X-Git-Url: https://git.ozlabs.org/?p=ccan;a=blobdiff_plain;f=ccan%2Ftally%2Ftally.c;h=4e8876cc4aa5e2874fa83c1b341783e9811d0927;hp=0d0190795557b60ccfe8d73138dfda2baf99477d;hb=bf7539ac82df33522461561b4940600ae41c6e55;hpb=65c7607d7828bbb212dbbb8d82cd0bb0c5581faf

diff --git a/ccan/tally/tally.c b/ccan/tally/tally.c
index 0d019079..4e8876cc 100644
--- a/ccan/tally/tally.c
+++ b/ccan/tally/tally.c
@@ -1,4 +1,4 @@
-#include "config.h"
+/* Licensed under LGPLv3+ - see LICENSE file for details */
 #include <ccan/tally/tally.h>
 #include <ccan/build_assert/build_assert.h>
 #include <ccan/likely/likely.h>
@@ -7,6 +7,7 @@
 #include <string.h>
 #include <stdio.h>
 #include <assert.h>
+#include <stdlib.h>
 
 #define SIZET_BITS (sizeof(size_t)*CHAR_BIT)
 
@@ -24,29 +25,36 @@ struct tally *tally_new(unsigned buckets)
 	struct tally *tally;
 
 	/* There is always 1 bucket. */
-	if (buckets == 0)
+	if (buckets == 0) {
 		buckets = 1;
+	}
+
+	/* Overly cautious check for overflow. */
+	if (sizeof(*tally) * buckets / sizeof(*tally) != buckets) {
+		return NULL;
+	}
 
-	/* Check for overflow. */
-	if (buckets && SIZE_MAX / buckets < sizeof(tally->counts[0]))
+	tally = (struct tally *)malloc(
+		sizeof(*tally) + sizeof(tally->counts[0])*(buckets-1));
+	if (tally == NULL) {
 		return NULL;
-	tally = malloc(sizeof(*tally) + sizeof(tally->counts[0])*(buckets-1));
-	if (tally) {
-		tally->max = ((size_t)1 << (SIZET_BITS - 1));
-		tally->min = ~tally->max;
-		tally->total[0] = tally->total[1] = 0;
-		tally->buckets = buckets;
-		tally->step_bits = 0;
-		memset(tally->counts, 0, sizeof(tally->counts[0])*buckets);
 	}
+
+	tally->max = ((size_t)1 << (SIZET_BITS - 1));
+	tally->min = ~tally->max;
+	tally->total[0] = tally->total[1] = 0;
+	tally->buckets = buckets;
+	tally->step_bits = 0;
+	memset(tally->counts, 0, sizeof(tally->counts[0])*buckets);
 	return tally;
 }
 
 static unsigned bucket_of(ssize_t min, unsigned step_bits, ssize_t val)
 {
 	/* Don't over-shift. */
-	if (step_bits == SIZET_BITS)
+	if (step_bits == SIZET_BITS) {
 		return 0;
+	}
 	assert(step_bits < SIZET_BITS);
 	return (size_t)(val - min) >> step_bits;
 }
@@ -55,8 +63,9 @@ static unsigned bucket_of(ssize_t min, unsigned step_bits, ssize_t val)
 static ssize_t bucket_min(ssize_t min, unsigned step_bits, unsigned b)
 {
 	/* Don't over-shift. */
-	if (step_bits == SIZET_BITS)
+	if (step_bits == SIZET_BITS) {
 		return min;
+	}
 	assert(step_bits < SIZET_BITS);
 	return min + ((ssize_t)b << step_bits);
 }
@@ -64,8 +73,9 @@ static ssize_t bucket_min(ssize_t min, unsigned step_bits, unsigned b)
 /* Does shifting by this many bits truncate the number? */
 static bool shift_overflows(size_t num, unsigned bits)
 {
-	if (bits == 0)
+	if (bits == 0) {
 		return false;
+	}
 
 	return ((num << bits) >> 1) != (num << (bits - 1));
 }
@@ -78,8 +88,9 @@ static void renormalize(struct tally *tally,
 	unsigned int i, old_min;
 
 	/* Uninitialized?  Don't do anything... */
-	if (tally->max < tally->min)
+	if (tally->max < tally->min) {
 		goto update;
+	}
 
 	/* If we don't have sufficient range, increase step bits until
 	 * buckets cover entire range of ssize_t anyway. */
@@ -127,15 +138,17 @@ void tally_add(struct tally *tally, ssize_t val)
 		new_max = val;
 		need_renormalize = true;
 	}
-	if (need_renormalize)
+	if (need_renormalize) {
 		renormalize(tally, new_min, new_max);
+	}
 
 	/* 128-bit arithmetic!  If we didn't want exact mean, we could just
 	 * pull it out of counts. */
-	if (val > 0 && tally->total[0] + val < tally->total[0])
+	if (val > 0 && tally->total[0] + val < tally->total[0]) {
 		tally->total[1]++;
-	else if (val < 0 && tally->total[0] + val > tally->total[0])
+	} else if (val < 0 && tally->total[0] + val > tally->total[0]) {
 		tally->total[1]--;
+	}
 	tally->total[0] += val;
 	tally->counts[bucket_of(tally->min, tally->step_bits, val)]++;
 }
@@ -143,8 +156,9 @@ void tally_add(struct tally *tally, ssize_t val)
 size_t tally_num(const struct tally *tally)
 {
 	size_t i, num = 0;
-	for (i = 0; i < tally->buckets; i++)
+	for (i = 0; i < tally->buckets; i++) {
 		num += tally->counts[i];
+	}
 	return num;
 }
 
@@ -169,8 +183,9 @@ static unsigned fls64(uint64_t val)
 #endif
 	uint64_t r = 64;
 
-	if (!val)
+	if (!val) {
 		return 0;
+	}
 	if (!(val & 0xffffffff00000000ull)) {
 		val <<= 32;
 		r -= 32;
@@ -448,7 +463,7 @@ char *tally_histogram(const struct tally *tally,
 			largest_bucket = tally->counts[i];
 	}
 
-	p = graph = malloc(height * (width + 1) + 1);
+	p = graph = (char *)malloc(height * (width + 1) + 1);
 	if (!graph) {
 		free(tmp);
 		return NULL;