On 2016-11-25 18:39:28 +0100, Torbjörn Granlund wrote:
> I assume "undefined" means that the computer will not explode, or even
> cause any less dramatic security issues, or even terminate execution.

Compilers use the fact that undefined behavior must not occur to
do some optimizations, like removing what appears as dead code
(but actually isn't). So, this can yield crashes and security issues.
See for instance the invalid bug:

  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475
  "assert(int+100 > int) optimized away"

and the following article:

  https://lwn.net/Articles/575563/

So, with some codes that intended to detect buffer overflow or
integer overflow with code like the above one, the check was no
longer performed.

-- 
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
_______________________________________________
gmp-devel mailing list
gmp-devel@gmplib.org
https://gmplib.org/mailman/listinfo/gmp-devel

Reply via email to