This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Signed int overflow behaviour in the security context

From: kenner at vlsi1 dot ultra dot nyu dot edu (Richard Kenner)
To: andreas at andreas dot org
Cc: gcc at gcc dot gnu dot org
Date: Thu, 25 Jan 2007 07:00:38 EST
Subject: Re: Signed int overflow behaviour in the security context
References: <45B585D1.1080202@andreas.org> <m3ejpm8hk0.fsf@localhost.localdomain> <45B5C12C.4030003@andreas.org> <4aca3dc20701230845l48940calc762194cd5f029c8@mail.gmail.com> <45B64108.9020603@andreas.org> <m3ac097iy6.fsf@localhost.localdomain> <45B68F80.5080701@andreas.org> <10701240158.AA23895@vlsi1.ultra.nyu.edu> <ep70gd$ftg$1@sea.gmane.org> <10701241251.AA00849@vlsi1.ultra.nyu.edu> <20070124184618.GA6607@synopsys.com> <10701250009.AA16048@vlsi1.ultra.nyu.edu> <45B894F1.6000802@andreas.org>

> You're misrepresenting the argument here.  This is not just about newly
> written software, but also about software that already has been written.

There are multiple arguments here.  That comment of mine was addressing the
claim that somebody (I think you) made that stated that it was too much to
expect programmers writing security-critical code to understand these aspects
of C.

I agree with all the arguments about legacy code, but I'm much less
tolerant of such arguments for NEW code.

Follow-Ups:
- Re: Signed int overflow behaviour in the security context
  - From: Robert Dewar
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk

References:
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Ian Lance Taylor
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Daniel Berlin
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Ian Lance Taylor
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner
- Re: Signed int overflow behaviour in the security context
  - From: James Dennett
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner
- Re: Signed int overflow behaviour in the security context
  - From: Joe Buck
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]