On 04.04.2018 21:12, Paul Eggert wrote:
> On 04/04/2018 12:45 AM, Tim Rühsen wrote:
>> reducing false positives > would be of great help to reduce time
>> spent into securing code that
> > uses gnulib.
> Yes, and Gnulib tries to strike a balance here. For Gnulib headers, we
> try harder to pacify
On 04/04/2018 12:45 AM, Tim Rühsen wrote:
reducing false positives > would be of great help to reduce time spent into securing code that
> uses gnulib.
Yes, and Gnulib tries to strike a balance here. For Gnulib headers, we
try harder to pacify compilers even if we think their warnings are
mis
On 04/03/2018 11:45 PM, Bruno Haible wrote:
> Eric Blake wrote:
>> What are the clang developers using as their justification
>> for this warning?
>
> Quoting the clang documentation [1]:
>
> "-fsanitize=unsigned-integer-overflow:
>Unsigned integer overflows. Note that unlike signed integer
Eric Blake wrote:
> What are the clang developers using as their justification
> for this warning?
Quoting the clang documentation [1]:
"-fsanitize=unsigned-integer-overflow:
Unsigned integer overflows. Note that unlike signed integer overflow,
unsigned integer is not undefined behavior.
On 04/03/2018 04:03 PM, Paul Eggert wrote:
> On 04/03/2018 01:47 PM, Tim Rühsen wrote:
>> This is expected behavior but still it rings the 'alarm bell'.
>
> My kneejerk reaction is that the code has well-defined behavior and I'd
> rather that developers didn't use -fsanitize=unsigned-integer-overf
On 04/03/2018 01:47 PM, Tim Rühsen wrote:
This is expected behavior but still it rings the 'alarm bell'.
My kneejerk reaction is that the code has well-defined behavior and I'd
rather that developers didn't use -fsanitize=unsigned-integer-overflow.
For Gnulib, that flag is more trouble than i
When running with clang's sanitizing on, there is a UB runtime error
triggered in sha256.c.
This is expected behavior but still it rings the 'alarm bell'.
This patch suppresses it:
diff --git a/lib/sha256.c b/lib/sha256.c
index 85405b20f..cf161c65c 100644
--- a/lib/sha256.c
+++ b/lib/sha256.c
