GCC 4 and signedness

Magnus Therning magnus at therning.org
Thu Sep 1 07:31:35 UTC 2005 

On Thu, Sep 01, 2005 at 03:46:42PM +1000, James Livingston wrote:
>On Wed, 2005-08-31 at 23:44 -0400, Dave Walker wrote:
>> I just updated breezy today, and noticed that GCC4 was being installed. 
>> Since it has been installed almost all the projects I have been working 
>> on, are getting at least 10
>> 
>> "pointer targets in passing argument 1 of 
>> ‘gaim_uri_list_extract_filenames’ differ in signedness"
>> 
>> or similar. My question is why is it complaining that, in an example of 
>> strcmp, I am comparing unsigned char* with a char*? The point is I don't 
>> care the sign, all I care about is if they are the same. Or am I missing 
>> a very simple thing about signedness?
>
>Comparing signed and unsigned values is normally a mistake, and
>potentially the source of some bugs. GCC 4 changed it so that warning
>about it is now the default. If you're sure that there are no problems
>with comparing things of different signedness, you can just stick some
>casts in.

There have been a few spectacular security holes due to signedness.
Having GCC4 warn about it is an improvement.

>If you compare their direct representations they are both 0xFF, and
>hence the same. However if they undergo type promotion to a wider type
>(e.g. a short) their representations will be 0x00FF and 0xFFFF, and
>hence not the same. Because type promotion can happens automatically
>(and AFAIK arbitrarily), the results of the comparison may depend on
>what the compiler feel like doing.

This type of implicit type conversion (or coercion) may seem arbitrary,
but it really isn't[1]. There seems to be an appendix on it in Bjarne's
book on C++, and I believe any good C or C++ book should have at least
a chapter devoted to the topic.

/M

1. http://publib.boulder.ibm.com/infocenter/macxhelp/index.jsp?topic=/com.ibm.vacpp6m.doc/language/ref/clrc06convns.htm

-- 
Magnus Therning                    (OpenPGP: 0xAB4DFBA4)
magnus at therning.org
http://therning.org/magnus

Software is not manufactured, it is something you write and publish.
Keep Europe free from software patents, we do not want censorship
by patent law on written works.

Wade's Maxim:
No one ever made money by typing.
     -- Wade Henessy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050901/dce5e583/attachment.sig>

More information about the ubuntu-users mailing list