[cfe-dev] A need for an "-fsanitize=integer-assign-overflow"

Yury Gribov y.gribov at samsung.com
Tue Jan 21 01:15:52 PST 2014

Are we talking about signed or unsigned overflows? Both may be useful 
but second isn't UB.

 > The question is whether it is worth implementing.

There are some CWEs for it:
* CWE-197: Numeric Truncation Error 
* CWE-192: Integer Coercion Error 


More information about the cfe-dev mailing list