Re: [PATCH v2 0/1] MR7231: rpcrt4: Change some buffer wrap checks to satisfy Clang 20.

17 Feb 2025


      Jacek Caban (@jacek) commented about dlls/rpcrt4/ndr_marshall.c:
...

to do so */

static inline void safe_copy_from_buffer(MIDL_STUB_MESSAGE *pStubMsg, void *p, ULONG size)
 {

if ((pStubMsg->Buffer + size < pStubMsg->Buffer) || /* integer overflow of pStubMsg->Buffer */
   (pStubMsg->Buffer + size > pStubMsg->BufferEnd))


if (size > (SIZE_T)(pStubMsg->BufferEnd - pStubMsg->Buffer)) /* integer overflow of pStubMsg->Buffer */

The Clang warning comes from the fact that unsigned (and, by extension, pointer) overflow is undefined behavior in C, and this subtraction is technically the same situation.
I suppose we could first check that `BufferEnd` is not smaller than `Buffer` and then perform the comparison as you did, but without the `SIZE_T` cast.
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/7231#note_94871

2025

2024

2023

2022

Re: [PATCH v2 0/1] MR7231: rpcrt4: Change some buffer wrap checks to satisfy Clang 20.