[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: at least 260 packages broken on arm, powerpc and s390 due to wrong assumption on char signedness

On Mon, 2001-12-31 at 05:40, Julian Gilbey wrote:
> I believe that the author (Knuth) presumably thought "c should only be
> between 0 and 127, probably not even that far, and we're using c as an
> array index, where we've only allocated 256 chars for this array.  

Right.  Then it should be explicitly declared as an "unsigned char".

> As char might be a signed char, c could feasibly be less than 0, 

Not if you declare it as unsigned explicitly.

> and there's a small possibility that char could be some weird wide
> character thing, 

No, the C standard guarantees that a char is exactly a single byte; i.e.
sizeof(char) == 1.

> so c could feasibly be greater than 255, we'll
> perform the checks just check to be on the safe side."  Defensive
> programming.

It can't be larger than 255 (precisely because it is limited to a single

The more I think about it, the more it makes sense to always explicitly
declare all char variables as signed or unsigned; otherwise, you're just
asking for latent bugs.

Reply to: