Undefined-behavior overflows in GMP?

Roberto Bagnara bagnara at cs.unipr.it
Tue Nov 20 09:05:45 CET 2012


I have just finished reading "Understanding Integer Overflow in C/C++",
by Will Dietz, Peng Li, John Regehr, and Vikram Adve
(http://www.cs.utah.edu/~regehr/papers/overflow12.pdf).

On page 9, it says:

   Finally, we reported nine undefined overflows
   in the GNU Multiple Precision Arithmetic Library, one in
   BIND, and one in OpenSSL. We received no response from
   the developers of these three packages.

Talking about GMP alone, is this accurate and up to date?
Would it be possible to see the reports that were sent?
Thanks,

    Roberto

-- 
      Prof. Roberto Bagnara

Applied Formal Methods Laboratory - University of Parma, Italy
mailto:bagnara at cs.unipr.it
                               BUGSENG srl - http://bugseng.com
                               mailto:roberto.bagnara at bugseng.com


More information about the gmp-devel mailing list