[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: at least 260 packages broken on arm, powerpc and s390 due to wrong assumption on char signedness

On Mon, Dec 31, 2001 at 01:33:37PM -0500, Colin Walters wrote:
> It can't be larger than 255 (precisely because it is limited to a single
> byte).
> The more I think about it, the more it makes sense to always explicitly
> declare all char variables as signed or unsigned; otherwise, you're just
> asking for latent bugs.

This works only as long as you own all of your code. The problem is you can
assign signed char to unsigned char or vice versa without any ill effects;
you won't even get a compiler warning. However, the same can't be said for
signed char * vs unsigned char *. If you are interfacing to external code
(even functions like strcpy etc), you are asking for a major type casting
headache. Worse, the problem won't even show up if you are developing on the
"right" platform. I've gone down that route once and then gave up :-(. 

Another thing that puzzles me since this whole debate started. If you look
at the declaration of ctype.h functions (isalpha family), they take a int as
an argument. The man page explicitly mentions the argument should be an
unsigned char - obvious because a signed char would sign extend to an int.
For platforms that default to signed char, and it appears majority of them
do, you need to cast a "default" char type before calling ctype functions.
Still, I have not seen any code that does it.


Reply to: