Help stabilising mini-gmp

Vincent Lefevre vincent at vinc17.net
Thu Dec 1 17:35:04 UTC 2016


On 2016-11-25 18:39:28 +0100, Torbjörn Granlund wrote:
> I assume "undefined" means that the computer will not explode, or even
> cause any less dramatic security issues, or even terminate execution.

Compilers use the fact that undefined behavior must not occur to
do some optimizations, like removing what appears as dead code
(but actually isn't). So, this can yield crashes and security issues.
See for instance the invalid bug:

  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475
  "assert(int+100 > int) optimized away"

and the following article:

  https://lwn.net/Articles/575563/

So, with some codes that intended to detect buffer overflow or
integer overflow with code like the above one, the check was no
longer performed.

-- 
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


More information about the gmp-devel mailing list