[Cryptography] [FORGED] Re: How programming language design can help us write secure crypto code

Jonathan Thornburg jthorn at astro.indiana.edu
Sun Nov 1 19:22:21 EST 2015


On Sun, Nov 01, 2015 at 06:49:26AM -0500, Watson Ladd wrote:
[[...]]
> What you should do is think about the semantics of the programming
> language, and realize compilers preserve those semantics. So what's
> being called for is an introduction of 2's complement semantics for
> signed integer overflow into C.  Alternatively you could pick a
> language that provides those semantics, or write a C compiler that
> provides these semantics.

Note that 'gcc -fwrapv' is such a compiler.  gcc introduced this option
in 2003 for gcc 3.3.  (gcc also provides two similar-but-not-quite-the-same
options, -fno-strict-overflow and -Wstrict-overflow.  See
  http://www.airs.com/blog/archives/120
for a nice discussion of the difference between these; the author is the
gcc developer who implemented these options.)

ciao,

-- 
-- Jonathan Thornburg <jthorn at astro.indiana.edu>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   "There was of course no way of knowing whether you were being watched
    at any given moment.  How often, or on what system, the Thought Police
    plugged in on any individual wire was guesswork.  It was even conceivable
    that they watched everybody all the time."  -- George Orwell, "1984"


More information about the cryptography mailing list