Rainer Emrich wrote:
http://www.kb.cert.org/vuls/id/162289
Any comments?
See http://www.airs.com/blog/archives/120 for a good blog post by Ian
Lance Taylor about this issue. -Wstrict-overflow=5 can be used to find
cases where optimizations break not standard specified overflow cases,
since GCC 4.2.
Also, -ftrapv is a little broken and may have false negatives. On the
other hand, -fwrapv should not cause any problems.
If you find that -fwrapv hinders performance of your application, you
can also try "-fwrapv -funsafe-loop-optimizations
-Wunsafe-loop-optimizations". This will restrict overflow assumptions
to those needed to optimize loops, and also warn whenever the compiler
made this kind of assumptions. You can then audit any warning that you
get to see if they have security implications for your application.
Paolo
