[Cryptography] GCC bug 30475 (was Re: bounded pointers in C)
Viktor Dukhovni
cryptography at dukhovni.org
Thu Apr 24 21:11:56 EDT 2014
On Thu, Apr 24, 2014 at 05:04:14PM -0700, Bear wrote:
> There are in fact conformant checks for signed overflow.
>
> For example, you can say
>
> if (MAXINT - al >= be) halt(2); // overflow check - not using assert()
> // because we want this check in
> // production code.
> ce = al + be; // addition guaranteed not to overflow.
That's nice, but how do I do that for an "off_t", or other typedefed
integral type, which has no explicit INTFOO_MAX macro?
Ideally something that does not introduce a C99 dependency and
works even with older ANSI C compilers.
--
Viktor.
More information about the cryptography
mailing list