Re: at least 260 packages broken on arm, powerpc and s390 due to wrong assumption on char signedness
On Mon, Dec 31, 2001 at 01:33:37PM -0500, Colin Walters wrote:
> On Mon, 2001-12-31 at 05:40, Julian Gilbey wrote:
> > I believe that the author (Knuth) presumably thought "c should only be
> > between 0 and 127, probably not even that far, and we're using c as an
> > array index, where we've only allocated 256 chars for this array.
>
> Right. Then it should be explicitly declared as an "unsigned char".
>
> > As char might be a signed char, c could feasibly be less than 0,
>
> Not if you declare it as unsigned explicitly.
>
> > and there's a small possibility that char could be some weird wide
> > character thing,
>
> No, the C standard guarantees that a char is exactly a single byte; i.e.
> sizeof(char) == 1.
OK.
So then this check is either unnecessary or guards against the
possibility that char is signed and that the chars we've hit are <0.
But either way, it's a small piece of defensive programming for an
essentially impossible situation.
I'm not about to rewrite this code to remove a warning when I will
potentially introduce real bugs.
> The more I think about it, the more it makes sense to always explicitly
> declare all char variables as signed or unsigned; otherwise, you're just
> asking for latent bugs.
That is a wise suggestion, indeed. Although there may be exceptions
when it is unnecessary.
Julian
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Julian Gilbey, Dept of Maths, Debian GNU/Linux Developer
Queen Mary, Univ. of London see http://people.debian.org/~jdg/
http://www.maths.qmul.ac.uk/~jdg/ or http://www.debian.org/
Visit http://www.thehungersite.com/ to help feed the hungry
Also: http://www.helpthehungry.org/
Reply to: