nethack-gwaa-kiwi/nethack
1
0
Fork 0
Code Pull Requests Activity

redo nowrap_add()

Browse Source 
Yahoo!'s mailer delivered the report about nowrap_add() to my spam
folder, apparently because it thinks that the signature attachments
"may contain harmful content".  :-(

nowrap_add() checks for signed overflow after the fact, so after
undefined behavior if that happens.

This rewrites nowrap_add() and moves it from end.c to integer.h.

I haven't generated any values big enough to exercise it, but the
algorithm is straightforward so I'll take it on faith.
This commit is contained in:
PatR
2024-07-07 17:34:37 -07:00
parent 0447a1f107
commit 8073c40477
3 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
include/integer.h
View File

@@ -1,4 +1,4 @@
/* NetHack 3.7 integer.h $NHDT-Date: 1717967331 2024/06/09 21:08:51 $ $NHDT-Branch: NetHack-3.7 $:$NHDT-Revision: 1.12 $ */
/* NetHack 3.7 integer.h $NHDT-Date: 1720397754 2024/07/08 00:15:54 $ $NHDT-Branch: NetHack-3.7 $:$NHDT-Revision: 1.13 $ */
/* Copyright (c) 2016 by Michael Allison */
/* NetHack may be freely redistributed. See license for details. */
@@ -110,4 +110,9 @@ typedef uint64_t uint64;
? (L) * 10L + (D) \
: -1L)
/* add a and b, return max long value if overflow would have occurred;
assumes that both a and b are non-negative; caller should apply
cast(s) to (long) in the arguments if any are needed */
#define nowrap_add(a,b) ((a) <= (LONG_MAX - (b)) ? ((a) + (b)) : LONG_MAX)
#endif /* INTEGER_H */