[Bug c/98168] Optimization that can lead to security vulnerabilities

msebor at gcc dot gnu.org via Gcc-bugs Mon, 07 Dec 2020 08:02:47 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98168


Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |msebor at gcc dot gnu.org

--- Comment #2 from Martin Sebor <msebor at gcc dot gnu.org> ---
CERT Secure Coding Standard rule "INT32-C. Ensure that operations on signed
integers do not result in overflow" shows a number of helpful examples of how
to detect and prevent signed overflow in integer arithmetic: 
https://wiki.sei.cmu.edu/confluence/x/UtYxBQ

GCC provides a number of efficient intrinsics to do the same:
https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html

[Bug c/98168] Optimization that can lead to security vulnerabilities

Reply via email to