Marc Glisse <marc.gli...@inria.fr> writes: On Tue, 20 Nov 2012, Roberto Bagnara wrote: > I have just finished reading "Understanding Integer Overflow in C/C++", > by Will Dietz, Peng Li, John Regehr, and Vikram Adve > (http://www.cs.utah.edu/~regehr/papers/overflow12.pdf). > > On page 9, it says: > > Finally, we reported nine undefined overflows > in the GNU Multiple Precision Arithmetic Library, one in > BIND, and one in OpenSSL. We received no response from > the developers of these three packages. > > Talking about GMP alone, is this accurate and up to date? > Would it be possible to see the reports that were sent? on gmp-bugs: Date: Fri, 20 Aug 2010 21:34:40 -0600
Here: http://gmplib.org/list-archives/gmp-bugs/2010-August/002019.html I don't think these things are truly alarming. The C standard defines lots of thing wrt signed integer types as undefined. We avoid most of them, but not all. This is not a practical problem. The only related thing we should really avoid is right-shift of signed types. When I now look at mpz/cmp.c and cannot correlate any of the reported problems with the code. -- Torbjörn _______________________________________________ gmp-devel mailing list gmp-devel@gmplib.org http://gmplib.org/mailman/listinfo/gmp-devel