN(get_cursor_line_ptr()) + 1; line_len = (int)STRLEN(get_cursor_line_ptr()) + 1;
assert(ind_len + line_len >= 0); assert(ind_len + line_len >= 0);
line = xmalloc((size_t)(ind_len + line_len)); size_t line_size;
STRICT_ADD(ind_len, line_len, &line_size, size_t);
line = xmalloc(line_size);
p = line; p = line;
} }
} }