unicodeobject.c from Python 2.5 assumes signed integer overflow in the
following code in unicode_expandtabs function :
i and j are signed integers (defined as ssize_t) :
[...]
else {
j++;
if (*p == '\n' || *p == '\r') {
i += j; <=== Possible overflow
old_j = j = 0;
if (i < 0) { <== Code won't work due to undefined overflow
PyErr_SetString(PyExc_OverflowError,
"new string is too long");
return NULL;
}
}
}
[...]
Now if I compile this file with -O3 -Wstrict-overflow=3 I got no warning
although undefined overflow occurs and code is miscompiled unless -fwrapv is
specified. I think gcc should be warning us here about undefined overflow.
--
Summary: Missing overflow diagnostic for Python 2.5's
unicodeobject.c
Product: gcc
Version: 4.3.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: ismail at pardus dot org dot tr
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=34843
