'int' is enough for 'length' to migrate code from x86 to x64

Ary Borenszweig via Digitalmars-d digitalmars-d at puremagic.com
Fri Nov 21 09:36:53 PST 2014


On 11/21/14, 11:29 AM, ketmar via Digitalmars-d wrote:
> On Fri, 21 Nov 2014 19:31:23 +1100
> Daniel Murphy via Digitalmars-d <digitalmars-d at puremagic.com> wrote:
>
>> "bearophile"  wrote in message news:lkcltlokangpzzdzzfjg at forum.dlang.org...
>>
>>>  From my experience in coding in D they are far more unlikely than
>>> sign-related bugs of array lengths.
>>
>> Here's a simple program to calculate the relative size of two files, that
>> will not work correctly with unsigned lengths.
>>
>> module sizediff
>>
>> import std.file;
>> import std.stdio;
>>
>> void main(string[] args)
>> {
>>      assert(args.length == 3, "Usage: sizediff file1 file2");
>>      auto l1 = args[1].read().length;
>>      auto l2 = args[2].read().length;
>>      writeln("Difference: ", l1 - l2);
>> }
>>
>> The two ways this can fail (that I want to highlight) are:
>> 1. If either file is too large to fit in a size_t the result will (probably)
>> be wrong
>> 2. If file2 is bigger than file1 the result will be wrong
>>
>> If length was signed, problem 2 would not exist, and problem 1 would be more
>> likely to occur.  I think it's clear that signed lengths would work for more
>> possible realistic inputs.
> no, the problem 2 just becomes hidden. while the given code works most
> of the time, it is still broken.

So how would you solve problem 2?



More information about the Digitalmars-d mailing list