> * Andrew Pinski:
>
> > A simple loop like:
> > int foo ()
> > {
> >   int a[N];
> >   int i;
> >   int n;
> >
> >   for (i = 0; i <= n; i++)
> >       ca[i] = 2;
> > }
> >
> > we cannot find how many iterations it runs without knowing that signed
> > types overflow.
>
> In this case, the assumption is not needed because the lack of
> overflow can be inferred from the validity of the expression ca[i] for
> all relevant i.  However, in the general case, such information might
> not be available.  I wonder if it is feasible to duplicate the loop
> code, once for positive n, and once for negative, or if this would
> lead to too much code bloat in real-world applications.
>

this transformation exactly was proposed here:
http://gcc.gnu.org/ml/gcc-patches/2006-12/msg00695.html

dorit

> By the way, as I've tried to describe here:
> <http://cert.uni-stuttgart.de/advisories/c-integer-overflow.php>
> variable range tracking can result in reintroduction of
> supposedly-fixed security vulnerabilities. 8-(

Reply via email to