Ralph,
Comments below.
(a) Arithmetic overflows have historically been a significant source of
security vulnerabilities.
agreed.
(b) Recent versions of gcc (along with other compilers) contain an
optimisation that can *REMOVE* arithmetic overflows.
I am very interested in seeing how this optimization can remove
arithmetic overflows.
If you can send me an example of source code and instructions on how to
build, I would certainly be happy to promote this feature of gcc on our
secure coding web site.
Why is Cert advising people to avoid an optimisation that can ---
realistically, although probably rarely --- remove security
vulnerabilities?
If you are referring to VU#694123, this refers to an optimization that
removes checks pointer arithmetic wrapping. The optimization doesn't
actually eliminate the wrapping behavior; this still occurs. It does,
however, eliminate certain kinds of checks (that depend upon undefined
behavior).
Thanks,
rCs
