'int' is enough for 'length' to migrate code from x86 to x64

ketmar via Digitalmars-d digitalmars-d at puremagic.com
Fri Nov 21 06:29:10 PST 2014


On Fri, 21 Nov 2014 19:31:23 +1100
Daniel Murphy via Digitalmars-d <digitalmars-d at puremagic.com> wrote:

> "bearophile"  wrote in message news:lkcltlokangpzzdzzfjg at forum.dlang.org...
> 
> > From my experience in coding in D they are far more unlikely than 
> > sign-related bugs of array lengths.
> 
> Here's a simple program to calculate the relative size of two files, that 
> will not work correctly with unsigned lengths.
> 
> module sizediff
> 
> import std.file;
> import std.stdio;
> 
> void main(string[] args)
> {
>     assert(args.length == 3, "Usage: sizediff file1 file2");
>     auto l1 = args[1].read().length;
>     auto l2 = args[2].read().length;
>     writeln("Difference: ", l1 - l2);
> }
> 
> The two ways this can fail (that I want to highlight) are:
> 1. If either file is too large to fit in a size_t the result will (probably) 
> be wrong
> 2. If file2 is bigger than file1 the result will be wrong
> 
> If length was signed, problem 2 would not exist, and problem 1 would be more 
> likely to occur.  I think it's clear that signed lengths would work for more 
> possible realistic inputs.
no, the problem 2 just becomes hidden. while the given code works most
of the time, it is still broken.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.puremagic.com/pipermail/digitalmars-d/attachments/20141121/9dd135c0/attachment.sig>


More information about the Digitalmars-d mailing list