[MPlayer-dev-eng] [PATCH] fix SAMI parsing

Howard Chu hyc at highlandsun.com
Tue Jun 8 08:47:46 CEST 2010 

Reimar Döffinger wrote:
> On Mon, Jun 07, 2010 at 03:29:20PM -0700, Howard Chu wrote:
>> I respect your attention to detail and security-consciousness. I
>> don't respect your treatment of this topic with superstition,
>> instead of facts.
>> I gave you solid facts - a binary number read from a base16 string
>> cannot overflow the original space - and you're the one handwaving
>> them away.
>>
>> You gave a completely valid criticism - negative numbers need to be
>> checked. Unicode is only defined for 0-0x7fffffff, i.e., positive
>> only, and I've addressed that. The rest is just superstition.
>
> You've addressed one specific issue I gave, without changing your
> argument one bit despite it having failed before.
> Where do you suddenly get the confidence that your way of arguing
> should suddenly work now since it failed once?
> I agree you are very, very, very likely right, but repeating an
> argument that has already been shown to be insufficient as "proof"
> does not make it a proof.

It is not an argument, or a belief, or an opinion. It is a simple fact. 
Whether I am confident or not doesn't change the facts. Converting a textual 
representation of a positive integer into binary will always use fewer bits 
than the original text. It amazes me that this even needs to be discussed.

Even in hexadecimal - one digit stores 16 values or 4 bits. But each digit is 
represented by an entire octet, 8 bits. So naturally going from character 
representation to binary, the space required will decrease by half. Number 
bases smaller than 16 store even fewer bits per digit. How can you dispute 
these facts?

In the worst case, converting "0x7fffffff" to UTF-8 takes 6 bytes while 
"0x7fffffff" is obviously 10 bytes. These are inherent properties of 
arithmetic, not opinions or beliefs. If you want to argue against this you 
might as well argue against Earth's gravity.

> And since I suspect nobody really wants to waste the time doing it
> properly (e.g. I am not certain what strange strtoul implementations
> may exist in addition, probably they keep to the specification on
> all supported systems or deviate in a way that does not matter here,
> who knows), I suggested a rather simple solution.

strtoul() is specified in ANSI and a bunch of other C standards. If you can't 
rely on its behavior on a given platform then probably none of your software 
will work on that platform anyway.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the MPlayer-dev-eng mailing list