Commit 86b522bdefafc0c4fda7d79e67ede7595de7544c
2019-01-20T14:27:57
Merge pull request #4945 from libgit2/ethomson/fix-intrinsics Add/multiply with overflow tweaks
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79
diff --git a/src/integer.h b/src/integer.h
index 30528db..10b1097 100644
--- a/src/integer.h
+++ b/src/integer.h
@@ -42,34 +42,44 @@ GIT_INLINE(int) git__is_int(long long p)
return p == (long long)r;
}
-/**
- * Sets `one + two` into `out`, unless the arithmetic would overflow.
- * @return true if the result fits in a `uint64_t`, false on overflow.
- */
-GIT_INLINE(bool) git__add_uint64_overflow(uint64_t *out, uint64_t one, uint64_t two)
-{
- if (UINT64_MAX - one < two)
- return true;
- *out = one + two;
- return false;
-}
-
/* Use clang/gcc compiler intrinsics whenever possible */
-#if (SIZE_MAX == ULONG_MAX) && __has_builtin(__builtin_uaddl_overflow)
-# define git__add_sizet_overflow(out, one, two) \
- __builtin_uaddl_overflow(one, two, out)
-# define git__multiply_sizet_overflow(out, one, two) \
- __builtin_umull_overflow(one, two, out)
-#elif (SIZE_MAX == UINT_MAX) && __has_builtin(__builtin_uadd_overflow)
+#if (__has_builtin(__builtin_add_overflow) || \
+ (defined(__GNUC__) && (__GNUC__ >= 5)))
+
+# if (SIZE_MAX == UINT_MAX)
+# define git__add_sizet_overflow(out, one, two) \
+ __builtin_uadd_overflow(one, two, out)
+# define git__multiply_sizet_overflow(out, one, two) \
+ __builtin_umul_overflow(one, two, out)
+# elif (SIZE_MAX == ULONG_MAX)
+# define git__add_sizet_overflow(out, one, two) \
+ __builtin_uaddl_overflow(one, two, out)
+# define git__multiply_sizet_overflow(out, one, two) \
+ __builtin_umull_overflow(one, two, out)
+# elif (SIZE_MAX == ULLONG_MAX)
+# define git__add_sizet_overflow(out, one, two) \
+ __builtin_uaddll_overflow(one, two, out)
+# define git__multiply_sizet_overflow(out, one, two) \
+ __builtin_umulll_overflow(one, two, out)
+# else
+# error compiler has add with overflow intrinsics but SIZE_MAX is unknown
+# endif
+
+/* Use Microsoft's safe integer handling functions where available */
+#elif defined(_MSC_VER)
+
+# include <intsafe.h>
+
# define git__add_sizet_overflow(out, one, two) \
- __builtin_uadd_overflow(one, two, out)
+ (SizeTAdd(one, two, out) != S_OK)
# define git__multiply_sizet_overflow(out, one, two) \
- __builtin_umul_overflow(one, two, out)
+ (SizeTMult(one, two, out) != S_OK)
+
#else
/**
* Sets `one + two` into `out`, unless the arithmetic would overflow.
- * @return true if the result fits in a `size_t`, false on overflow.
+ * @return false if the result fits in a `size_t`, true on overflow.
*/
GIT_INLINE(bool) git__add_sizet_overflow(size_t *out, size_t one, size_t two)
{
@@ -81,7 +91,7 @@ GIT_INLINE(bool) git__add_sizet_overflow(size_t *out, size_t one, size_t two)
/**
* Sets `one * two` into `out`, unless the arithmetic would overflow.
- * @return true if the result fits in a `size_t`, false on overflow.
+ * @return false if the result fits in a `size_t`, true on overflow.
*/
GIT_INLINE(bool) git__multiply_sizet_overflow(size_t *out, size_t one, size_t two)
{