RtlPtrdiffTSub - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTINTSAFE_H_INCLUDED_
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM | WINAPI_PARTITION_GAMES)
/////////////////////////////////////////////////////////////////////////
//
// signed operations
//
// Strongly consider using unsigned numbers.
//
// Signed numbers are often used where unsigned numbers should be used.
// For example file sizes and array indices should always be unsigned.
// (File sizes should be 64bit integers; array indices should be size_t.)
// Subtracting a larger positive signed number from a smaller positive
// signed number with RtlIntSub will succeed, producing a negative number,
// that then must not be used as an array index (but can occasionally be
// used as a pointer index.) Similarly for adding a larger magnitude
// negative number to a smaller magnitude positive number.
//
// intsafe.h does not protect you from such errors. It tells you if your
// integer operations overflowed, not if you are doing the right thing
// with your non-overflowed integers.
//
// Likewise you can overflow a buffer with a non-overflowed unsigned index.
//
#if defined(ENABLE_INTSAFE_SIGNED_FUNCTIONS)
//
// ptrdiff_t Subtraction
//
#ifdef _WIN64
#define RtlPtrdiffTSub RtlLongLongSub
View code on GitHub#ifndef _NTINTSAFE_H_INCLUDED_
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP | WINAPI_PARTITION_SYSTEM | WINAPI_PARTITION_GAMES)
/////////////////////////////////////////////////////////////////////////
//
// signed operations
//
// Strongly consider using unsigned numbers.
//
// Signed numbers are often used where unsigned numbers should be used.
// For example file sizes and array indices should always be unsigned.
// (File sizes should be 64bit integers; array indices should be size_t.)
// Subtracting a larger positive signed number from a smaller positive
// signed number with RtlIntSub will succeed, producing a negative number,
// that then must not be used as an array index (but can occasionally be
// used as a pointer index.) Similarly for adding a larger magnitude
// negative number to a smaller magnitude positive number.
//
// intsafe.h does not protect you from such errors. It tells you if your
// integer operations overflowed, not if you are doing the right thing
// with your non-overflowed integers.
//
// Likewise you can overflow a buffer with a non-overflowed unsigned index.
//
#if defined(ENABLE_INTSAFE_SIGNED_FUNCTIONS)
//
// ptrdiff_t Subtraction
//
#ifdef _WIN64
// ...
#else
_Must_inspect_result_
__inline
NTSTATUS
RtlPtrdiffTSub(
_In_ ptrdiff_t Minuend,
_In_ ptrdiff_t Subtrahend,
_Out_ _Deref_out_range_(==, Minuend - Subtrahend) ptrdiff_t* pResult
)
{
C_ASSERT(sizeof(LONGLONG) > sizeof(ptrdiff_t));
return RtlLongLongToPtrdiffT(((LONGLONG)Minuend) - ((LONGLONG)Subtrahend), pResult);
}
View code on GitHub// ntintsafe.h
NTSTATUS RtlPtrdiffTSub(
[in] ptrdiff_t Minuend,
[in] ptrdiff_t Subtrahend,
[out] ptrdiff_t *pResult
);
View the official Windows Driver Kit DDI referenceNo description available.
Subtracts one value of type PTRDIFF_T from another.
Minuend [in]The value from which Subtrahend is subtracted.
Subtrahend [in]The value to subtract from Minuend.
pResult [out]A pointer to the result. If the operation results in a value that overflows or underflows the capacity of the type, the function returns STATUS_INTEGER_OVERFLOW and this parameter is not valid.
Returns STATUS_SUCCESS if the operation is successful.
See the implementation of this helper function in ntintsafe.h in the WDK for possible error return values.
This is one of a set of inline functions designed to provide arithmetic operations and perform validity checks with minimal impact on performance.