Re: Public disclosure of discovered vulnerabilities

From: Bryan Olson (fakeaddress_at_nowhere.org)
Date: 05/31/05 

Date: Tue, 31 May 2005 07:16:17 GMT

Gregory G Rose wrote:
> Unless I'm very much mistaken, 'x' is a constant
> of type int, and will always have a positive
> value.

On that, I now believe you are "not mistaken", A.K.A. 'correct'.
It is a constant; it is of type int; and as a member of the
basic characters set, the standard implies it must have a
positive value, as Bodo pointed out.

The same is not true of '$'. It is a constant; it is of type
int; but (someone correct me if I'm wrong) the standard allows
it to have a negative value.

> It's only when it's assigned to a char
> variable, which may or may not be signed, that the
> problem creeps in.

In the case of a basic character set member such as 'x', there
is no such problem. In the case of '$', there is, and no
explicit assignment is required to exhibit the problem. One
might reasonably expect:

     ("$"[0] == '$')

to evaluate as true. Does the standard ensure it?

The case I got wrong was whether '0' could be a negative value.
Bodo showed that no, it must be positive. That surprised me
because it implies that no legal C implementation can do all of:

     use EBCDIC encoding for basic characters,

     use a char type that is signed,

     use a char type that is 8-bit.

Any two of those seem legal, all three are not. 

-- 
--Bryan

Relevant Pages

  • Re: Thou shalt have no other gods before the ANSI C standard
    ... > int32_t, for all intents and purposes, does not exist, since there is ... No standard header is "built into the language core". ... set as part of platform tailoring. ... An assumption that type int is at least 32 bits wide ...
    (sci.crypt)
  • Re: Linguistics and such
    ... The language is usually referred to as C. ... The C standard defines an "object" as a "region of data storage in the ... of type int, or float, or anything else. ...
    (comp.lang.c)
  • Re: What does ((time_t)-1) mean?
    ... The time function and the time_t type are standard C. ... could be a signed integer type, an unsigned integer type, or a ... -1, i.e., it converts the value from type int to type time_t. ... in particular, for some implementations ...
    (comp.lang.c)
  • Re: Can errno be a bitfield?
    ... of type int" that means you have to be able to take ... (Because bitfields have their own, ... something is not explicitly disallowed by the standard, ... If errno may be a bit-field (or declared with register storage, ...
    (comp.std.c)
  • Re: Preprocessor - can it make conditional decisions
    ... Can the proprocessor make conditional decisions. ... the functionality (not standard C!) ... (Note that assumes val is of type int; modify the cast if it's some other type. ...
    (comp.lang.c)
Quantcast