Re: [Security-discuss] handling integer overflows

security-discuss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Security-discuss] handling integer overflows

From:	Paul Eggert
Subject:	Re: [Security-discuss] handling integer overflows
Date:	Mon, 24 Dec 2012 14:10:43 -0800
User-agent:	Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/17.0 Thunderbird/17.0

On 12/24/2012 08:31 AM, Nikos Mavrogiannopoulos wrote:

Wouldn't it be nicer if these were inline functions that perform
the multiplication and return an overflow flag? e.g.
int safe_mul(uint *res, uint a, uint b)


That might be a useful thing to have, too.
But it would have a couple of problems that
INT_MULTIPLY_OVERFLOW does not have.  In C, one would need
a function like safe_mul for every integer type of interest:
int, unsigned, long, unsigned long, time_t, dev_t, size_t,
off_t, etc.  And when mixing types, one would have to worry about
overflow when converting A or B to uint, a problem
that would occur before safe_mul began executing and
therefore a problem that safe_mul could not diagnose.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Security-discuss] handling integer overflows, Paul Eggert, 2012/12/24
- Re: [Security-discuss] handling integer overflows, Paul Eggert <=

Prev by Date: Re: [Security-discuss] handling integer overflows
Previous by thread: Re: [Security-discuss] handling integer overflows
Index(es):
- Date
- Thread