01.11.2017, 18:46, "Thiago Macieira" <thiago.macie...@intel.com>: > On quarta-feira, 1 de novembro de 2017 08:25:01 PDT Konstantin Tokarev wrote: >> > No, not really, since it's already limited to half the full VM space. No >> > object can be larger than that. Using unsigned is unnecessary. >> >> Using unsigned for size types is crucial in preventing signed overflow in >> pathological cases. > > Using signed for size types is crucial because the API expects to be able to > count backwards from the end and needs to report failure in other situations. > So unsigned is simply ruled out.
Indeed, it's crucial to keep backward compatibility in API (Yet counting backwards is nothing more than a sugar, and STL containers cope fine with size_t) > > There are also no pathological cases since there is no overflow. There is overflow, try e.g. QByteArray::fromBase64() with array of size larger than INT_MAX / 3 If size was unsigned such bugs wouldn't lead to crashes or potential security issues > > -- > Thiago Macieira - thiago.macieira (AT) intel.com > Software Architect - Intel Open Source Technology Center > > _______________________________________________ > Development mailing list > Development@qt-project.org > http://lists.qt-project.org/mailman/listinfo/development -- Regards, Konstantin _______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development
