Problem : getdigits() currently returns a long, but at most places,
return value is casted (unsafely) into an int. Making casts
safe would introduce a lot of fuss in the form of assertions
checking for limits.
Note : We cannot just change return type to int, because, at some
places, legitimate long values are used. For example, in
diff.c, for line numbers.
Solution : Introduce new functions:
- get_digits() : Gets an intmax_t from a string.
- get_int_digits() : Wrapper for ints.
- get_long_digits() : Wrapper for longs.
And replace getdigits() invocations by the appropiate
wrapper invocations.
Remove all long_u instances due to put_bytes() function.
First, function signature is changed this way:
- nr : long_u --> uintmax_t
uintmax_t is chosen so that invocations can use any unsigned integer
type (including size_t) without needing to cast.
- len : int --> unsigned int
This is to pass the size in bytes of the previous param, thus an
unsigned int is enough. All invocations use positive integer
literals, so change is safe without the need for casts.
Then, function implementation is adapted accordingly.
Last, all invocation points are refactored this way:
- Refactor types to minimize casts.
- Inline declarations (C99 style) in containing function.
All this changes were done with -Wconversion temporarily activated for
spell.c and undo.c, so that we can assert changes are type-safe and do
not introduce any warnings to that respect.
By "simple pointer" I mean a pointer that can be freed with a call to `free`
without leaking any member pointer.
This macro does exactly what `ga_clear_strings` does.
Problem : Assigned value is garbage or undefined @ 12526.
Diagnostic : Multithreading issue.
Rationale : Error only occurs if global has_mbyte is modified while
function is executing.
Resolution : Use local copy of global.
Problem : Dereference of null pointer @ 6089.
Diagnostic : False positive / Real issue.
Rationale : From the code, it seems the intent is that len parameter
should never exceed SBLOCKSIZE. But the code checking for
that does in fact cause a null pointer dereference just
immediately after.
Resolution : State precondition in doc and assert it at entry.
Problem : Result of operation is garbage or undefined @ 5809.
Diagnostic : Real issue.
Rationale : When copying flags, first access to
`use_pfxlist[use_pfxlen]` was garbage if
`spin->si_compflags` was null.
Resolution : Make sure `use_pfxlist[use_pfxlen]` always has a value (NUL
if `spin->si_compflags` is NULL).
Problem : Uninitialized argument value @ 4469.
Diagnostic : Real issue.
Rationale : Happens when a line contains a spell info item (NAME, HOME,
VERSION, AUTHOR, EMAIL, COPYRIGHT), which expect a second
item, but then the second item is not present.
Resolution : Add guard (item count > 1) to failing branch.
Problem : Result of operation is garbage or undefined @ 2238.
Diagnostic : Real issue.
Rationale : Problem occurs when searching forward starting on an empty
line. This is, at 2127:
```
p = buf + skip;
endp = buf + len;
while (p < endp) {
```
when skip == 0, len == 0, implying p == endp and therefore
not entering the loop.
Under those conditions, comparison
```
if (attr == HLF_COUNT)
```
at line 2242 is really using a garbage value for `attr`.
Most of the time the error doesn't produce visible problems
as it only affects when dealing with wrapped words.
Resolution : Initialize `attr` at declaration to `HLF_COUNT`, which is
used in the code when no bad word found yet.
Problem : Argument with 'nonnull' attribute passed null @ 2118.
Diagnostic : False positive.
Rationale : Error happens when `if (buflen < len + MAXWLEN + 2) {` is
not entered on the first iteration, which cannot happen
because buflen is 0 on the first iteration, so the
condition should always hold.
Resolution : Assert existence of buffer with appropiate length after
conditional (which prevents previous error path).
Problem : Dead assignment @ 1602.
Diagnostic : Harmless issue.
Rationale : Code using this assignment (line 1666) was disabled. Vim's
tip at Wed Nov 12 13:07:54 2014 +0100 (changeset
6352:2f7bf5f90f57) hasn't changed this yet.
Resolution : Disable assignment. Directive processors are used for that
in order to match the way the other code was disabled.
Though this module is relatively small it has very clear boundaries.
The last argument for extracting `tempfile` was the errors which I got
when I was writing unittests for it: `cimport './src/nvim/fileio.h'`
does not work for some reason.
- temp_count is uint32_t now instead of long because it supposed to be
at most 999999999 (comment on line 5227) temporary files. The most
probably it was a long for compatibility with systems where int is
16-bit.
- Use "nvim" as prefix for temp folder name instead of "v"
- Remove unused parameter from vim_tempname
This macro is used to append an element to a growable array. It replaces this
common idiom:
ga_grow(&ga, 1);
((item_type *)ga.ga_data)[ga.ga_len] = item;
++ga.ga_len;
- The 'stripdecls.py' script replaces declarations in all headers by includes to
generated headers.
`ag '#\s*if(?!ndef NEOVIM_).*((?!#\s*endif).*\n)*#ifdef INCLUDE_GENERATED'`
was used for this.
- Add and integrate gendeclarations.lua into the build system to generate the
required includes.
- Add -Wno-unused-function
- Made a bunch of old-style definitions ANSI
This adds a requirement: all type and structure definitions must be present
before INCLUDE_GENERATED_DECLARATIONS-protected include.
Warning: mch_expandpath (path.h.generated.h) was moved manually. So far it is
the only exception.
As discussed in #694, vim encryption uses old,
obsolete algorithms that are poorly implemented.
Since insecure cryptography is worse than no
cryptgraphy, the community voted in favor of
removing all crypto.
Various alternatives to the old crypto is
being discussed in #701.
Closes#694.
Problem: Now that nvim/strings.h is correctly namespaced, an issue
that had been masked until now arises:
When compiling, we get a lot of errors because of everywhere
the functions in nvim/strings.h are used, there's no include
to import them.
But, how could this compile and work previously, then? It
turns out that:
- In every such case, we are also including vim.h, which in
turn includes os_unix_defs.h.
- os_unix_defs.h includes <string.h> and also <strings.h> in
some systems (e.g. OSX).
- Build had been modified previously to (even when importing
system headers), prefer equally-named local ones. That was
in fact done as a previous attempt to solve the same issue
we are trying to solve another way now.
So, we were including our "strings.h" as a side-effect of
including <strings.h> through "vim.h" --> "os_unix_defs.h".
Solution: Correctly include "nvim/strings.h" in every file needing it.
Move files from src/ to src/nvim/.
- src/nvim/ becomes the new root dir for nvim executable sources.
- src/libnvim/ is planned to become root dir of the neovim library.
