PATCH: off-by-one error in gas/sb.c

PATCH: off-by-one error in gas/sb.c

[Ben Elliston]

While converting an assertion of the form `if (cond) abort ();' to use
assert (), I noticed an off-by-one error in sb_build.

free_list is a variable of type sb_list_vector.  An sb_list_vector is
essentially a fixed array of pointers to sb_elements.  The dimension
of that array is controlled by sb_max_power_two in sb.h.

The array is indexed by `size' just beneath the assertion, so the
index had better be less than sb_max_power_two, not less than or equal
to it!  Okay for mainline?

Ben

Index: sb.c
===================================================================
RCS file: /cvs/src/src/gas/sb.c,v
retrieving revision 1.12
diff -u -p -r1.12 sb.c
--- sb.c        18 May 2005 05:40:07 -0000      1.12
+++ sb.c        2 May 2006 01:38:26 -0000
@@ -66,8 +66,7 @@ sb_build (sb *ptr, int size)
   /* See if we can find one to allocate.  */
   sb_element *e;
 
-  if (size > sb_max_power_two)
-    abort ();
+  assert (size < sb_max_power_two);
 
   e = free_list.size[size];
   if (!e)

Re: PATCH: off-by-one error in gas/sb.c

[Ben Elliston]

> Okay for mainline?

Oops, forgot to include the ChangeLog entry:

2006-05-02  Ben Elliston  <bje@au.ibm.com>

	* sb.c (sb_build): Fix off-by-one error in assertion about `size'.

Re: PATCH: off-by-one error in gas/sb.c

[Alan Modra]

On Tue, May 02, 2006 at 11:46:37AM +1000, Ben Elliston wrote:
> 	* sb.c (sb_build): Fix off-by-one error in assertion about `size'.

OK.  While you're at it, move the sb_list_vector typedef from sb.h to
sb.c to make the size assertion really obvious.

-- 
Alan Modra
IBM OzLabs - Linux Technology Centre

Re: PATCH: off-by-one error in gas/sb.c

[Ben Elliston]

> OK.  While you're at it, move the sb_list_vector typedef from sb.h
> to sb.c to make the size assertion really obvious.

Here's what I'm comitting.  Thanks.

2006-05-02  Ben Elliston  <bje@au.ibm.com>

	* sb.h (sb_list_vector): Move to sb.c.
	* sb.c (free_list): Use type of sb_list_vector directly.
	(sb_build): Fix off-by-one error in assertion about `size'.

Index: sb.h
===================================================================
RCS file: /cvs/src/src/gas/sb.h,v
retrieving revision 1.12
diff -u -p -r1.12 sb.h
--- sb.h        18 May 2005 05:40:07 -0000      1.12
+++ sb.h        2 May 2006 03:35:15 -0000
@@ -70,14 +70,6 @@ typedef struct le
 }
 sb_element;
 
-/* The free list.  */
-
-typedef struct
-{
-  sb_element *size[sb_max_power_two];
-}
-sb_list_vector;
-
 extern void sb_new (sb *);
 extern void sb_kill (sb *);
 extern void sb_add_sb (sb *, sb *);
Index: sb.c
===================================================================
RCS file: /cvs/src/src/gas/sb.c,v
retrieving revision 1.12
diff -u -p -r1.12 sb.c
--- sb.c        18 May 2005 05:40:07 -0000      1.12
+++ sb.c        2 May 2006 03:35:15 -0000
@@ -56,7 +56,10 @@ static void sb_check (sb *, int);
 static int string_count[sb_max_power_two];
 
 /* Free list of sb structures.  */
-static sb_list_vector free_list;
+static struct
+{
+  sb_element *size[sb_max_power_two];
+} free_list;
 
 /* Initializes an sb.  */
 
@@ -66,8 +69,7 @@ sb_build (sb *ptr, int size)
   /* See if we can find one to allocate.  */
   sb_element *e;
 
-  if (size > sb_max_power_two)
-    abort ();
+  assert (size < sb_max_power_two);
 
   e = free_list.size[size];
   if (!e)