This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Integer overflow in operator new

From: "Andrew Pinski" <pinskia at gmail dot com>
To: "Karl Chen" <quarl at cs dot berkeley dot edu>
Cc: "J.C. Pizarro" <jcpiza at gmail dot com>, gcc at gcc dot gnu dot org
Date: Fri, 6 Apr 2007 15:57:30 -0700
Subject: Re: Integer overflow in operator new
References: <quack.20070406T0840.lthfy7d1pfs@roar.cs.berkeley.edu> <998d0e4a0704061535n4920c859jf7737c778532e66e@mail.gmail.com> <quack.20070406T1545.lthd52hazqj@roar.cs.berkeley.edu>

On 4/6/07, Karl Chen <quarl@cs.berkeley.edu> wrote:

Regarding negatives, I believe 'operator new' takes a size_t,
which is unsigned, but if it were signed it, the multiplication
would indeed be in danger of creating a negative.


Actually if it was signed, the whole result would be undefined if
there was an overflow.  Oh by the way unsigned integers don't
overflow, they wrap.  I think the best solution is allow the programer
do the correct thing and have operator new assume what it gets as
being right.

-- Pinski

Follow-Ups:
- Re: Integer overflow in operator new
  - From: David Daney
- Re: Integer overflow in operator new
  - From: Lawrence Crowl

References:
- Integer overflow in operator new
  - From: Karl Chen
- Re: Integer overflow in operator new
  - From: J.C. Pizarro
- Re: Integer overflow in operator new
  - From: Karl Chen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]