security-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Security-discuss] handling integer overflows


From: Paul Eggert
Subject: Re: [Security-discuss] handling integer overflows
Date: Mon, 24 Dec 2012 14:10:43 -0800
User-agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/17.0 Thunderbird/17.0

On 12/24/2012 08:31 AM, Nikos Mavrogiannopoulos wrote:
Wouldn't it be nicer if these were inline functions that perform
the multiplication and return an overflow flag? e.g.
int safe_mul(uint *res, uint a, uint b)

That might be a useful thing to have, too.
But it would have a couple of problems that
INT_MULTIPLY_OVERFLOW does not have.  In C, one would need
a function like safe_mul for every integer type of interest:
int, unsigned, long, unsigned long, time_t, dev_t, size_t,
off_t, etc.  And when mixing types, one would have to worry about
overflow when converting A or B to uint, a problem
that would occur before safe_mul began executing and
therefore a problem that safe_mul could not diagnose.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]