[Cryptography] cryptography Digest, Vol 30, Issue 25
Nemo
nemo at self-evident.org
Sat Oct 24 14:15:16 EDT 2015
Bertrand Mollinier Toublet writes:
> I’m not buying it. I’ve just spent over an hour poring over the C99
> standard, and the best I could find is this:
C11 is current, but it doesn't matter; integer overflow is undefined in
every version of standard C and C++, ever.
> "6.3.1.3 Signed and unsigned integers
This section is talking about integral conversions, which do have
implementation-defined (not undefined) behavior.
You asked for chapter and verse of the C99 spec, so let's start with
section 3.4.3:
3.4.3
1 undefined behavior
behavior, upon use of a nonportable or erroneous program construct
or of erroneous data, for which this International Standard imposes
no requirements
...
3 EXAMPLE An example of undefined behavior is the behavior on
integer overflow.
So not only is integer overflow an example of undefined behavior, it is
the textbook example.
The formal language appears in section 6.5:
6.5 Expressions
...
5 If an _exceptional condition_ occurs during the evaluation of an
expression (that is, if the result is not mathematically defined or
not in the range of representable values for its type), the behavior
is undefined.
And of course, as some have been trying to explain, optimizing compilers
routinely take advantage of this. Trivial example:
int test(int x)
{
return x + 1 > x;
}
If you compile this with optimization enabled on any modern C or C++
compiler, you will find the resulting code returns 1 (true)
unconditionally (live example: http://goo.gl/F4piOm ). For example, even
though you might print out INT_MAX+1 and see a negative number,
test(INT_MAX) will still return true.
This sort of internal inconsistency is to be expected when you engage in
undefined behavior. The compiler assumes you don't, so when you do it
anyway, you introduce a falsehood into the compiler's reasoning. And
logic tells us that from falsehood, anything follows ("ex falso
quodlibet").
Undefined behavior is always a bug. Always.
- Nemo
https://self-evident.org/
More information about the cryptography
mailing list