On Mon, Apr 07, 2008 at 01:28:21PM -0400, Robert C. Seacord wrote: > You are also right that the popularity of gcc is one of the reasons we > decided to publish on this. If you identify other compilers that a) are > relatively popular, b) have changed their behavior recently, and c) > silently optimize out overflow checks we will consider publishing > vulnerability notes for those compilers as well.
What is the justification for requirement b)? We identified two distinct proprietary compilers that also do this optimization, but it isn't a recent change in behavior.
