Mailinglist Archive: opensuse-bugs (4498 mails)

< Previous Next >
[Bug 964182] python has multiple bogus integer overflow checks
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 02 Feb 2016 08:57:15 +0000
  • Message-id: <bug-964182-21960-qtNTfcpIOA@http.bugzilla.novell.com/>
http://bugzilla.novell.com/show_bug.cgi?id=964182
http://bugzilla.novell.com/show_bug.cgi?id=964182#c6

Sebastian Krahmer <krahmer@xxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Flags|needinfo?(krahmer@xxxxxxxx) |

--- Comment #6 from Sebastian Krahmer <krahmer@xxxxxxxx> ---
Hm. Looks like the "solution" is just casting it to an unsigned
type because the C standard says that unsigned may wrap cleanly,
so you could check afterwards that it happened?

Thats still not a good idea. Any integer wrap checks have
to be done beforehand:

(from CERT)
https://www.securecoding.cert.org/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap

Thats also because your division afterwards could trigger a div-by-0
exception.

Above URL has an example how to do it right. Example is on unsigned
ints, but there also exist a coding rule for signed ints.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >