Tom Truscott wrote:
Here is an unintended bug I encountered recently, hopefully the "cert" warning will catch this one too.int okay_to_increment (int i) { if (i + 1 < i) return 0; /* adding 1 would cause overflow */ return 1; /* adding 1 is safe */ } Any sort of bug can cause a security vulnerability, so I recommend that gcc developers work harder on warning messages.
Do you want warnings on all logic errors in your code, or only those that could cause a security vulnerability?
The first case is easy, but I don't know of a simple algorithm that can distinguish the second :-).
David Daney
