* bidi.c (bidi_mirror_char): Put eassert before conversion to int.

This avoids undefined behavior that might cause the eassert
to not catch an out-of-range value.

diff --git a/src/ChangeLog b/src/ChangeLog
index 8a625602bbce341737cea145b0f9a4106ec75bb7..f4447da7010704a48cd2e64c179e82162d97b0b9 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2012-05-28  Paul Eggert  <eggert@cs.ucla.edu>
+
+       * bidi.c (bidi_mirror_char): Put eassert before conversion to int.
+       This avoids undefined behavior that might cause the eassert
+       to not catch an out-of-range value.
+
 2012-05-28  Juanma Barranquero  <lekktu@gmail.com>
 
        * makefile.w32-in ($(BLD)/w32inevt.$(O), $(BLD)/w32console.$(O)):

diff --git a/src/bidi.c b/src/bidi.c
index 29abfb9083889a9f93b89ecf04fa799b0f86b5c5..7a716d3f0b0687cc11f66994d18688bcfe0c6c9b 100644 (file)
--- a/src/bidi.c
+++ b/src/bidi.c
@@ -204,12 +204,14 @@ bidi_mirror_char (int c)
   val = CHAR_TABLE_REF (bidi_mirror_table, c);
   if (INTEGERP (val))
     {
-      int v = XINT (val);
+      int v;
 
-      /* In a build with extra checks, make sure the value does not
-        overflow a 32-bit int.  */
+      /* When debugging, check before assigning to V, so that the check
+        isn't broken by undefined behavior due to int overflow.  */
       eassert (CHAR_VALID_P (XINT (val)));
 
+      v = XINT (val);
+
       /* Minimal test we must do in optimized builds, to prevent weird
         crashes further down the road.  */
       if (v < 0 || v > MAX_CHAR)