shithub: puzzles

Info  •  Files  •  Log  •  Branches

Add a macro of an upper bound on the formatted length of an integer

There are lots of places where Puzzles formats integers into
fixed-length buffers using sprintf() with a "%d" format.  This isn't
very safe, since C doesn't guarantee any particular maximum size for an
"int".  However, the restrictions on representations of integers means
we can infer an upper bound using sizeof(), CHAR_BIT, and an
approximation to the binary log of 10.

--- a/devel.but

+++ b/devel.but

@@ -4819,6 +4819,17 @@

 These macros may evaluate their arguments multiple times. Avoid side

 effects.

+\S{utils-max-digits} \cw{MAX_DIGITS()}

+

+The \cw{MAX_DIGITS()} macro, defined in the main Puzzles header file,

+takes a type (or a variable of that type) and expands to an integer

+constant representing a reasonable upper bound on the number of

+characters that a number of that type could expand to when formatted

+as a decimal number using the \c{%u} or \c{%d} format of

+\cw{printf()}.  This is useful for allocating a fixed-size buffer

+that's guaranteed to be big enough to \cw{sprintf()} a value into.

+Don't forget to add one for the trailing \cw{'\\0'}!

+

 \S{utils-pi} \cw{PI}

 The main Puzzles header file defines a macro \cw{PI} which expands

--- a/puzzles.h

+++ b/puzzles.h

@@ -18,6 +18,9 @@

 #define STR_INT(x) #x

 #define STR(x) STR_INT(x)

+/* An upper bound on the length of sprintf'ed integers (signed or unsigned). */

+#define MAX_DIGITS(x) (sizeof(x) * CHAR_BIT / 3 + 2)

+

 /* NB not perfect because they evaluate arguments multiple times. */

 #ifndef max

 #define max(x,y) ( (x)>(y) ? (x) : (y) )