This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: US-CERT Vulnerability Note VU#162289

From: Tom Truscott <Tom dot Truscott at sas dot com>
To: "gcc at gcc dot gnu dot org" <gcc at gcc dot gnu dot org>
Date: Mon, 7 Apr 2008 16:32:40 -0400
Subject: Re: US-CERT Vulnerability Note VU#162289
Accept-language: en-US
Acceptlanguage: en-US

Here is an unintended bug I encountered recently, hopefully the "cert" warning will catch this one too.

   int okay_to_increment (int i)
   {
      if (i + 1 < i)
        return 0;  /* adding 1 would cause overflow */
      return 1;    /* adding 1 is safe */
   }

Any sort of bug can cause a security vulnerability, so I recommend that gcc developers work harder on warning messages.

Tom Truscott

Follow-Ups:
- Re: US-CERT Vulnerability Note VU#162289
  - From: Ian Lance Taylor
- Re: US-CERT Vulnerability Note VU#162289
  - From: David Daney

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]