Suspicous code in kdelibs-3.5.2

Christoph Bartoschek bartoschek at gmx.de
Wed Apr 5 20:16:41 BST 2006


Am Mittwoch, 5. April 2006 21:01 schrieb Kuba Ober:
> > I guess you mean bm[29][0], because bm[29] = 1 gives an compiler
> > error:
> >
> > No. The 15th element in the second row would be bm[0][29]
> > For an array[16][16] the position bm[i][j] is equal to *(bm +
> > i*16+j)
> > Here code that shows the fact:
>
> That code shows that this is what the implementation does. It does not show
> (it cannot!) that this is what the C++ standard mandates. So it's a fact
> for the particular implementation, and that's the extent of what you've
> shown.

The code shows that there is an implementation where bm[29][0] accesses memory 
beyond the array bounds.

However the standard mandates in 8.3.4 as pointed out by  Stefan Teleman that 
bm[29][0] is indeed an access after the array bounds. An

int arr[10][5]

is an array of 10 arrays of 5 ints. The first int after this array can be 
accessed by arr[10][0];

The position is calculated as  (arr +  10* sizeof (int[5])) + 0 * sizeof(int).

Christoph




More information about the kde-core-devel mailing list