On Nov 6, 2011, at 4:36 PM, Warner Losh wrote: > On Nov 6, 2011, at 2:13 PM, Rui Paulo wrote: >> The only argument against this tautological check that I agree with is when >> the code is explicitly trying to be safe. If the developer checks for "i < >> 0" when indexing an array he/she is trying to guard against possible >> pitfalls in the future when someone suddenly decides to change the variable >> type to become signed. One possible security vulnerability was avoided >> because that developer checked for negative values. >> I'm against turning this off by default, but it should not cause an error. > > Except when you pass args back and forth between signed and unsigned and back > again. If you check < 0 in the middle, that's one more security bug you > thought you had fixed, but really you've done nothing with.
Of course, but in the context of the compiler checks this argument doesn't apply. Regards, -- Rui Paulo _______________________________________________ freebsd-toolchain@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-toolchain To unsubscribe, send any mail to "freebsd-toolchain-unsubscr...@freebsd.org"
