[cfe-dev] A need for an "-fsanitize=integer-assign-overflow"
miroslav.fontan
miroslav.fontan at wincor-nixdorf.cz
Tue Jan 21 04:46:19 PST 2014
I mean both types of overflow, in both the data are lost.
For testing I created a template safe_cast, attaching demo code and the same
results I would like from the code translated with non-existent
"-fsanitize=integer-overflow-assign"
/* unsigned -> signed, overflow */
safe_cast<int8_t >(UINT32_MAX);
safe_cast<int16_t>(UINT32_MAX);
safe_cast<int32_t>(UINT32_MAX);
/* unsigned -> signed, no overflow */
safe_cast<int64_t>(UINT32_MAX);
/* unsigned -> unsigned, overflow */
safe_cast<uint8_t >(UINT64_MAX);
safe_cast<uint16_t>(UINT64_MAX);
safe_cast<uint32_t>(UINT64_MAX);
/* unsigned -> unsigned, no overflow on 64bits */
safe_cast<size_t >(UINT64_MAX);
/* unsigned -> unsigned, no overflow */
safe_cast<uint64_t>(UINT64_MAX);
/* signed -> unsigned, overflow */
safe_cast<uint8_t >((-1));
safe_cast<uint16_t>((-1));
safe_cast<uint32_t>((-1));
safe_cast<uint64_t>((-1));
safe_cast<size_t >((-1));
/* signed -> signed, overflow */
safe_cast<int8_t >(INT32_MIN);
safe_cast<int16_t>(INT32_MIN);
/* signed -> signed, no overflow */
safe_cast<int32_t>(INT32_MIN);
safe_cast<int64_t>(INT32_MIN);
> -----Original Message-----
> From: Yury Gribov [mailto:y.gribov at samsung.com]
> Sent: Tuesday, January 21, 2014 10:16 AM
> To: miroslav.fontan; 'David Blaikie'; 'Richard Smith'
> Cc: 'cfe-dev Developers'
> Subject: Re: [cfe-dev] A need for an "-fsanitize=integer-assign-
> overflow"
>
> Are we talking about signed or unsigned overflows? Both may be useful
> but second isn't UB.
>
> > The question is whether it is worth implementing.
>
> There are some CWEs for it:
> * CWE-197: Numeric Truncation Error
> (http://cwe.mitre.org/data/definitions/197.html)
> * CWE-192: Integer Coercion Error
> (http://cwe.mitre.org/data/definitions/192.html)
>
> -Y
More information about the cfe-dev
mailing list