Ketil Malde wrote:
I'd really like to have errors on overflow, at least as an option, even if it is costly in terms of performance. Is there a Trac ticket or something for this?
Not that I know of. I filed a Trac ticket against ByteString's readInt function before I noticed that read has the same problem, and it was closed because read does the same thing. I've been reluctant to pop my head over the parapet since.
CPUs generally don't trap on integer overflow, so generating the additional tests and jumps necessary to handle this would be a bit involved, and would certainly cost a few percent in performance. There's also overflow in truncation and sign conversions to worry about, e.g. Word32 -> Word16, Word32 -> Int (on 32-bit systems), etc.
On the other hand, integer overflows have long been a popular attack vector for getting programs to misbehave in the exploit community. If you Google for "ia32 integer overflow" or "i386 integer overflow", the first several *pages* of results in each case consist entirely of security advisories. Haskell's FFI makes it as vulnerable as the libraries it interfaces to.
Here's a cute-looking paper entitled "Efficient and accurate detection of integer-based attacks".
http://www.cs.cmu.edu/~dbrumley/pubs/integer-ndss-07.pdf <b _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
