Commit e4ce8c01 authored by Poul-Henning Kamp's avatar Poul-Henning Kamp

In C enums are integertyped, but it is up to the compiler to decide

if they are signed or unsigned.

Range-check enums is sound programming practice, but that concept
seems to be beyond the imagination of certain compiler people:

   vhp_decode.c:96:2: error: comparison of unsigned expression >= 0 is always true [-Werror=type-limits]

Add a dummy "MIN" value to the enum, give it value -1 to force
the compiler to use signed ints for the enum, and then check
that they're never negative.
parent f176f05c
......@@ -70,6 +70,7 @@ enum vhd_func_e {
/* States */
enum vhd_state_e {
VHD_S__MIN = -1,
#define VHD_FSM(STATE, FUNC, arg1, arg2) \
VHD_S_##STATE,
#include "tbl/vhd_fsm.h"
......@@ -93,7 +94,7 @@ static void
vhd_set_state(struct vhd_decode *d, enum vhd_state_e state)
{
AN(d);
assert(state >= 0 && state < VHD_S__MAX);
assert(state > VHD_S__MIN && state < VHD_S__MAX);
d->state = state;
d->first = 1;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment