Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING

None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475.

Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
43ffd023 · Nick Mathewson · e9858359 · 43ffd023 · 43ffd023 · 43ffd023
Commit 43ffd023 authored 14 years ago by Nick Mathewson
--- a/changes/bug2475
+++ b/changes/bug2475
+  o Minor bugfixes:
+    - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned.
+      (None of the cases where we did this before were wrong, but by making
+      this change we can avoid warnings.)  Fixes bug2475; bugfix on
+      Tor 0.2.1.28.
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -452,7 +452,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,

  tor_assert(env);
  tor_assert(s);
-  tor_assert(len < INT_MAX && len < SIZE_T_CEILING);
+  tor_assert(len < INT_MAX && len < SSIZE_T_CEILING);

  /* Create a read-only memory BIO, backed by the string 's' */
  b = BIO_new_mem_buf((char*)s, (int)len);

--- a/src/common/torint.h
+++ b/src/common/torint.h
@@ -330,8 +330,10 @@ typedef uint32_t uintptr_t;
 #endif
 #endif

+/* Any ssize_t larger than this amount is likely to be an underflow. */
+#define SSIZE_T_CEILING ((ssize_t)(SSIZE_T_MAX-16))
 /* Any size_t larger than this amount is likely to be an underflow. */
-#define SIZE_T_CEILING (SSIZE_T_MAX-16)
+#define SIZE_T_CEILING  ((size_t)(SSIZE_T_MAX-16))

 #endif /* __TORINT_H */