[Cryptography] [FORGED] Re: How programming language design can help us write secure crypto code

Watson Ladd watsonbladd at gmail.com
Sat Oct 24 16:44:25 EDT 2015


On Sat, Oct 24, 2015 at 2:15 PM, Mansour Moufid <mansourmoufid at gmail.com> wrote:
> On Sat, Oct 24, 2015 at 1:12 AM, Peter Gutmann
> <pgut001 at cs.auckland.ac.nz> wrote:
>
>> Bertrand Mollinier Toublet <crypto-metzdowd at bmt-online.org> writes:
>>
>>>In other words, your (generic your, not just you, Ray) beef is not with the
>>>language, but with the toolchains you happen to have at your disposal.
>>
>> Absolutely.  I'll note that compilers like MSVC, armcc, suncc, and IBM's xlc,
>> which follow exactly the same C standard that gcc does, don't break the code
>> in the same way that gcc does.  gcc is by far the worst compiler in terms of
>> code breakage.
>
> Those compilers have customers.  GCC has users.
>
> Regarding the previous example of integer operations which GCC claims
> are undefined behaviour: there are six formal semantics of C, not one
> agrees with GCC.  No reasonable reading of the standard does.

Does anyone have a minimal example on this list, and can point to the
formal semantics and the standard with enough detail to demonstrate
the existence of a gcc bug here?


-- 
"Man is born free, but everywhere he is in chains".
--Rousseau.


More information about the cryptography mailing list