Tom Truscott <[EMAIL PROTECTED]> writes:
> Here is an unintended bug I encountered recently, hopefully the "cert"
> warning will catch this one too.
>
> int okay_to_increment (int i)
> {
> if (i + 1 < i)
> return 0; /* adding 1 would cause overflow */
> return 1; /* adding 1 is safe */
> }
>
> Any sort of bug can cause a security vulnerability, so I recommend that gcc
> developers work harder on warning messages.
I can't tell whether you are joking or not, but as it happens we
already warn about this case with -Wall:
foo.c: In function ‘okay_to_increment’:
foo.c:3: warning: assuming signed overflow does not occur when assuming that (X
+ c) < X is always false
Ian
