By the way, as I've tried to describe here: <http://cert.uni-stuttgart.de/advisories/c-integer-overflow.php> variable range tracking can result in reintroduction of supposedly-fixed security vulnerabilities. 8-(
Interesting read. I agree with the proposed fix; however, note that GCC does not make the result of overflowing signed left-shifts undefined, exactly because in this case the overflow is relied upon by too many existing programs (and also because left shifts are inherently a bitwise operation, with well defined overflowing behavior on the most significant bits).
Paolo
