[Cryptography] [FORGED] Re: How programming language design can help us write secure crypto code
Watson Ladd
watsonbladd at gmail.com
Sat Oct 24 16:44:25 EDT 2015
On Sat, Oct 24, 2015 at 2:15 PM, Mansour Moufid <mansourmoufid at gmail.com> wrote:
> On Sat, Oct 24, 2015 at 1:12 AM, Peter Gutmann
> <pgut001 at cs.auckland.ac.nz> wrote:
>
>> Bertrand Mollinier Toublet <crypto-metzdowd at bmt-online.org> writes:
>>
>>>In other words, your (generic your, not just you, Ray) beef is not with the
>>>language, but with the toolchains you happen to have at your disposal.
>>
>> Absolutely. I'll note that compilers like MSVC, armcc, suncc, and IBM's xlc,
>> which follow exactly the same C standard that gcc does, don't break the code
>> in the same way that gcc does. gcc is by far the worst compiler in terms of
>> code breakage.
>
> Those compilers have customers. GCC has users.
>
> Regarding the previous example of integer operations which GCC claims
> are undefined behaviour: there are six formal semantics of C, not one
> agrees with GCC. No reasonable reading of the standard does.
Does anyone have a minimal example on this list, and can point to the
formal semantics and the standard with enough detail to demonstrate
the existence of a gcc bug here?
--
"Man is born free, but everywhere he is in chains".
--Rousseau.
More information about the cryptography
mailing list