* Robert Dewar: > I am puzzled, why would *ANYONE* who knows C use int > rather than unsigned if they want wrap around semantics?
Both OpenSSL and Apache programmers did this, in carefully reviewed code which was written in response to a security report. They simply didn't know that there is a potential problem. The reason for this gap in knowledge isn't quite clear to me. Probably it's hard to accept for hard-code C coders that a program which generates correct machine code with all GCC versions released so far (modulo bugs in GCC) can still be illegal C and exhibit undefined behavior. IIRC, I needed quite some time to realize the full impact of this distinction.