[tree-ssa] Removing useless/redundant "const" calls
Fergus Henderson
fjh@cs.mu.oz.au
Thu Jun 12 18:32:00 GMT 2003
On 13-Jun-2003, Fergus Henderson <fjh@cs.mu.OZ.AU> wrote:
> On 12-Jun-2003, Zack Weinberg <zack@codesourcery.com> wrote:
> > Fergus Henderson <fjh@cs.mu.oz.au> writes:
> > > Doing that would violate the C standard, and would potentially create
> > > security holes. Consider, for example:
> > >
> > > #define ARRAY_SIZE 10
> > > int array[ARRAY_SIZE];
> > >
> > > void checkbounds(int arg) {
> > > if (arg < 0) abort();
> > > if (arg > ARRAY_SIZE) abort();
> > > }
> > >
> > > int set_array(int posn, int val) {
> > > checkbounds(posn);
> > > array[posn] = val;
> > > }
> >
> > checkbounds() returns no value, so it must be used for its side
> > effects, so it isn't pure.
>
> OK, so make the example program slightly different:
>
> #define ARRAY_SIZE 10
> int array[ARRAY_SIZE];
>
> | int checkbounds(int arg) {
> if (arg < 0) abort();
> if (arg > ARRAY_SIZE) abort();
> | return arg;
> }
>
> int set_array(int posn, int val) {
> | array[checkbounds(posn)] = val;
> }
Sorry, I screwed that up again. The definition of set_array()
should be as in the original example.
--
Fergus Henderson <fjh@cs.mu.oz.au> | "I have always known that the pursuit
The University of Melbourne | of excellence is a lethal habit"
WWW: <http://www.cs.mu.oz.au/~fjh> | -- the last words of T. S. Garp.
More information about the Gcc-patches
mailing list