[tor-bugs] #29537 [Core Tor/Tor]: verify intptr_t round-trip through void *

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 25 17:29:53 UTC 2019 

#29537: verify intptr_t round-trip through void *
----------------------------------------+----------------------------------
 Reporter:  catalyst                    |          Owner:  (none)
     Type:  defect                      |         Status:  needs_revision
 Priority:  Medium                      |      Milestone:  Tor:
                                        |  0.4.1.x-final
Component:  Core Tor/Tor                |        Version:
 Severity:  Normal                      |     Resolution:
 Keywords:  portability technical-debt  |  Actual Points:
Parent ID:                              |         Points:
 Reviewer:                              |        Sponsor:
----------------------------------------+----------------------------------

Comment (by catalyst):

 Replying to [comment:5 rl1987]:
 > Replying to [ticket:29537 catalyst]:
 > > Round-trip of `intptr_t` through `void *` isn't explicitly guaranteed
 by C99. There are implementation-defined behaviors for integer to `void
 *`, and vice versa. Only a round-trip of `void *` through `intptr_t` is
 guaranteed, not vice versa.
 >
 > Is that true though?
 >
 > From http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1256.pdf:
 >
 > >7.18.1.4 Integer types capable of holding object pointers
 > >1 The following type designates a signed integer type with the property
 that any valid
 > >pointer to void can be converted to this type, then converted back to
 pointer to void,
 > >and the result will compare equal to the original pointer:
 > >intptr_t
 > >The following type designates an unsigned integer type with the
 property that any valid
 > >pointer to void can be converted to this type, then converted back to
 pointer to void,
 > >and the result will compare equal to the original pointer:
 > >uintptr_t
 > >These types are optional.
 >
 > My reading of this is that it does guarantee the round-trip for all
 values between `INTPTR_MIN` and `INTPTR_MAX` provided that C
 implementation does have `intptr_t`. Or does C99 standard (which people
 are supposed to purchase from ISO) say differently?
 >
 >
 The quoted text guarantees to preserve values in conversions from `void *`
 to `intptr_t` back to `void *`. The text does not explicitly guarantee
 that conversions from `intptr_t` to `void *` back to `intptr_t` will
 preserve values. It's unlikely to be of practical importance at the
 moment, especially on platforms with a flat address space, but I've
 learned to never underestimate the cleverness of compiler optimizers.

 For example, some values of `intptr_t` might not map to a valid `void *`
 ("trap representation"), or multiple `intptr_t` values might map to the
 same `void *` (making the mapping non-invertible).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29537#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list