[cfe-dev] A need for an "-fsanitize=integer-assign-overflow"
richard at metafoo.co.uk
Tue Jan 21 13:21:43 PST 2014
On Tue, Jan 21, 2014 at 1:15 AM, Yury Gribov <y.gribov at samsung.com> wrote:
> Are we talking about signed or unsigned overflows? Both may be useful but
> second isn't UB.
The subject is not overflow, it's truncating conversion. The semantics here
are well-defined -- for a conversion to unsigned, they're defined in the
language standard, and for a conversion to signed, they're
implementation-defined. In the latter case, essentially all modern
implementations define the conversion as a 2s complement truncation.
So... neither of these belong in -fsanitize=undefined. They might make
sense in -fsanitize=integer, though.
> > The question is whether it is worth implementing.
> There are some CWEs for it:
> * CWE-197: Numeric Truncation Error (http://cwe.mitre.org/data/
> * CWE-192: Integer Coercion Error (http://cwe.mitre.org/data/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cfe-dev