This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Signed int overflow behaviour in the security context

From: Robert Dewar <dewar at adacore dot com>
To: Richard Kenner <kenner at vlsi1 dot ultra dot nyu dot edu>
Cc: andreas at andreas dot org, gcc at gcc dot gnu dot org
Date: Thu, 25 Jan 2007 07:14:41 -0500
Subject: Re: Signed int overflow behaviour in the security context
References: <45B585D1.1080202@andreas.org> <m3ejpm8hk0.fsf@localhost.localdomain> <45B5C12C.4030003@andreas.org> <4aca3dc20701230845l48940calc762194cd5f029c8@mail.gmail.com> <45B64108.9020603@andreas.org> <m3ac097iy6.fsf@localhost.localdomain> <45B68F80.5080701@andreas.org> <10701240158.AA23895@vlsi1.ultra.nyu.edu> <ep70gd$ftg$1@sea.gmane.org> <10701241251.AA00849@vlsi1.ultra.nyu.edu> <20070124184618.GA6607@synopsys.com> <10701250009.AA16048@vlsi1.ultra.nyu.edu> <45B894F1.6000802@andreas.org> <10701251200.AA25124@vlsi1.ultra.nyu.edu>

Richard Kenner wrote:

You're misrepresenting the argument here.  This is not just about newly
written software, but also about software that already has been written.


There are multiple arguments here.  That comment of mine was addressing the
claim that somebody (I think you) made that stated that it was too much to
expect programmers writing security-critical code to understand these aspects
of C.

Once again, the discussion is not about the narrow class of security-critical applications, but a more general one about all software where security is a consideration.

I agree with all the arguments about legacy code, but I'm much less
tolerant of such arguments for NEW code.


new code is still written by legacy programmers. Compiler writers
are in the business of creating compilers that are useable, not just
ones that conform to the standard!

References:
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Ian Lance Taylor
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Daniel Berlin
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Ian Lance Taylor
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner
- Re: Signed int overflow behaviour in the security context
  - From: James Dennett
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner
- Re: Signed int overflow behaviour in the security context
  - From: Joe Buck
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner
- Re: Signed int overflow behaviour in the security context
  - From: Andreas Bogk
- Re: Signed int overflow behaviour in the security context
  - From: Richard Kenner

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]