This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Signed int overflow behavior in the security context

From: prj at po dot cwru dot edu (Paul Jarc)
To: Paul Schlie <schlie at comcast dot net>
Cc: <gcc at gcc dot gnu dot org>
Date: Sun, 28 Jan 2007 13:04:12 -0500
Subject: Re: Signed int overflow behavior in the security context
References: <C1E1B806.FB1C%schlie@comcast.net>

Paul Schlie <schlie@comcast.net> wrote:
> if it has an indeterminate value [...] has no bearing on an rvalue
> access to a well defined storage location

You might think so, but that's actually not true in the C standard's
terminology.  It sounds like you interpret "indeterminate value" to
mean what the standard defines as "unspecified value" (3.17.3): "valid
value of the relevant type where this International Standard imposes
no requirements on which value is chosen in any instance".  But
"indeterminate value" is defined differently (3.17.2), and any
reasoning based on your common-sense understanding of the term,
instead of the standard's definition of it, has no relevance to the
standard.  The standard is not intuitive; it can only be understood by
careful reading.

The key concept that you seem to be missing is trap representations.
See 6.2.6.1p5, also keeping in mind that "lvalue", as used in the
standard, probably means something slightly different from what you
might expect; see 6.3.2.1p1.

paul

Follow-Ups:
- Re: Signed int overflow behavior in the security context
  - From: Paul Schlie

References:
- Re: Signed int overflow behavior in the security context
  - From: Paul Schlie

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]