![]() |
Exiv2
|
Helper functions for providing integer overflow checks. More...
Functions | |
template<typename T > | |
bool | fallback_add_overflow (T summand_1, T summand_2, T &result) |
Check the addition of two numbers for overflows for signed integer types larger than int or with the same size as int. | |
template<typename T > | |
bool | builtin_add_overflow (T summand_1, T summand_2, T &result) |
Overflow addition check using compiler intrinsics. | |
Helper functions for providing integer overflow checks.
This namespace contains internal helper functions fallback_$op_overflow and builtin_$op_overflow (where $op is an arithmetic operation like add, subtract, etc.). Both provide the following interface:
bool fallback/builtin_$op_overflow(T first, T second, T& result);
where T is an integer type.
Each function performs checks whether first $op second can be safely performed without overflows. If yes, the result is saved in result and false is returned. Otherwise true is returned and the contents of result are unspecified.
fallback_$op_overflow implements a portable but slower overflow check. builtin_$op_overflow uses compiler builtins (when available) and should be faster. As builtins are not available for all types, builtin_$op_overflow falls back to fallback_$op_overflow when no builtin is available.
bool Safe::Internal::builtin_add_overflow | ( | T | summand_1, |
T | summand_2, | ||
T & | result | ||
) |
Overflow addition check using compiler intrinsics.
This function behaves exactly like fallback_add_overflow() but it relies on compiler intrinsics instead. This version should be faster than the fallback version as it can fully utilize available CPU instructions & the compiler's diagnostic.
However, as some compilers don't provide intrinsics for certain types, the default implementation is the version from fallback.
This function is fully specialized for each compiler.
References fallback_add_overflow().
Referenced by Safe::add().
bool Safe::Internal::fallback_add_overflow | ( | T | summand_1, |
T | summand_2, | ||
T & | result | ||
) |
Check the addition of two numbers for overflows for signed integer types larger than int or with the same size as int.
This function performs a check if summand_1 + summand_2 would overflow and returns true in that case. If no overflow occurs, the sum is saved in result and false is returned.
[in] | summand_1 | The summand with is added |
[in] | summand_2 | The summand with is added |
[out] | result | Result of the addition, only populated when no overflow occurs. |
Further information: https://wiki.sei.cmu.edu/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow https://wiki.sei.cmu.edu/confluence/display/c/INT02-C.+Understand+integer+conversion+rules https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap
Referenced by builtin_add_overflow().