This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Security vulernarability or security feature?

Paolo Bonzini wrote: 
I think Java handles it OK for floats. I.e. Tests for positive
infinity and negative infinity etc.
I don't think Java handles it for integer maths.

Java integer math is mandated to have wrap-around semantics. So you can do something like

if ((b^c) > 0 && (a^c) < 0 && (a^b) < 0)
   overflow


yes, and naturally in typical Java code, we see every integer
addition that might overflow protected in this way :-) :-)

Of course in C you can do the same, you just have to cast to
unsigned if you are using signed int.

Paolo

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]