Tell people to be careful about loops like

for (guint8 = 0; guint8 < guint; guint8++) (one of which recently caused an infinite loop with a fuzzed packet in the buildbot). svn path=/trunk/; revision=33639
author: Guy Harris <guy@alum.mit.edu> 2010-07-27 01:06:10 +0000
committer: Guy Harris <guy@alum.mit.edu> 2010-07-27 01:06:10 +0000
commit: 9f4c3409b20a8dc6c3560db82faba6b45fab824f (patch)
tree: f30203766d28a4f3ebe828615bb7f86a3fdd97c7 /doc/README.developer
parent: 36044cd2983eb302693e1b6ee38887ccf4b4e135 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/README.developer b/doc/README.developer
index f6af1ee373..ba94c68b5f 100644
--- a/doc/README.developer
+++ b/doc/README.developer
@@ -627,6 +627,17 @@ the length was added to it, if the length field is greater than 24 bits
 long, so that, if the length value is *very* large and adding it to the
 offset causes an overflow, that overflow is detected.
 
+If you have a
+
+	for (i = {start}; i < {end}; i++)
+
+loop, make sure that the type of the loop index variable is large enough
+to hold the maximum {end} value plus 1; otherwise, the loop index
+variable can overflow before it ever reaches its maximum value.  In
+particular, be very careful when using gint8, guint8, gint16, or guint16
+variables as loop indices; you almost always want to use an "int"/"gint"
+or "unsigned int"/"guint" as the loop index rather than a shorter type.
+
 If you are fetching a length field from the buffer, corresponding to the
 length of a portion of the packet, and subtracting from that length a
 value corresponding to the length of, for example, a header in the
author	Guy Harris <guy@alum.mit.edu>	2010-07-27 01:06:10 +0000
committer	Guy Harris <guy@alum.mit.edu>	2010-07-27 01:06:10 +0000
commit	9f4c3409b20a8dc6c3560db82faba6b45fab824f (patch)
tree	f30203766d28a4f3ebe828615bb7f86a3fdd97c7 /doc/README.developer
parent	36044cd2983eb302693e1b6ee38887ccf4b4e135 (diff)