On 24/09/2020 18:30, Gedare Bloom wrote:
+#define MESSAGE_SIZE_LIMIT \
+ ( SIZE_MAX - sizeof( uintptr_t ) - 1 \
Minor: should it be - ( sizeof( uintptr_t ) - 1 )?
Or: - sizeof(uintptr_t) + 1
The alignment up can add at most sizeof(uintptr_t)-1 bytes overhead I
think is what this is trying to
On 24/09/2020 18:50, Gedare Bloom wrote:
+ /* Make sure the memory allocation size computation does not overflow */
+ if ( maximum_pending_messages > SIZE_MAX / buffer_size ) {
optimization: can we use mult instead?
if ( maximum_pending_messages * buffer_size > SIZE_MAX )
save a few cycles
On Thu, Sep 24, 2020 at 10:30 AM Gedare Bloom wrote:
>
> On Thu, Sep 24, 2020 at 6:13 AM Sebastian Huber
> wrote:
> >
> > The previous multiplication error check is broken on 64-bit machines. Use
> > the
> > recommended check from SEI CERT C Coding Standard, "INT30-C. Ensure that
> > unsigned i
On Thu, Sep 24, 2020 at 6:13 AM Sebastian Huber
wrote:
>
> The previous multiplication error check is broken on 64-bit machines. Use the
> recommended check from SEI CERT C Coding Standard, "INT30-C. Ensure that
> unsigned integer operations do not wrap".
>
> Make sure the message size computatio
The previous multiplication error check is broken on 64-bit machines. Use the
recommended check from SEI CERT C Coding Standard, "INT30-C. Ensure that
unsigned integer operations do not wrap".
Make sure the message size computation does not overflow.
Update #4007.
---
cpukit/score/src/coremsg.c
