Fixed safeguard calculation in ftell().

author solar <solar@546481bc-9713-0410-bf18-d3337bbf4a3e>

Tue, 14 Dec 2010 06:16:35 +0000 (06:16 +0000)

committer solar <solar@546481bc-9713-0410-bf18-d3337bbf4a3e>

Tue, 14 Dec 2010 06:16:35 +0000 (06:16 +0000)
author solar <solar@546481bc-9713-0410-bf18-d3337bbf4a3e>
Tue, 14 Dec 2010 06:16:35 +0000 (06:16 +0000)
committer solar <solar@546481bc-9713-0410-bf18-d3337bbf4a3e>
Tue, 14 Dec 2010 06:16:35 +0000 (06:16 +0000)
diff --git a/functions/stdio/ftell.c b/functions/stdio/ftell.c

index e392a8b1f01de37121a2683c6a8ab2643f4d326d..29c360a2fd55d82f1d8569c67c6c3332e5f7fef2 100644 (file)
--- a/functions/stdio/ftell.c
+++ b/functions/stdio/ftell.c
@@ -28,12 +28,11 @@ long int ftell( struct _PDCLIB_file_t * stream )
             i.e. unprocessed bytes as positive number.
         That is how the somewhat obscure return-value calculation works.
      */
-    /* If offset is too large for return type, report error instead of wrong
-       offset value. Buffers may not be larger than INT_MAX so the casts are
-       safe.
+    /*  If offset is too large for return type, report error instead of wrong
+        offset value.
      */
-    /* FIXME: This calculation *underflows* when offset smaller than pre-read */
-    if ( ( stream->pos.offset - ( (int)stream->bufend + (int)stream->ungetidx ) ) > ( LONG_MAX - stream->bufidx ) )
+    /* TODO: Check what happens when ungetc() is called on a stream at offset 0 */
+    if ( ( stream->pos.offset - stream->bufend ) > ( LONG_MAX - ( stream->bufidx - stream->ungetidx ) ) )
      {
          /* integer overflow */
          _PDCLIB_errno = _PDCLIB_ERANGE;
author	solar <solar@546481bc-9713-0410-bf18-d3337bbf4a3e>
	Tue, 14 Dec 2010 06:16:35 +0000 (06:16 +0000)
committer	solar <solar@546481bc-9713-0410-bf18-d3337bbf4a3e>
	Tue, 14 Dec 2010 06:16:35 +0000 (06:16 +0000)