simon-git: halibut (main): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Mon Oct 4 18:56:43 BST 2021 

TL;DR:
  8c9ba73 Merge commit '9616af13cebcb9838e811bad7b0a1f821b307950' into main
  b9d7a7b gcc warning fixes: uninitialised variables.
  6c44ad3 gcc warning fix: expand sprintf buffer.
  14c07b1 gcc warning fix: early return from sfnt_getmap if table absent.
  884fc67 gcc warning fix: avoid strncpy in whlp_make_fontsection.

Repository:     https://git.tartarus.org/simon/halibut.git
On the web:     https://git.tartarus.org/?p=simon/halibut.git
Branch updated: main
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2021-10-04 18:56:43

commit 8c9ba73b52adf969813da1460e2cad48cd0db155
web diff https://git.tartarus.org/?p=simon/halibut.git;a=commitdiff;h=8c9ba73b52adf969813da1460e2cad48cd0db155;hp=52820e307b050c856d9318bb4cc5975d5709f05f
Merge: 52820e3 9616af1
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Oct 4 18:06:30 2021 +0100

    Merge commit '9616af13cebcb9838e811bad7b0a1f821b307950' into main

commit b9d7a7bd72402cc2322d5c5b2645d97d782df62d
web diff https://git.tartarus.org/?p=simon/halibut.git;a=commitdiff;h=b9d7a7bd72402cc2322d5c5b2645d97d782df62d;hp=8c9ba73b52adf969813da1460e2cad48cd0db155
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Oct 4 18:41:37 2021 +0100

    gcc warning fixes: uninitialised variables.
    
    These come up with gcc -O2 -Wall -Wextra.
    
    I didn't see anything actually serious here. Everything I could see
    that gcc is complaining about is uninitialised only on code paths that
    don't care about it anyway, of the usual kinds: one variable that's
    only accessed if another has a certain value, or a variable set in a
    loop that's guaranteed to run at least one iteration, or set in a
    switch that the compiler doesn't know is exhaustive.
    
    I've fixed them in various ways: sometimes adding an assert to prove
    (and check at run time) that the loop really does run at least once,
    sometimes just adding a harmless initialisation, and in one case (the
    variable 'type' in read_file()) breaking the variable up into
    sub-variables closer to their points of use.

 bk_paper.c | 12 ++++--------
 bk_pdf.c   | 11 ++++++++---
 bk_ps.c    |  2 ++
 input.c    | 32 ++++++++++++++++++--------------
 lz77.c     |  2 +-
 main.c     |  1 +
 tree234.c  |  1 +
 7 files changed, 35 insertions(+), 26 deletions(-)

commit 6c44ad3ae2ae0885a80c3839351ea26617088087
web diff https://git.tartarus.org/?p=simon/halibut.git;a=commitdiff;h=6c44ad3ae2ae0885a80c3839351ea26617088087;hp=b9d7a7bd72402cc2322d5c5b2645d97d782df62d
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Oct 4 18:45:46 2021 +0100

    gcc warning fix: expand sprintf buffer.
    
    I think it's unlikely that the glyph index could have gone high enough
    to overflow the previous buffer, but no harm in being sure.

 in_sfnt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 14c07b128defaab565f6c7faa2e325f14e74314f
web diff https://git.tartarus.org/?p=simon/halibut.git;a=commitdiff;h=14c07b128defaab565f6c7faa2e325f14e74314f;hp=6c44ad3ae2ae0885a80c3839351ea26617088087
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Oct 4 18:46:22 2021 +0100

    gcc warning fix: early return from sfnt_getmap if table absent.
    
    In this early error case, we'd report the error but then charge on
    through the rest of the function anyway with uninitialised variables.

 in_sfnt.c | 1 +
 1 file changed, 1 insertion(+)

commit 884fc67a2feda365ae0c4dfa5b462806a8a4c913
web diff https://git.tartarus.org/?p=simon/halibut.git;a=commitdiff;h=884fc67a2feda365ae0c4dfa5b462806a8a4c913;hp=14c07b128defaab565f6c7faa2e325f14e74314f
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Oct 4 18:47:10 2021 +0100

    gcc warning fix: avoid strncpy in whlp_make_fontsection.
    
    Annoyingly, gcc 10's -Wstringop-truncation has made strncpy
    essentially useless.
    
    The one thing it's actually _useful_ for is filling up fixed-length
    string fields with the semantics 'may fill the whole buffer if the
    string is maximally long, but must be NUL-terminated if it's any
    shorter', such as the ones in Unix structures like 'struct passwd' or
    'struct dirent', or (in this case) one of the fields in a Windows .HLP
    file subtable. In these situations, strncpy(buf, string, bufsize)
    fills in the buffer just as you'd like, with the bonus of avoiding
    leaving nondeterministic cruft after the NUL if the string is shorter
    than n-1 bytes.
    
    But it's in exactly that situation where gcc warns about it, because
    it might not NUL-terminate the output buffer. gcc would rather you
    used it in situations where you always had to NUL-terminate your
    string, in which case it's not what you wanted anyway because the
    trailing NUL-padding makes it too slow!

 winhelp.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

More information about the tartarus-commits mailing list